10-K 1 spparent-20250131x10k.htm 10-K Document
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
________________________________________________________________
FORM 10-K
________________________________________________________________
(Mark One)
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the fiscal year ended January 31, 2025
or
 
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the transition period from                      to
Commission file number 001-42522
________________________________________________________________
SailPoint, Inc.
(Exact name of registrant as specified in its charter)
________________________________________________________________
Delaware
(State or other jurisdiction of
incorporation or organization)
11120 Four Points Drive, Suite 100
Austin, TX
(Address of principal executive offices)
88-2001765
(I.R.S. Employer
Identification No.)
78726
(Zip Code)
Registrant’s telephone number, including area code: (512) 346-2000
________________________________________________________________
Securities registered pursuant to Section 12(b) of the Act:
Title of each classTrading Symbol(s)Name of each exchange on which registered
Common stock, par value $0.0001 per shareSAILThe Nasdaq Stock Market LLC
Securities registered pursuant to Section 12(g) of the Act:  None
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ¨    No x
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ¨    No x
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ¨   No x
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes ¨    No ¨
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
Large accelerated filerAccelerated filer
Non-accelerated filer
x
Smaller reporting company
Emerging growth company
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  ¨
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.  ¨
If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in the filing reflect the correction of an error to previously issued financial statements. ¨
Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the registrant's executive officers during the relevant recovery period pursuant to §240.10D-1(b). ¨
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes     No x
The registrant was not a public company as of July 31, 2024, the last business day of its most recently completed second fiscal quarter, and therefore, cannot calculate the aggregate market value of its voting and non-voting common equity held by non-affiliates as of such date. The registrant’s common stock began trading on the Nasdaq Global Select Market on February 13, 2025.
The registrant had 556,575,093 shares of common stock outstanding as of March 21, 2025.
DOCUMENTS INCORPORATED BY REFERENCE
None

1
SailPoint, Inc.
Annual Report on Form 10-K

Table of Contents
Page
Special Note About Forward-Looking Statements1
Summary of Principal Risk Factors2
Item 1.
Item 1A.
Item 1B.
Item 1C.
Item 2.
Item 3.
Item 4.
Item 5.
Item 6.
Item 7.
Item 7A.
Item 8.
Item 9.
Item 9A.
Item 9B.
Item 9C.
Item 10.
Item 11.
Item 12.
Item 13.
Item 14.
Item 15.
Item 16.

i
SPECIAL NOTE ABOUT FORWARD-LOOKING STATEMENTS
This Annual Report on Form 10-K (this “Annual Report”) contains forward-looking statements within the meaning of, and we intend such forward-looking statements to be covered by, the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. You can identify forward-looking statements by the fact that they do not relate strictly to historical or current facts, and these statements may include words such as “anticipate,” “estimate,” “expect,” “project,” “plan,” “intend,” “believe,” “may,” “will,” “should,” “can have,” “likely,” and other words and terms of similar meaning. For example, all statements we make relating to our estimated and projected costs, expenditures, cash flows, growth rates, and financial results or our plans and objectives for future operations, growth initiatives, or strategies are forward-looking statements.
Because forward-looking statements relate to the future, they involve substantial risks and uncertainties, and you should not rely upon forward-looking statements as predictions of future events or place undue reliance thereon. We derive many of our forward-looking statements from our operating budgets and forecasts, which are based on many detailed assumptions. While we believe that our assumptions are reasonable, we caution that it is very difficult to predict the impact of known factors, and it is impossible for us to anticipate all factors that could affect our actual results. Important factors that could cause actual results to differ materially from our expectations include the following:
our ability to sustain historical growth rates;
our ability to attract and retain customers and to deepen our relationships with existing customers;
the growth in the market for identity security solutions;
our ability to maintain successful relationships with our channel partners;
the length and unpredictable nature of our sales cycle;
our ability to compete successfully against current and future competitors;
the increasing complexity of our operations;
our ability to maintain and enhance our brand or reputation as an industry leader and innovator;
unfavorable conditions in our industry or the global economy;
our estimated market opportunity and forecasts of our market and market growth may prove to be inaccurate;
our ability to hire, retain, train, and motivate our personnel and our ability to maintain our corporate culture;
our ability to successfully introduce, use, and integrate artificial intelligence ("AI") with our solutions;
breaches in our security, cyber attacks, or other cyber risks;
interruptions, outages, or other disruptions affecting the delivery of our software as a service ("SaaS") solution or any of the third-party cloud-based systems that we use in our operations;
our ability to adapt and respond to rapidly changing technology, industry standards, regulations, or customer needs, requirements, or preferences;
real or perceived errors, failures, or disruptions in our platform or solutions;
the ability of our platform and solutions to effectively interoperate with our customers’ existing or future information technology ("IT") infrastructures;
our ability to comply with our privacy policy or related legal or regulatory requirements;
the impact of various tax laws and regulations, including our failure to comply therewith; and
other factors disclosed in the section titled “Risk Factors” and elsewhere in this Annual Report.
Any forward-looking statements made by us is based only on information available to us as of the date on which such statements are made and speaks only as of such date. We undertake no obligation to update any forward-looking statements made in this Annual Report to reflect events or circumstances after such date or to reflect new information or the occurrence of unanticipated events, except as required by law. Our forward-looking statements do not reflect the potential impact of any future acquisitions, mergers, dispositions, joint ventures or investments we may make.
All written and oral forward-looking statements attributable to us, or persons acting on our behalf, are expressly qualified in their entirety by these cautionary statements as well as other cautionary statements that are made from time to time in our other filings with the Securities and Exchange Commission (the “SEC”) and other public communications.

1
SUMMARY OF PRINCIPAL RISK FACTORS

The following is a summary of the principal risk factors that could materially adversely affect our business, financial condition, and results of operations and, consequently, make an investment in us risky:
We have experienced rapid growth in recent periods, and our recent growth rates may not be indicative of our future growth.
Our future revenues and operating results will be harmed if we are unable to acquire new customers, if our customers do not renew their arrangements with us, if we are unable to expand sales to our existing customers, or if we are unable to develop new solutions that achieve market acceptance.
If the market for identity security solutions does not grow, our ability to grow our business and our results of operations may be adversely affected.
If we are unable to maintain successful relationships with our channel partners, our ability to market, sell, distribute, and implement our solutions will be limited, and our business, financial condition, and operating results would be adversely affected.
Our quarterly results fluctuate significantly and may not fully reflect the underlying performance of our business.
Our sales cycle is long and unpredictable, and our sales efforts require considerable time and expense.
We face intense competition in our market, both from larger, well-established companies and from emerging companies, and we may lack sufficient financial and other resources to maintain and improve our competitive position.
We anticipate that our operations will continue to increase in complexity as we grow, which will add additional challenges to the management of our business in the future.
If we are not able to maintain and enhance our brand or reputation as an industry leader and innovator, our business and operating results may be adversely affected.
Our success depends on the experience and expertise of our senior management team and key employees. If we are unable to hire, retain, train, and motivate our personnel, or to maintain our corporate culture, our business, operating results, and prospects may be harmed.
Our introduction and use of AI, and the integration of AI with our solutions, may not be successful and may present business, compliance, and reputational challenges, which could lead to operational or reputational damage, competitive harm, legal and regulatory risk, and additional costs, any of which could adversely affect our business, financial condition, and results of operations.
Our ability to introduce new identity security solutions and features is dependent on adequate research and development resources and our ability to successfully complete acquisitions. If we do not adequately fund our research and development efforts or complete acquisitions successfully, we may not be able to compete effectively, and our business and results of operations may be harmed.
Cyber attacks or other cybersecurity breaches, incidents, or disruptions with respect to our networks, systems, or applications, including unauthorized access to, or disclosure or other processing of, our proprietary, confidential, or sensitive information, including personal information, could disrupt our operations, compromise sensitive information related to our business or personal information processed by us or on our behalf, and expose us to liability, which could harm our reputation and adversely affect our business, financial condition, and results of operations, and as we grow, we may become a more attractive target for cyber attacks.
Interruptions, outages, or other disruptions affecting the delivery of our SaaS solution, or any of the third-party cloud-based systems that we use in our operations, may adversely affect our business, operating results, and financial condition.
Real or perceived errors, failures or disruptions in our platform and solutions could adversely affect our customers’ satisfaction with our solutions and/or our industry reputation and business could be harmed.
Thoma Bravo (as defined below) controls us, and its interests may conflict with ours or yours in the future.

We describe these and other material risks relating to an investment in us in greater detail under Part I, Item 1A, “Risk Factors.”


2

PART I
ITEM 1. BUSINESS
Overview
SailPoint, Inc. (together with its consolidated subsidiaries, as appropriate, “SailPoint,” the “Company,” “our” or “we”) delivers solutions to enable comprehensive identity security for the enterprise. We do this by unifying identity data across systems and identity types, including employee identities, non-employee identities, and machine identities. Our SaaS and customer-hosted offerings leverage intelligent analytics to provide organizations with critical visibility into which identities currently have access to which resources, which identities should have access to those resources, and how that access is being used. Our solutions enable organizations to establish, control, and automate policies that help them define and maintain a robust security posture and achieve regulatory compliance. Powered by AI, our solutions enable organizations to overcome the scale and complexity of managing identities in real-time across dynamic, complex IT environments.

The evolving threat landscape requires a more comprehensive identity security approach than ever before. The number of cyber attacks continues to increase at an accelerating rate, fueled in part by the adoption of AI by threat actors. In 2023, 90% of organizations surveyed experienced an identity-related incident according to Identity Defined Security Alliance. In June 2024, a significant volume of data was stolen via compromised login credentials from customers of a data warehouse, including data from a large ticketing company and a major bank. Hacking groups extensively use compromised identities in their operations, conducting spear-phishing campaigns to access email accounts, harvesting multifactor authentication codes, and leveraging compromised service accounts to infiltrate victims. Once compromised, insufficiently governed identities enable attacks to access sensitive applications and data, presenting a significant risk to organizations.

Identity security is complicated by an evolving and increasingly complex IT environment. Increasingly distributed and remote workforces, the proliferation of infrastructure as a services and SaaS applications, and an explosion of data have significantly contributed to this new IT paradigm. Non-employee and machine identities, AI-enabled or otherwise, are driving a significant expansion in the number and scope of identities that organizations must manage.

Organizations lack both the people and expertise needed to manage complex ecosystems, and the personnel and skills gap is widening as identity sprawl continues to proliferate. These factors are further exacerbated by regulatory trends toward greater data privacy requirements, leading organizations to demand more effective solutions for managing identity and data security risk.

We believe identity is core to enterprise security. We pioneered the market for enterprise identity governance almost two decades ago, and our leadership in the sector has been recognized by independent research firms. From this foundation, we have evolved our offerings to address the most challenging dimensions of identity security today.

During our nearly 20-year history, we have continuously evolved our offerings to address the most pressing challenges in identity security. We offer multiple identity solutions to meet the diverse needs of our customers across a full range of deployment options. The SailPoint Identity Security Cloud is built on our unified Atlas platform and enables organizations to consume our identity solution as a SaaS offering. IdentityIQ is our customer-hosted identity security solution and meets the needs of organizations that are not able or ready to implement a SaaS solution.

Our Identity Security Cloud, built on Atlas, enables organizations to deliver the critical elements needed to build, maintain, and scale a strong, enterprise-class, identity security environment. Our solutions address nearly all types of systems and identities, including data and applications, employee identities, non-employee identities, and machine identities, and enable smarter access decisions, improve business processes, and provide deeper understanding of identity and access.

Our solutions are underpinned by several key differentiators:

Our modular, extensible, and scalable Atlas platform, with its unified architecture and deep integration capability, provides us with the foundation for continued product innovation;

Our Identity Cube provides a 360-degree view of every enterprise identity, enabling a multidimensional approach to access management that encompasses various aspects of identity such as attributes, entitlements, and effective permissions; and

3
Our use of AI and automation throughout our platform enhances decision-making, accelerates risk detection, and delivers seamless integrations.

Our customers include many of the world’s largest and most complex organizations, including large enterprises across all major verticals and governments. Our go-to-market approach consists primarily of tailored customer engagement strategies by market segment, which we believe is critical to ensuring successful implementation and ongoing customer success. Most new customers purchase one of our SaaS suites. We focus on expanding our customer relationships over time with significant up-selling and cross-selling opportunities, including suite upgrades and additional products.
Our Growth Strategy
Drive New Customer Growth

We believe we have a significant opportunity to accelerate the growth of our customer base as countless organizations still use a combination of legacy solutions and home-grown tools. We estimate that over 60% of organizations in our target market still have a fragmented identity experience or use a mostly manual process based on our internal research. To continue to grow our customer base, we intend to enhance our marketing efforts, increase our sales capacity and productivity, and expand and further leverage our use of channel partners.

Expand Existing Customer Relationships

Our customer base of approximately 2,975 organizations, as of January 31, 2025, provides significant expansion opportunities. The evolving threat landscape, increasing complexity of the IT environment, and number and scope of identities require a more comprehensive identity security approach than ever before. As our customers adopt new technologies such as AI, continue to add non-employee and machine identities, and implement more comprehensive identity security strategies, we see a substantial opportunity to increase our relationships with existing customers through the increased adoption of our solutions. We have invested in enhancing our solutions by organically adding capabilities including data access governance, activity management, application onboarding, identity threat detection, and response and cloud identity entitlement management as well as inorganically adding non-employee risk management and privilege access governance through our acquisitions of SecZetta and Osirium.

Continue to Leverage and Expand Network of Partners and Alliances

Our go-to-market partners and alliances help us extend our reach, serve our customers more effectively, and expand our addressable market. We see a significant opportunity to increase the number of customers we can serve through our systems integrator and managed service proMSP partnerships. Additionally, our technology alliance partners help us extend our reach throughout a customer’s IT environment with integrations with products like Amazon Web Services ("AWS"), CyberArk, Proofpoint, SAP, and ServiceNow.

Expand our Global Footprint

Today, we offer our solutions in more than 60 countries. During the years ended January 31, 2025 and 2024, we generated 32% of our revenue from outside of the United States. We believe there is a significant opportunity to deepen our existing global footprint and drive incremental sales and new client acquisitions in new territories by leveraging our existing relationships with global system integration and channel partners.

Continue to Innovate and Expand Our Portfolio

We built a reputation as an innovator and leader in identity security. We recently launched new offerings in non-employee risk management, data access security, access risk management, and cloud infrastructure entitlement management. We are investing in AI, both to increase the capabilities of our solutions, as well as to help our customers protect their organizations while adopting AI for their own use cases. We intend to continue investing to extend our position as the leader in identity security by developing or acquiring new products and technologies and extending our portfolio into additional identity security use cases.

Our Products

4
Identity Security Cloud

SailPoint Identity Security Cloud is our cloud-based identity security solution, which allows organizations to centrally discover, manage, and secure all enterprise identity types, and the data and cloud infrastructure associated with them. This offering is built on Atlas, our unified, extensible, multi-tenant SaaS platform. The Atlas platform enables Identity Security Cloud to unify several capabilities into a single pane of glass and is extensible to allow for the development of new capabilities and modules over time. Throughout our SaaS transformation, we were intentional in taking a longer and more expensive path, decomposing logic that held key intellectual property and rebuilding those same components in a new scalable micro-services-based architecture, to ensure our ability to maximize customer value into the future. Atlas serves as the foundation for SailPoint Identity Security Cloud and delivers the critical elements needed to build, maintain, and scale a strong, enterprise-class identity security program. The platform is designed to utilize AI to enable rapid development and easy integration into new capabilities, acquired technologies, and customer environments. After our significant investment, we have developed our Identity Security Cloud solution to meet the most stringent identity governance requirements and provide enterprise-grade service that meets our customers scalability, performance, availability, and security demands.

Our Identity Security Cloud features a set of fully integrated capabilities, including: 

Lifecycle Management: Empowers organizations to securely and cost-effectively manage access to applications and data throughout a business user’s lifecycle within an organization, reducing risk to the business, brand, and bottom-line. Whether that business user is an employee, contractor, or business partner, our self-service access request capability empowers business users to take an active role in managing changes to their access through an intuitive user interface, greatly reducing the burden on security and IT organizations. With our offerings, business users can actively change user access through automatic provisioning via a large library of direct connectors for thousands of applications such as Workday and SAP or synchronization with IT service management solutions such as ServiceNow.

Compliance Management: Supports the improvement of compliance and audit performance while lowering costs related to compliance professionals and regulatory expenses. It provides user friendly access certifications and automated policy management controls, such as segregation of duty violation reporting, that are designed to simplify and streamline audit processes across all applications and data. With built-in audit reporting and analytics, IT, business, and audit teams now have critical visibility into, and management over, all compliance activities in the organization.

Access Modeling: Enables customers to quickly create and implement enterprise roles to support a least privilege model, providing a smarter way to build, maintain, and optimize roles with continual adjustment of access across the organization. Through core features such as common access roles, role discovery and insights, and peer group analysis, our AI-based capability allows organizations to grant access on a strictly as-needed basis, developing effective access models that support appropriate business user access without compromising security.

Analytics: Leverages AI to turn vast quantities of data including attributes, roles, and history into actionable insights to make better decisions faster, spot risky access sooner, and improve overall business security. In addition to tracking, reporting, and gauging the value of an organization’s identity security program, this capability provides an audit trail and complete visibility into access changes and historical information on entitlements, roles, and governance. With our analytics offering, customers can view activity data at the application level, compare usage with peers, and discover identities with access anomalies.

In addition to the core integrated capabilities, organizations can extend the value of our Identity Security Cloud with additional products, including:

Non-Employee Risk Management: Enables organizations to streamline the administration of non-employee identity lifecycles to enhance third-party security and data integrity and support regulatory compliance. Our Non-Employee Risk Management offering implements comprehensive risk-based identity access for all third-party non-employee identities, including contractors, partners, and vendors. SailPoint Non-Employee Risk Management extends advanced identity security controls to provide visibility and security into the complex and dynamic lifecycles of non-employee identities. The module features flexible workflows and customizable forms to streamline process and enable seamless collaboration between internal and external parties.

Data Access Security: Secures access to the growing amount of unstructured data stored in cloud storage systems to empower organizations to discover, govern, and secure crucial unstructured data and protect it from critical security
5
risks. Designed as an integrated SaaS solution with Identity Security Cloud, our Data Access Security offering delivers enhanced intelligence on critical data to improve data security posture, reduce risk, and streamline compliance efforts. With this offering, security teams are able to proactively uncover and remediate hidden data risks with automated data discovery and classification, built-in governance workflows, and out-of-the-box governance policies, increasing their productivity and radically improving their visibility into pivotal organization data.

Password Management: Provides business users an intuitive, self-service experience for managing and resetting passwords from any device and from anywhere, reducing the reliance on IT and security staff, and enforcing greater password security. Our Password Management offering enforces consistent and secure password policies for all users across all systems from the cloud to the data center by detecting password changes initiated outside of the Identity Security Cloud and synchronizing them to maintain a stronger organization-wide password security posture. Offering a self-service model, business users are able to reset, change, or recover passwords, allowing them to stay connected and productive while enhancing the security of the broader organization.

Access Risk Management: Enables organizations to eliminate fraud, optimize compliance processes, and ensure audit readiness by unifying identity security controls and Separation of Duties monitoring across enterprise resource planning ("ERP") and other apps in the business ecosystem. Our offering effectively centralizes access risk governance by providing seamless GRC integration and extensive enterprise visibility to forecast and prevent Separation of Duties violations across an organization’s ERP systems such as SAP. With Access Risk Management, organizations can automate access reviews, document risk mitigation controls, oversee emergency access, conduct proactive risk simulations, and effortlessly maintain compliance to reduce audit deficiencies and breaches.

Cloud Infrastructure Entitlement Management ("CIEM"): Empowers organizations to extend identity security to their cloud infrastructure, including AWS, Google Cloud Platform (“GCP”), and Microsoft Azure, to ensure compliance and security throughout their entire technology ecosystem. CIEM enables customers to discover, manage, govern, and remediate enterprise cloud infrastructure access with a single approach, gaining deeper understanding of their cloud resources and better visibility into their business user’s cloud privileges. Leveraging AI, CIEM enables cloud resource entitlement permissioning, not only on an access level, but on an action level, determining a business users' ability to read, write, and administrate cloud data.

Privileged Task Automation: Enables organizations to automate and delegate the execution of repeatable privileged tasks. Privileged task automation (“PTA”) allows users to execute common privileged tasks without sharing privileged credentials or the need for a privileged session by providing a centralized repository, low-code automation, and out-of-the-box templates for privileged task workflows. With PTA, organizations can reduce their reliance on advanced privileged access capabilities and empower general IT staff to provide better service, accelerate adoption, and improve productivity.

Machine Identity Security: Enables organizations to achieve governance, compliance, and security outcomes for machine accounts. With machine identity security (“MIS”), organizations can discover, classify, assign, certify, and oversee ownership of service accounts, bots, and other machine accounts with minimal configuration adjustments and without extensive manual processes. MIS consolidates the securing of machine accounts to allow for full lifecycle coverage and reduces the risk of orphaned or unmanaged accounts. With an intuitive interface, MIS can assign human owners, periodically and consistently review configuration, and remain compliant across their IT infrastructure while safeguarding critical systems.

IdentityIQ

IdentityIQ is our customer-hosted identity security solution providing large, complex customers, who are highly interested in data localization in territories where we do not host our cloud software, a unified and highly configurable identity security solution. While many organizations have migrated to a cloud hosted solution for the majority of their enterprise software needs, we recognize there is a limited set of customers who remain in need of a self-hosted solution and maintain our IdentityIQ solution to continue to provide service for those customers. IdentityIQ consistently applies business and security policies as well as role and risk models across applications and data on premises or hosted in the cloud. IdentityIQ allows organizations to empower users to request and gain access to enterprise applications and data while managing compliance using automated access certifications and policy management.

Similar to our Identity Security Cloud offering, we package and price IdentityIQ into capabilities with unique functionality, including:
6

Lifecycle Manager

Compliance Manager

Connectors and Integrations: Provides organizations with the ability to connect to applications, mainframes, cloud infrastructure, and data sources from across a hybrid IT environment to centrally manage and control access, enforce consistent policies, and understand risks. Connectivity to additional mission-critical software and systems provides essential visibility into an organizations entire IT ecosystem and provides our IdentityIQ customers with the integrated functionality necessary to effectively address the vast number of applications incorporated into the modern enterprise stack.

In addition to the core IdentityIQ capabilities, organizations can extend the value of the solutions with additional products, including:

File Access Manager: Secures access to the growing amount of data stored in file servers, collaboration portals, mailboxes, and cloud storage systems to equip organizations with the ability to quickly identify and mitigate compliance and data risks. File Access Manager helps organizations identify where sensitive data resides, who has access to it, and how they are using it—and then puts effective controls in place to secure it. By augmenting identity data from structured systems with data from unstructured data targets, organizations can more quickly identify and mitigate risks, spot compliance issues, and make the right decisions when granting or revoking access to sensitive data. Packaged and priced by target storage system, our File Access Manager product provides core capabilities such as data discovery and classification, policy controls, risk remediation, and compliance automation.

SailPoint AI: Proactively provides visibility at speed and scale to determine access needs and potential security breaches associated with risky access policy to optimize security management. Our SailPoint AI capability is built to provide our IdentityIQ customers with additional AI features, such as recommendations and role discovery, by leveraging elements of our Atlas platform to streamline management.

Technology

Our organization has invested significant time and effort to remain a pioneer in innovation, continually emphasizing sophisticated and differentiated solutions to provide the best outcome for our customers. Our team has been highly intentional in our approach in addressing customer needs and have leveraged our extensive knowledge in advanced technology to address these in a differentiated and optimized manner. As the regulatory conditions evolve, and the threat environment introduces new demands and requirements, we view our technology as fundamental to the competitive advantage we hold in the market and our ability to maintain this moat in the future.

Unified Platform

Our Atlas platform allows customers to manage all types of identities and their access needs across all environments through a single pane of glass, providing the underlying infrastructure critical to powering our Identity Security Cloud. Our Atlas platform is the culmination of both years of investment and the expertise of our management and technical teams. Taking the lessons learned from our experiences with prior generation identity solutions, our engineers and architects designed a modern identity platform with internet scale, comprehensive cloud, hybrid, and customer-hosted environment coverage, and openness to optimize customers’ existing technology investments. This extensible, enterprise-grade platform is critical to enabling the management of not only employees, but also non-employees and machine identities, with varying levels of privilege, spanning cloud platforms such as AWS, GCP, and Microsoft Azure, SaaS applications, customer-hosted applications, and datacenter infrastructure such as servers and databases. Tools including AI, analytics, workflows, and app onboarding are embedded throughout our unified platform, powering enhanced decision making, differentiated insights, and frictionless automation. Our purpose-built platform provides the controls essential to govern and secure digital identities in today’s complex IT environments to support real-time, risk-based, and policy-driven management of the constantly evolving breadth and depth of enterprise identities, ensuring the right identities have access to the right data.

Key features of the Atlas platform include: 

Extensibility: Enables deep configuration across security systems, empowering customers to easily thread identity security across their ecosystem.
7

Personalized insights & reporting: Personalized action-oriented insights and reporting putting the most important identity information at the fingertips of administrators, managers, and end users.

ML: Rich library of ML models designed for better-optimized enterprise identity security practices and improved decision-making.

Connectivity: Expansive library of application and resource connectors that allow organizations to consolidate all access and identity information into a single solution.

Event-driven orchestration: Automated simple and complex identity use cases through custom workflows and forms to reduce or eliminate manual intervention.

Unified Data Model

The Identity Cube is a key element of our data layer, providing a 360-degree view on every identity. The Identity Cube provides a complete view of each identity, including attributes, entitlements, access rights, and risk scores. It is extensible by the customer to include data attributes that are relevant specifically to their organizations.

In an on-premise deployment scenario, the Identity Cube is a part of every IdentityIQ installation. As user data and other attributes are aggregated from enterprise HR systems, directories, and the like, the Identity Cube is populated. From there, core life cycle functions such as provisioning new accounts for users can be accomplished. The Identity Cube is an integral part of the product, not an add-on or optional module.

In a customer-hosted deployment scenario, the Identity Cube is also a part of every implementation and functions in the same way. The difference is architectural, with the Identity Security Cloud version of the Identity Cube being optimized for a multi-tenant, cloud native architecture. In addition, in the SaaS deployment scenario, there are additional data facilities available that, when combined with the Identity Cube, represent our unified data model.

In both scenarios, the Identity Cube utilizes insights of the complex dependencies between identities, applications, data, and activities to create specialized data models that understand the effective access of an identity, patterns, and the potential risk level, whether in the cloud or customer-hosted. The connective, scalable, configurable, and automated nature of our Identity Security Cloud and IdentityIQ solutions allows us to secure identities for the most complex global organizations across all industries with AI-based security tools that provide comprehensive, scalable, and fast identity security to solve the needs of modern organizations.

The operational data derived from the data layer is organized into structured tables that represent real-world entities and their relationships. SailPoint’s account correlation, orphan account management, and risk scoring capabilities allow security professionals and business managers to track who has access to what and how often they use it and to rectify risky or dated access. With the help of Identity Cube’s context and the data layer, operational and security systems can make informed decisions about access and perform key remediation and change requests on our identity platform via our standardized application program interfaces and software development kits.

Both our Identity Security Cloud and IdentityIQ offering leverage highly advanced technology, AI, and ML to maximize the value received by our customers and streamline their operations to provide a stronger identity security posture. We at SailPoint recognize the critical opportunity AI represents to the most scaled and complex enterprise organizations and are committed to partnering with our customers to continue to provide solutions incorporating these advanced technologies to improve identity security at enterprise scale. Our AI based solutions process petabytes of data daily and are scalable, adaptable, and cost-efficient and provide customers with enhanced detection, improved accuracy and efficiency, and an enhanced user experience that enable them to make better decisions faster. Our innovation and experience in this space is demonstrated not only by recently developed products, but by a track record of successful AI-based offerings brought to market over the course of the last several years. Four major areas of capabilities form our AI layer as well as several distinct AI-based applications:

Recommendations: Our intelligent AI-based recommendations streamline account creation, access requests based on user roles and organizational policies, and access certifications. This functionality helps both requestors and approvers make better decisions and ensures access rights are regularly reviewed and validated, significantly reducing organizational risk.

8
Discovery: Our discovery capabilities automatically identifies and creates roles based on the actual access patterns of users, simplifying role creation and identifies access patterns to highlight potential security risks or misconfigurations. Launched in 2020, our Access Modeling offering based on the discovery engine significantly reduces the time required to build an organization’s access model, and just as importantly, keep it up to date through role and peer group discovery, low similarity outlier analysis, and common access creation.

Assistant: Our assistive technologies drive user engagement and seamless experiences with large language models. In 2023, we launched our generative AI entitlement descriptions, which address one of identity security’s pain points by automatically generating descriptions of application entitlements. Given the significant additional workload associated with description creation, many entitlements across the modern organization remain without a description, increasing the difficulty in determining the validity and necessity of requests or approvals.

Automation: Our automation capabilities streamline the onboarding of new applications by provisioning access and managing compliance related activities. This functionality significantly reduces the amount of time required to onboard the “long tail” of applications onto the Identity platform, accelerating ROI, decreasing time to value for customers, and improving security posture at the same time.

Our AI layer utilizes a combination of open-source models that have been customized for our use cases, proprietary models, and third-party models hosted by third-party subprocessors. To mitigate potential risks of inaccuracy and algorithmic hallucinations resulting from our use of AI, we employ our ML platform to evaluate trained models against benchmark and real customer data prior to deployment and to monitor model predictions. We also incorporate human-in-the-loop into our processes, including with entitlement descriptions, to detect incorrect predictions and improve the model.

Extensibility and Low-Code/No-Code Automation

Our solutions provide flexible low-code workflows and no-code forms to extend our products. Customers have used our interactive drag-and-drop workflows to create processes that are executed millions of times a month to meet the unique needs of their business processes. For customers who need deeper customization, or bespoke integrations with other enterprise systems, our offerings provide a robust set of application programming interfaces ("APIs") and software development kits (“SDKs”), supported by a vibrant developer community and Developer Relations team. Customers can browse community-contributed extensions and add them to their existing solution.

Connector Library and Ecosystem

Our solutions offer connectivity to over 1,100 applications through their extensive connector library. In addition, customers have used this same library to connect to over 20,000 custom applications. Our solutions leverage AI technology to automatically map application data models to the SailPoint Identity Cube, dramatically reducing the “long tail” of application integration efforts that typically hinder identity deployments.

Multitenant SaaS Architecture

Our microservices-based SaaS model, coupled with our low-code/no-code capabilities and our abstracted SDKs means that customers can customize the Identity Security Cloud while always running the latest code—without the need to test new versions or re-implement changes. Competitors who have deployed single-tenant models still require customers to schedule upgrade windows and delay code pushes, which drives total cost of ownership.

Customers

We have a diverse global customer base with approximately 2,975 organizations in more than 60 countries as of January 31, 2025. Our customers include leading organizations in a diverse set of industries including financial services, media, energy and utilities, technology, life sciences, and healthcare, as well as government agencies and public universities and represent 51% of the Fortune 500 and 26% of the Forbes Global 2000.

Our business is not dependent on any particular customer, and no customer accounted for more than 10% of our revenues for the year ended January 31, 2025, 2024, or for the period from August 16, 2022 to January 31, 2023 (Successor) and from the period from February 1, 2022 to August 15, 2022 (Predecessor).

Research and Development
9

Innovation is one of our core values, and it is at the heart of how we think and do business. We believe ongoing and timely development of new products and features is imperative to maintaining our competitive position. We have taken a global approach to building a robust research and development team, with engineers and team members located in the United States as well as internationally across India, Mexico, Israel, the United Kingdom, and Canada. Along with our global approach, we also staff our research and development team with both experienced industry engineers and the next generation of talent well versed in advanced technology and AI development. As of the year ended January 31, 2025, 2024, the period from August 16, 2022 to January 31, 2023 (Successor) and the period from February 1, 2022 to August 15, 2022 (Predecessor), our research and development expenses totaled approximately $169.7 million, $180.8 million, $78.2 million, and $81.3 million, respectively. Additionally, we have been, and will continue to be, deliberate and programmatic in leveraging technology acquisitions.

Sales and Marketing

Sales

We sell our solutions primarily through our direct sales organization, which is comprised of field and digital sales personnel, as well as through channel partners. Our sales force is structured by geography, customer size, status (customer or prospect), and industry verticals including healthcare, public sector, and government. Each segment is managed by specialized teams equipped with tailored strategies to meet unique customer needs. The sales team focuses on complex, high-value deals, often involving multi-layered decision-making processes. We service the market through a global sales force, utilizing both direct and indirect selling motions to maximize reach and effectiveness. Our direct sales teams engage with customers to deliver comprehensive identity security solutions, while our channel partners expand our market presence and provide additional value through localized expertise and support. Multiple routes to market enable us to effectively penetrate diverse markets and address varying customer needs.

Our market segmentation strategy is designed to align our selling capacity with the highest-value market opportunities. We focus on targeting segments that align with our ideal customer profiles, allowing us to deploy resources efficiently and effectively. This strategic alignment ensures that we concentrate our efforts on opportunities where our solutions provide the greatest impact, enhancing both customer satisfaction and our sales efficiency.

As part of our selling engagements, we employ a consultative, playbook-based selling approach that emphasizes understanding the unique value our solutions bring to each customer. Our sales process includes developing thorough business cases and proofs of value, providing customers with a clear and prescriptive path to successful implementation. This method is supported by overlay resources, including technical specialists who assist in the sales process, ensuring that our solutions are presented with the necessary technical depth and clarity.

Identity security is regarded as essential business infrastructure and critical for securing complex identity environments. Customers initially invest in SailPoint to address their most pressing identity security use cases and expand their deployment over time to cover additional identity populations and use cases. This approach ensures that our solutions are integral to customers’ security strategies, fostering long-term relationships and continuous growth.

Partners constitute an essential part of our selling model. We have established a model designed to create zero conflict, and typically include our partners in all of our training and enablement efforts. As a result, our indirect sales model, executed through our global and regional system integrators, technology partners, MSPs, and value-added resellers, is a key factor in our overall success.

This integrated approach highlights our commitment to understanding and addressing the specific needs of our customers, delivering high-value identity security solutions, and continuously expanding our market presence through both direct and indirect channels.

Marketing

Our marketing charter is to be a digital-first, data-driven, and customer-obsessed team that relentlessly accelerates our growth and innovation. Our strategy is focused on the following core areas: driving strong global brand awareness and differentiation for us, leveraging digital marketing tools to engage potential buyers and create a strong and targeted pipeline for our sales force, and helping our customers accelerate their adoption and success as their trusted partner. Our data-driven digital approach to marketing is tightly aligned to the needs of our addressable market and provides agility to leverage market opportunities in a targeted and timely fashion.
10

Our marketing engine starts with developing a unique value proposition and differentiated messaging for our solutions to drive broad awareness, followed by activating demand and creating pipeline, all the way to accelerating adoption and time-to-value for our customers and driving renewals and advocacy:

Our awareness and educational efforts focus on brand campaigns, digital and content marketing, public and analyst relations, social media engagement and influencer relations, and thought leadership such as our annual Horizons of Identity Security Report, market research, blogs, and bylines.

Our pipeline generation and maturation efforts focus on efficiently engaging targeted accounts and maturing them through their buyer’s journey. Our programs include digital campaigns and webinars, Account Based Marketing (ABM), virtual/physical events such as Navigate and other conferences, and executive roundtables. We also work closely with our key partners to extend the reach to a broader spectrum of the targeted accounts and audience that our partners have strong relationships with.

Our customer engagement efforts include customer onboarding and education communications, customer reference development, executive advisory boards, and community development and engagement.

Our marketing programs are executed with a combination of centralized global initiatives and regional specific programs tailored to three major geographies: (i) the Americas, (ii) EMEA, and (iii) Asia-Pacific (“APAC”). Our typical audience includes IT and security professionals, including Chief Information Officers, Chief Information Security Officers ("CISOs"), and key identity decision makers, and has recently expanded to include key lines of business decision makers in finance, legal, HR, and accounting as identity security has become a greater strategic imperative.

Every year we host our flagship user conference, Navigate, followed by a global conference roadshow to demonstrate our strong commitment to enabling our global customers to succeed, while also serving as an opportunity to create pipeline for new sales to prospective customers and additional sales to existing customers. In an effort to extend our thought leadership in the space, we also participate in several industry events, including RSA and Black Hat.

Professional Services and Customer Support

Professional Services

We are focused on ensuring that our professional services partners, who perform most of the implementations for our customers, can implement our solutions successfully by developing and creating best practices. We provide “expert services” to partners and customers for complex implementation assistance. In certain cases, we lead direct customer implementations. We believe that our investment in professional services and in our partners drives increased adoption of our solutions.

Customer Success Management

Our customer success strategy centers around our investment in, and ownership of, the post-sale experience for our customers. Every customer and MSP has access to our team of Customer Success Managers (“CSMs”), whose goal is to help customers, and the partners that support them, achieve their desired return on investment and business results. Through proactive and regular engagements, the CSM team endeavors to keep every customer satisfied and help them use their SailPoint products or services optimally. When necessary, the CSM coordinates cross-departmental resources to remove any barrier to success. In addition, our customer success team utilizes customer data to identify and present any cross-sell or up-sell solutions aligned to a customer’s business objectives, thereby contributing to revenue expansion and increased product penetration. By proactively managing customer relationships, our CSM team nurtures client advocates, who become a powerful asset in closing new business.

Customer Support

Our customer support organization includes experienced, trained engineers who provide 24x7x365 support for critical issues. Customers receive contractual response times, telephonic support, and access to online support portals. Our customer support organization has global capabilities, a deep expertise in our solutions, and, through select support partners, is able to deliver support in multiple languages.

Alliances and Strategic Relationships
11

As a core part of our strategy, we have cultivated strong relationships with partners to help us increase our reach. We have developed a large partner network consisting of technology partners, system integrators, value-added resellers, and MSPs. In the year ended January 31, 2025, greater than 90% of our new customer transactions involved our partner network. We believe that our extensive partnership network enables us to provide the most complete identity security solution to our customers.

Technology Partners

The SailPoint Technology Alliance Program is a technology partnering network that leverages familiar standards and methods that make it easy to share identity context and configure identity-specific policies across disparate systems. Program offerings include access to SailPoint SDKs and APIs, developer support, and cloud-based certification services. The program comprises over 120 technology and implementation partners and has produced over 100 certified integrations.

We have partnered with industry leaders across a spectrum of technologies that enable organizations to integrate their entire security, mobility, cloud, and applications infrastructure into our platform so that breaches can be better identified, mitigated, and contained and operations can be streamlined. Solutions from companies such as AWS, CyberArk, Proofpoint, SAP, and ServiceNow that are plugged into our open identity platform through APIs provide our customers value-added capabilities to build an identity-aware enterprise.

System Integrators

We partner with many large and global system integrators including Accenture, Capgemini, Deloitte, KPMG, and PwC, as well as many regional system integrators. The focus of our system integrators program is to deliver pipeline growth and bookings, to help partners drive self-sufficiency, and to foster transparency and collaboration through shared assets and resources. We have implemented joint business controls and metrics that provide a platform for discussion and partnership development and help us optimize our program and unified value proposition.

Value-Added Resellers

Value-added resellers, such as CDW, GuidePoint, NetBR, Optiv, and Softcat, bring product expertise and implementation best practices to our customers globally. They provide vertical expertise and technical advice in addition to reselling or bundling our software. Many of our reseller partners have been trained to demonstrate and promote our identity platform. Our reseller channel ranges from large companies to regional resellers in our markets and territories. Our reseller program is designed to scale growth, help generate new opportunities, optimize customer experience, and increase profitability as well as sales efficiency.

Managed Security Service Providers

We partner with a growing number of MSPs, including Accenture, Simeio, Kommando, and MajorKey, to expand the reach of our direct sales organization. Our MSP channel augments our reach in market segments and territories. Our MSP partners offer our solutions, both packaged with a managed service and without. While this channel represents a small portion of our new annual recurring revenue ("ARR") today, we believe continuing to build out this channel will be a driver of growth.

Employees, Culture, and Values

Our core values are more than words on our website. They are a constant reminder that what we do for our customers is important, but how we do things is also critical. We call that doing things “the SailPoint way.”

We strive to incorporate our “Four I” core values throughout the entire employee life cycle:

Innovation: We develop creative solutions to real customer challenges;
Integrity: We deliver on the commitments we make;
Impact: We measure and reward results, not activity; and
Individuals: We value every person.

12
As an organization that continues to rapidly grow and evolve, we look for feedback from our crew to stay on course. Our annual “Crew’s Views” global employee engagement survey gives us the data we need to focus on areas where we can make the most impact. Over each of the last three years that we conducted the survey, employee participation exceeded 75% and overall team member satisfaction exceeded 82%. Externally, we’ve been recognized as an employer of choice for parents and millennials. Since November 2021, we’ve been a certified “Great Place to Work,” and we’ve been noted as a Best Workplace in Texas five years in a row. We’ve also been noted as a Best Workplace in Technology and been featured on “Best Places to Work” lists from Glassdoor and Built In.

As we work to execute our growth strategy, we continue to invest in human capital resources that will sustain and fuel that growth. As of January 31, 2025, we had a total of 2,738 employees. While most organizations post-pandemic have reverted to requiring mandatory days in-office, we recognize that there’s no perfect one-size fits all solution. We have realized many benefits in allowing crew to continue working remotely, so we treat our people like adults and empower team leaders to get their crew members together when it makes sense. This approach supports crew wellbeing and reflects our commitment to providing an environment for all our team members to succeed and thrive.

Our training and development efforts, built around our core values, are another key part of our human capital strategy. Our leaders go through specific training to ensure they are leading their teams with our values at the forefront of the decisions they make. Our annual performance review process allows team members to engage in meaningful discussions with their managers about their performance and development goals, and we also conduct pay equity reviews during our merit planning process. Additionally, our managers assess the growth potential of each team member through a standardized evaluation process, which provides actionable outputs to help develop and retain our high-potential employees. Through these and other training efforts, we support the development of our crew members in a way that promotes our growth and innovation.

Our philanthropy committee comes up with innovative opportunities for crew to give back to the communities in which we work. For more than seven years, we have run an annual “Sailanthropitch” program, where charities deliver a Shark-Tank-style presentation about their organization. Crew members cast their votes for the organizations they connect to the most, and each organization walks away with a financial donation tied to the percentage of votes they received. Our SailPoint Cares program, which started as an opportunity to bring cross-functional crew together in different regions, has grown significantly in recent years, providing opportunities for teams to get together and donate their time and resources to support good causes across three core pillars: STEM & tech, crew engagement, and education. We also forge partnerships to increase our impact—whether through Path Forward, which supports caregivers who are returning to the workforce, SkillBridge, which connects returning service members to job training opportunities, or Code2College, which enables students who might not normally have access or exposure to exploring a career in STEM to gain hands-on experience in a paid internship.

While we always seek the best talent to join SailPoint, we are also committed to growing talent. Our Sail-U program brings early career talent to our organization, where we provide them with the environment to learn and grow via structured training opportunities, engagement with leaders across the organization, and peer networking. We also offer a wealth of on-demand resources via our company intranet, The Dock, to support growth and development and drive performance.

Offering a competitive compensation and benefits package is another critical part of our effort to attract and retain top talent. In addition to competitive base salaries, we offer team members comprehensive health, welfare, income protection and long-term savings benefits, incentive equity compensation, and incentive cash plans for eligible team members. Total compensation is designed to align with SailPoint’s business objectives and financial goals, and pay is differentiated for individuals based on relevant experience, impact, relative internal value and company performance. Variable compensation delivers pay aligned with company and individual performance, with more pay at risk at more senior levels. Leadership regularly discusses compensation and benefits strategies with the compensation and nominating committee of our board of directors (our "Board").

Competition

We operate in a highly competitive market characterized by constant change and innovation. Our competitors include large public companies, such as IBM, Microsoft, and Oracle that offer identity solutions within their product portfolios, and identity centric solution providers, including CyberArk, Okta, and One Identity. There are also a number of smaller scale, regional, or specialist identity security solution providers that we compete with in certain situations. We believe the principal competitive factors in our market include:

Comprehensiveness of visibility to which identities have access to what across the IT environment;

13
Reliability and effectiveness in defining and implementing identity security policies;

Flexibility to deploy identity security and administration as a SaaS or customer-hosted solution;

Adherence to government and industry regulations and standards;

Comprehensiveness and interoperability of the solution with other IT and security solutions;

Enterprise security, scalability, and performance;

Ability to innovate and respond to customer needs rapidly;

Quality and responsiveness of support organizations;

Total cost of ownership;

Ease of use; and

Customer experience.

Some of our competitors have significantly greater financial, technical, and sales and marketing resources, as well as greater name recognition, in some cases within particular geographic regions, and more extensive geographic presence than we do. See Part I, Item 1A, “Risk Factors—Risks Related to Our Business and Industry—We face intense competition in our market, both from larger, well-established companies and from emerging companies, and we may lack sufficient financial and other resources to maintain and improve our competitive position.” However, we believe we compete favorably with our competitors based on all the factors above.

Intellectual Property

Our success depends in part on our ability to protect our intellectual property. We rely on copyrights and trade secret laws, confidentiality procedures, employment proprietary information, and inventions assignment agreements, trademarks, and to protect our intellectual property rights. We also license software from third parties for integration into our solutions, including open source software and other software available on commercially reasonable terms.

We control access to and use of our solutions and other confidential information through the use of internal and external controls, including contractual protections with employees, contractors, customers, and partners, and our software is protected by U.S. and international copyright and trade secret laws. As of January 31, 2025, we had 79 issued patents and 16 patent applications pending in the United States and eight issued patents and no patent applications pending internationally, in each case relating to certain aspects of our technology. Also as of January 31, 2025, the expiration dates of our issued patents ranged from 2025 to 2041. See Part I, Item 1A, “Risk Factors—Risks Related to Our Technology and Our Intellectual Property Rights—If we fail to obtain, maintain, protect, defend, or adequately enforce our intellectual property or proprietary rights, our competitive position could be impaired and we may lose valuable assets, generate reduced revenue, and incur costly litigation to protect our rights” for information regarding potential risks associated with our intellectual property and our ability to protect it.

Legal Proceedings

We are not currently a party to, nor is our property currently subject to, any material legal proceedings other than ordinary routine litigation incidental to the business, and we are not aware of any such proceedings contemplated by governmental authorities.

Facilities

Our corporate headquarters in Austin, Texas, consists of approximately 165,000 square feet of space under a lease that expires in April 2029. We also have additional office space under traditional leases in Pune, India; Tel Aviv, Israel; and London, United Kingdom and under coworking arrangements in various locations in North America, Europe, and Asia.

We believe that our facilities are adequate for our current needs and anticipate that suitable additional space will be readily available to accommodate any foreseeable expansion of our operations.
14

Government Regulations

We are subject to a wide variety of laws, rules, and regulations in the United States and abroad that involve matters central to our business, including those relating to data privacy and security. Many of these laws, rules, and regulations are continually evolving, and we expect that we will continue to become subject to new laws, rules, regulations, industry standards, contractual requirements, and other obligations in the United States, the European Union ("EU"), the United Kingdom (the "UK"), and other jurisdictions. A failure to comply with them could result in civil and criminal liabilities and enforcement actions, which could include fines, as well as claims for damages by customers and other affected individuals, damage to our reputation, and loss of goodwill (both in relation to existing customers and prospective customers), any of which could adversely affect our business, operating results, financial performance, and prospects. See Part I, Item 1A, “Risk Factors—Risks Related to Laws and Regulations” for a discussion of our regulatory risks.

Compliance and Certifications

We are committed to protecting critical business information belonging to SailPoint and the customers and partners we serve. In support of this commitment, we maintain an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2013 that extends to additional controls defined within ISO/IEC 27018:2019 focusing on protection of Customer Personal Data in the cloud.

Even before the enactment of the European General Data Protection Regulation (“GDPR"), and the many privacy regulations since then, our customers have been focused on ensuring their personal information is handled with the upmost care. SailPoint is certified with the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and the UK Extension to the EU-U.S. Data Privacy Framework, demonstrating our commitment to privacy principles and regulations. In addition, we have Standard Contractual Clauses in place that apply to any restricted transfers of data from customers to SailPoint, transfers between SailPoint entities, and transfers to our subprocessors.

On a product level, our product certifications include SOC 1 Type 2, an examination of controls at a service organization relevant to entities’ internal control over financial reporting, and SOC 2 Type 2, which is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy. SailPoint has also published SOC 3 Reports, which similarly address controls relevant to security, availability, processing integrity, confidentiality, and privacy.

On June 5, 2024, SailPoint achieved U.S. Federal Risk and Authorization Management Program (“FedRAMP") Moderate ATO (Authority to Operate) for our SaaS-based solution, SailPoint Identity Cloud. The Federal Risk and Authorization Management Program (FedRAMP®) is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP empowers agencies to use modern cloud technologies, emphasizing the security and protection of federal information and accelerating the adoption of secure cloud solutions. As a FedRAMP-authorized cloud service provider (CSP), SailPoint meets the security requirements necessary to support the most sensitive federal agencies, critical infrastructure, and the defense industrial base at the moderate impact level.

In Australia, our SailPoint Identity Security Cloud has been assessed to the Information Security Registered Assessors Program’s (IRAP) PROTECTED level control requirements, which are based on controls identified in the Australian Signals Directorate and Australian Government Information Security Manual. This IRAP assessment is a prerequisite for many Australian government departments seeking to adopt platforms and tools from cloud service.

Our compliance certifications demonstrate our commitment to the rigorous security and privacy measures taken to protect the confidentiality, integrity, and security of our customers’ data and the security of our platform.
Corporate Information
Our principal executive offices are located at 11120 Four Points Drive, Suite 100, Austin, Texas 78726, and our telephone number at that address is (512) 346-2000. Our website address is www.sailpoint.com. Information contained on, or that can be accessed through, our website does not constitute part of this Annual Report and inclusions of our website address in this Annual Report are inactive textual references only.
15
The SailPoint design logo and our other registered or common law trademarks, service marks, or trade names appearing in this Annual Report are the property of SailPoint Technologies, Inc., our wholly-owned subsidiary. Other trademarks and trade names referred to in this Annual Report are the property of their respective owners.
Available Information
Our website is located at https://www.sailpoint.com, and our investor relations website is located at https://investors.sailpoint.com. The information posted on our website is not incorporated into this Annual Report. Our Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to reports filed or furnished pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), are available free of charge on our investor relations website as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC. You may also access all of our public filings through the SEC’s website at https://www.sec.gov.
Investors and other interested parties should note that we use our media and investor relations website and our social media channels to publish important information about us, including information that may be deemed material to investors. We encourage investors and other interested parties to review the information we may publish through our media and investor relations website and the social media channels listed on our media and investor relations website, in addition to our SEC filings, press releases, conference calls, and webcasts.
ITEM 1A. RISK FACTORS
The nature of the business activities conducted by the Company subjects it to certain hazards and risks. A description of some of the material risks relating to the Company’s business activities is set forth below. Other risks are described in Part I, Item 1. “Business—Competition,” Part II, Item 7. “Management’s Discussion and Analysis of Financial Condition and Results of Operations.—Liquidity and Capital Resources” and Part II, Item 7A. “Quantitative and Qualitative Disclosures About Market Risk.” These risks are not the only risks facing the Company. The Company’s business could also be affected by additional risks and uncertainties not currently known to the Company or that it currently deems to be immaterial. If any of these risks actually occurs, it could materially harm the Company’s business, financial condition or results of operations and impair the Company’s ability to implement business plans. In that case, the market price of the Company’s common stock could decline.
Risks Related to Our Business and Industry

We have experienced rapid growth in recent periods, and our recent growth rates may not be indicative of our future growth.

We have experienced rapid growth in recent years. Our revenue grew from $365.3 million to $793.9 million from the fiscal year ended December 31, 2020 to the fiscal year ended January 31, 2025. Our revenue growth may not continue at a level consistent with historical performance. We believe our revenue growth depends on a number of factors, including, but not limited to:

our ability to attract new customers and retain and increase sales to existing customers;
our ability to, and the ability of our channel partners to, successfully deploy and implement our solutions, increase our existing customers’ use of our solutions, and provide our customers with excellent customer support;
our ability to hire and retain substantial numbers of marketing, research and development, and general and administrative personnel and expand our global operations;
our ability to develop our existing solutions and introduce new solutions; and
our ability to increase the number of our partners.

If we are unable to achieve any of these requirements, our revenue growth will be adversely affected.

Our future revenues and operating results will be harmed if we are unable to acquire new customers, if our customers do not renew their arrangements with us, if we are unable to expand sales to our existing customers, or if we are unable to develop new solutions that achieve market acceptance.

To continue to grow our business, it is important that we continue to acquire new customers to purchase and use our solutions. Our success in adding new customers depends on numerous factors, including our ability to (i) offer a compelling identity security platform and solutions, (ii) execute an effective sales and marketing strategy, (iii) attract, effectively train, and
16
retain new sales, marketing, professional services, and support personnel in the markets we pursue, (iv) develop or expand relationships with channel partners, including system integrators, value-added resellers, technology partners, and MSPs, (v) expand into new geographies and vertical markets, (vi) deploy our platform and solutions for new customers, and (vii) provide quality customer support once deployed.

It is important to our continued growth that our customers renew their arrangements when existing contract terms expire. For Identity Security Cloud, our SaaS-based cloud solution, and IdentityIQ, our customer-hosted solution, our customers typically enter into three-year contracts with annual billing upfront. Our customers have no obligation to renew their maintenance and term subscriptions, and our customers may decide not to renew these agreements with a similar contract period, at the same prices and terms, or with the same or a greater number of identities. Our customer retention and expansion are difficult to accurately predict and may decline or fluctuate as a result of a number of factors. Our ability to increase revenue depends in large part on our ability to expand our customer relationships over time through up-selling and cross-selling opportunities including suite upgrades and additional products. Our ability to increase sales to existing customers depends on several factors, including their experience with implementing and using our solutions and the existing products they have implemented, their ability to integrate our solutions with existing technologies, and our pricing model.

If we are unable to successfully acquire new customers, retain our existing customers, expand sales to existing customers, or introduce new solutions, our business, financial condition, and operating results would be adversely affected. The adverse effect on our financial results may be particularly acute because of the significant research, development, marketing, sales, and other expenses we will have incurred in connection with the new solutions.

If our new solutions do not achieve adequate acceptance in the market, our competitive position could be impaired and our potential to generate new revenue or to retain existing revenue could be diminished. The adverse effect on our financial results may be particularly acute because of the significant research, development, marketing, sales, and other expenses we will have incurred in connection with the new solutions, and we may not have the ability to introduce compelling new solutions that address the requirements of our customers in light of the dynamic identity security market in which we operate.

Additionally, if the incidence of cyber attacks were to decline, or enterprises or governments perceive that the general level of cyber attacks has declined, our ability to attract new customers could be adversely affected. We may face additional difficulties in attracting organizations that use legacy products to purchase our solutions if they believe that these legacy products are more cost-effective or provide a level of security that is sufficient to meet their needs. Furthermore, the use of our solutions to manage identities and access is relatively new, and if we are unable to convince organizations of the benefits of our solutions, then we may be unable to acquire new customers or keep existing customers.

If the market for identity security solutions does not grow, our ability to grow our business and our results of operations may be adversely affected.

We believe our future success will depend in large part on the growth, if any, in the market for identity security solutions. The market for identity security solutions, including our platform and identity security solutions, is rapidly evolving. As such, it is difficult to predict this market’s potential growth, if any, customer adoption and retention rates, customer demand for identity security platforms, or the success of competitive products. Any expansion in this market depends on a number of factors, including the cost, performance, and perceived value associated with our platform and identity security solutions and similar solutions of our competitors, including preference to manage security with existing infrastructure security tools alone, rather than investing in a platform-based identity security solution. The markets for some of our solutions are new, unproven, and evolving, and our future success depends on growth and expansion of these markets. If our platform and identity security solutions do not achieve widespread adoption or there is a reduction in demand for our platform and identity security solutions due to a lack of customer acceptance, technological challenges, competing products or solutions, privacy concerns, decreases in corporate spending, weakening economic conditions or otherwise, it could result in early terminations, reduced customer retention rates, or decreased revenue, any of which would adversely affect our business, financial condition, and results of operations.

If we are unable to maintain successful relationships with our channel partners, our ability to market, sell, distribute, and implement our solutions will be limited, and our business, financial condition, and operating results would be adversely affected.

We derive a significant portion of our revenue from sales influenced by, or made through, our channel partner network and expect these sales to continue to grow for the foreseeable future. Our channel partners provide implementation and other services to our customers in exchange for fees paid by those customers. We may not achieve anticipated revenue growth from
17
our channel partners if we are unable to retain our existing channel partners and expand their sales or add additional motivated channel partners.

Our arrangements with our channel partners are generally non-exclusive, meaning they may offer customers the products of several different companies, including products that compete with our solutions and products. If our channel partners do not effectively market and sell our solutions, choose to use greater efforts to market and sell our competitors’ products or services, fail to meet the needs of our customers, or cease marketing our solutions or providing services to us, our ability to grow our business and sell our solutions may be adversely affected. Our channel partners may cease marketing our solutions with limited or no notice and with little or no penalty. In addition, certain of our channel partners are subject to independence requirements that have in the past or may in the future prevent them from providing services to us or cooperating with us in our go-to-market efforts if they also provide services for affiliates of our controlling stockholder, Thoma Bravo. If one or more of our channel partners determines that it is unable to both provide services to us or cooperate with us in our go-to-market efforts and also provide services to affiliates of our controlling stockholder, those channel partners may cease marketing our solutions or otherwise cease providing services to us or cooperating with us in our go-to-market efforts.

We also collaborate with adjacent technology vendors to offer comprehensive solutions to our customers. If we do not effectively collaborate with them, or if they elect to terminate their relationships with us or develop and market solutions that compete with our solutions, our growth would be adversely affected.

Our quarterly results fluctuate significantly and may not fully reflect the underlying performance of our business.

Our quarterly revenue and operating results tend to fluctuate from period-to-period, and we believe that our quarterly results may vary significantly in the future. Consequently, you should not rely on the results of any one quarter as an indication of future performance. Period-to-period comparisons of our revenue and operating results may not be meaningful and, as a result, may not fully reflect the underlying performance of our business.

Our quarterly operating results may fluctuate as a result of a variety of factors, including, but not limited to, those listed below, many of which are outside of our control:

the mix of revenue and associated costs attributable to subscription and professional services, which may impact our gross margins and operating income;

the mix of revenue attributable to larger transactions as opposed to smaller transactions and the associated volatility and timing of our transactions;

the mix of SaaS subscriptions compared to term subscriptions, which affects how we recognize revenue and may result in a decrease in gross margins as well as impact the results of our operations;

the loss or deterioration of our channel partner and other relationships influencing our sales execution;

the growth in the market for our solutions;

our ability to attract new customers and retain and increase sales to existing customers;

changes in customers’ budgets and in the timing of their purchasing decisions, including seasonal buying patterns for IT spending;

the timing and success of new product introductions by our competitors and by us;

changes in our pricing policies or those of our competitors;

significant security breaches of, technical difficulties with, or interruptions to the delivery and use of our platform;

changes in the legislative or regulatory environment;

foreign exchange gains and losses related to expenses and sales denominated in currencies other than the U.S. dollar or the functional currencies of our subsidiaries;

18
increases in and timing of sales and marketing and other operating expenses that we may incur to grow and expand our operations and to remain competitive;

costs related to the acquisition of businesses, talent, technologies, or intellectual property, including potentially significant amortization costs and possible write-downs;

our ability to control costs, including our operating expenses;

the collectability of receivables from customers and channel partners, which may be hindered or delayed if these customers or channel partners experience financial distress;

economic conditions specifically affecting industries in which our customers participate;

natural disasters or other catastrophic events; and

litigation-related costs, settlements, or adverse litigation judgments.

Our sales cycle is long and unpredictable, and our sales efforts require considerable time and expense.

The length and unpredictability of the sales cycle for our offerings makes it difficult to identify a regular cadence to our sales and the related revenue recognition. We and our channel partners are often required to spend significant time and resources to better educate and familiarize potential customers with the value proposition of our platform and solutions. Customers often view the purchase of our solutions as a strategic decision and significant investment and, as a result, frequently require considerable time to evaluate, test, and qualify our platform and solutions prior to purchasing our solutions. During the sales cycle, we expend significant time and money on sales and marketing and contract negotiation activities, which ultimately may not result in a sale. Additional factors that may influence the length and variability of our sales cycle include:
the discretionary nature of purchasing and budget cycles and decisions;

lengthy purchasing approval processes;

the evaluation of competing products during the purchasing process;

time, complexity, and expense involved in replacing existing solutions;

announcements or planned introductions of new products, features, or functionality by our competitors or of new solutions or modules by us;

the practice of large enterprises often driving their purchasing cycles based on internal factors rather than marketing cycles; and

evolving functionality demands.

If our efforts in pursuing sales and customers are unsuccessful, or if our sales cycles lengthen, our revenue could be lower than expected, which would have an adverse effect on our business, operating results, and financial condition.
We recognize most of our revenue ratably over the term of our agreements with customers and, as a result, downturns or upturns in sales may not be immediately reflected in our operating results.

In recent years, we have transitioned our business to a subscription model. As we continue this shift, our business, financial condition, operating results, and prospects could be materially and adversely affected if we fail to successfully manage such shift, which depends upon our ability to, among other things, properly price our subscription-based arrangements, deliver SaaS, retain our customers, and further develop or acquire related technologies and infrastructure.

We recognize most of our revenue ratably over the terms of our agreements with customers. As a result, a portion of the revenue that we report in each period will be derived from the recognition of deferred revenue relating to agreements entered into during previous periods. Consequently, a decline in new subscription sales or renewals in any one period may not be immediately reflected in our revenue results for that period. This decline, however, will negatively affect our revenue in
19
future periods. Accordingly, the effect of significant downturns in sales and market acceptance of our solutions and potential changes in our rate of renewals may not be fully reflected in our operating results until future periods.

We expect to continue to invest in research and development, sales and marketing, general and administrative functions, and other areas to grow our business. Such costs are generally expensed as incurred (with the exception of sales commissions and certain research and development costs), as compared to the corresponding revenue, substantially all of which is recognized ratably in future periods. We are likely to recognize the costs associated with these investments earlier than some of the anticipated benefits, and the return on these investments may develop more slowly, or may be lower, than we expect, which could adversely affect our operating results.
We expect our revenue mix and certain business factors to impact the amount of revenue recognized period to period, which could make period-to-period revenue comparisons not meaningful and difficult to predict.

Our subscription revenue includes revenue from sales of SaaS subscriptions, which is recognized ratably over the contract period, and revenue from sales of term subscriptions, a majority of which is recognized upfront when we transfer control of the license to the customer. Due to the proportion of our contracts trending from term subscriptions and maintenance to SaaS subscriptions, our revenue may fluctuate and period-to-period revenue comparisons may not be meaningful, and our past results may not be indicative of future performance. We cannot be certain how long these factors may persist. These factors make it challenging to forecast our revenue as the mix of solutions and services, as well as the size of contracts, are difficult to predict.

We face intense competition in our market, both from larger, well-established companies and from emerging companies, and we may lack sufficient financial and other resources to maintain and improve our competitive position.

The market for identity security solutions is intensely competitive and is characterized by constant change and innovation. We face competition from large, well-known enterprise software vendors that offer identity solutions within their product portfolios, pure play identity vendors (including new market entrants), and vendors with whom we have not traditionally competed but who may either introduce new products or incorporate features into existing products that compete with our solutions. For example, our competitors include large public companies, such as IBM, Microsoft, and Oracle that offer identity solutions within their product portfolios, and identity centric solution providers, including CyberArk, Okta, and One Identity.

Many of our competitors are larger, have greater resources and existing customer relationships, and may be able to compete and respond more effectively than we can to new or changing opportunities, technologies, standards, or customer requirements. Our competitors may also seek to extend or supplement their existing offerings to provide identity security solutions that more closely compete with our offerings. Potential customers may also prefer to purchase, or incrementally add solutions, from their existing suppliers rather than a new or additional supplier regardless of product performance or features.

In addition, merger and acquisition transactions in the technology industry continue to occur, particularly transactions involving cloud-based technologies. Accordingly, there is a greater likelihood that we will compete with other large technology companies in the future. Some of our competitors have made acquisitions or entered into strategic relationships to offer a more comprehensive product than they individually had offered. Companies and alliances resulting from these possible consolidations and partnerships may create more compelling product offerings and be able to offer more attractive pricing, making it more difficult for us to compete effectively. In addition, continued industry consolidation may adversely impact customers’ perceptions of the viability of small and medium-sized technology companies and consequently their willingness to purchase from those companies.

New start-up companies that innovate and competitors that are making significant investments in research and development may invent similar or superior products and technologies that compete with our solutions, and our business could be materially and adversely affected if such technologies or products are widely adopted. Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering by our competitors, or continuing market consolidation. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue, and gross margins, increased net losses, and loss of market share. Any failure to meet and address these factors would adversely affect our business, financial condition, and operating results.

We anticipate that our operations will continue to increase in complexity as we grow, which will add additional challenges to the management of our business in the future.

20
Our business has experienced significant growth and is becoming increasingly complex. We increased the number of our employees from 1,394 at December 31, 2020 to 2,738 at January 31, 2025 and the number of countries in which we have employees from 18 at December 31, 2020 to 22 at January 31, 2025. We have also experienced growth in the number of our customers from over 1,700 at December 31, 2020 to approximately 2,975 at January 31, 2025 and the number of countries in which we have customers from over 50 at December 31, 2020 to over 60 at January 31, 2025. We expect this growth to continue and for our operations to become increasingly complex. To effectively manage this growth, we have made, and plan to continue to make, substantial investments to improve our operational, financial, and management controls, as well as our reporting systems and procedures. Our success will depend in part on our ability to manage this complexity effectively without undermining our corporate culture, which we believe has been central to our success. If we are unable to manage this complexity, our business, operations, operating results, and financial condition may suffer.

As our customer base continues to grow, we likely will need to expand our professional services and other personnel, and maintain and enhance our existing partner network, to provide a high level of customer service. We also will need to effectively manage our direct and indirect sales processes as the number and type of our sales personnel and partner network continues to grow and become more complex and as we continue to expand into new geographies and vertical markets. This complexity is further driven by the various ways in which we sell our solutions, including on a per identity and per module basis through SaaS and other subscription offerings. If we do not effectively manage the increasing complexity of our business and operations, the quality of our solutions and customer service could suffer, and we may not be able to adequately address competitive challenges. These factors could impair our ability, and our channel partners’ ability, to attract new customers, retain existing customers, expand our customers’ use of existing solutions and adoption of more of our products, and continue to provide high levels of customer service, all of which would adversely affect our reputation, overall business, operations, operating results, and financial condition.

Seasonality may cause fluctuations in our sales, results of operations, and remaining performance obligations.

Historically, we have experienced seasonality in remaining performance obligations (“RPO”) and customer sales, as we typically sell a higher percentage of our solutions to new customers and renewal subscriptions with existing customers in the fourth quarter of our fiscal year. We believe that this results from the procurement, budgeting, and deployment cycles of many of our customers, particularly our enterprise customers. We expect that this seasonality will continue to affect our sales, RPO, and results of operations in the future and might become more pronounced as we continue to target larger enterprise customers.

Our failure to achieve and maintain an effective system of disclosure controls and internal control over financial reporting could adversely affect our financial position and lower our stock price.

As a public company, we are subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act of 2002 (the “Sarbanes-Oxley Act”), and the rules and regulations of the applicable listing standards of the Nasdaq Global Select Market (“Nasdaq"). The requirements of these rules and regulations have increased our legal, accounting, and financial compliance costs, could make some activities more difficult, time-consuming, and costly, and could place significant strain on our personnel, systems, and resources. The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. In order to maintain and improve the effectiveness of our disclosure controls and procedures and internal control over financial reporting, we have expended, and anticipate that we will continue to expend, significant resources, including accounting-related costs and significant management oversight.

Our internal resources and personnel may in the future be insufficient to avoid accounting errors, and there can be no assurance that we will not have material weaknesses in the future. Any failure to develop or maintain effective controls or any difficulties encountered implementing required new or improved controls could harm our operating results or cause us to fail to meet our reporting obligations and may result in a restatement of our financial statements for prior periods. Any failure to implement and maintain effective internal control over financial reporting also could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we will eventually be required to include in our periodic reports that will be filed with the SEC. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, which would likely have a negative effect on the trading price of our common stock. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on Nasdaq. We are not currently required to comply with the SEC rules that implement Section 404 of the Sarbanes-Oxley Act and are therefore not required to make a formal assessment of the effectiveness of our internal control over financial reporting for that purpose. We will be required to provide an annual management report on the effectiveness of our internal control over financial reporting commencing with our second annual report on Form 10-K. This assessment will need to include disclosure of any material weaknesses identified by our management in our internal control
21
over financial reporting. Our independent registered public accounting firm will not be required to report on the effectiveness of our internal control over financial reporting pursuant to Section 404 of the Sarbanes-Oxley Act until our second annual report required to be filed with the SEC. At such time, our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our controls are documented, designed, or operating.

Any failure to maintain effective disclosure controls and internal control over financial reporting could have an adverse effect on our business and operating results and could cause a decline in the price of our common stock.

If we are not able to maintain and enhance our brand or reputation as an industry leader and innovator, our business and operating results may be adversely affected.

We believe that maintaining and enhancing our reputation as a leader and innovator in the market for identity security solutions is critical to our relationship with our existing customers and our ability to attract new customers. The successful promotion of our brand attributes will depend on a number of factors, including our marketing efforts, our ability to continue to develop high-quality solutions, and our ability to successfully differentiate our platform and solutions from competitive products and services. Our brand promotion activities may not be successful or yield increased revenue. In addition, independent industry analysts often provide reports of our solutions, as well as those of our competitors, and perception of our solutions in the marketplace may be significantly influenced by these reports. If these reports are negative, or less positive as compared to those of our competitors, our reputation may be adversely affected. Additionally, the performance of our channel partners may affect our brand and reputation if customers do not have a positive experience with our solutions as implemented by our channel partners or with the implementation generally. The promotion of our brand requires us to make substantial expenditures, and we anticipate that the expenditures will increase as our market becomes more competitive, as we expand into new geographies and vertical markets, and as more sales are generated through our channel partners. To the extent that these activities yield increased revenue, this revenue may not offset the increased expenses we incur. If we do not successfully maintain and enhance our brand and reputation, our business and operating results may be adversely affected.

Sales to enterprise customers involve risks that may not be present or that are present to a lesser extent with respect to sales to smaller organizations.

We target our sales to enterprise customers and large organizations, which involves risks that may not be present or that are present to a lesser extent with sales to smaller customers, including the commercial customer segment. These risks include longer sales cycles and negotiations, more complex customer requirements (including audit and other requirements driven by such customers’ regulatory and industry contexts), substantial upfront sales costs, and less predictability in completing some of our sales. For example, enterprise customers may require considerable time to evaluate and test our platform and solutions and those of our competitors prior to making a purchase decision and placing an order or may need specialized security features to meet regulatory requirements. A number of factors influence the length and variability of our sales cycle, including the need to educate potential customers about the uses and benefits of our platform and solutions, the discretionary nature of purchasing and budget cycles, the macroeconomic uncertainty and challenges and resulting increased technology spending scrutiny, and the competitive nature of evaluation and purchasing approval processes. Since the processes for deployment, configuration, and management of our platform and solutions are complex, we are also often required to invest significant time and other resources to train and familiarize potential customers with our platform and solutions. Customers may engage in extensive evaluation, testing, and quality assurance work before making a purchase commitment, which increases our upfront investment in sales, marketing, and deployment efforts, with no guarantee that these customers will make a purchase or increase the scope of their subscriptions. In certain circumstances, an enterprise customer’s decision to use our platform and solutions may be an organization-wide decision, and therefore, these types of sales require us to provide greater levels of education regarding the use and benefits of our platform and solutions. As a result, the length of our sales cycle, from identification of the opportunity to deal closure, has varied, and may continue to vary, significantly from customer to customer, with sales to large enterprises and organizations typically taking longer to complete. Moreover, large enterprise customers often begin to deploy our platform and solutions on a limited basis but nevertheless demand configuration, integration services, and pricing negotiations, which increase our upfront investment in the sales effort with no guarantee that these customers will deploy our identity security solutions widely enough across their organization to justify our substantial upfront investment.

Given these factors, it is difficult to predict whether and when a sale will be completed and when revenue from a sale will be recognized due to the variety of ways in which customers may purchase our platform and solutions. This may result in lower than expected revenue in any given period, which would have an adverse effect on our business, financial condition, and results of operations.

22
Because our long-term success depends, in part, on our ability to expand the sales and marketing of our solutions to customers located outside of the United States, and we perform a significant portion of our development outside of the United States, our business will be susceptible to risks associated with international operations.

At January 31, 2025, we had customers in over 60 countries and employees in over 20 countries, and we intend to continue expanding our international sales and marketing operations.

Conducting international operations subjects us to risks that we do not generally face in the United States. These risks include:

encountering existing and new competitors with stronger brand recognition in the new markets;

challenges developing, marketing, selling, and implementing our platform and solutions caused by language, cultural, and ethical differences, and the competitive environment;

heightened risks of unethical, unfair, or corrupt business practices, actual or claimed, in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, and irregularities in, financial statements;

global and domestic political instability, economic sanctions, terrorist activities, or international conflicts, including the conflict in Israel and the surrounding area and the ongoing conflict between Russia and Ukraine, which have in the past and may in the future impact the operations of our business or the businesses of our customers;

currency fluctuations;

the risks of currency hedging activities to limit the impact of exchange rate fluctuations, should we engage in such activities in the future;

difficulties in managing systems integrators and technology providers;

laws imposing heightened restrictions on data usage and increased penalties for failure to comply with applicable laws, particularly in the EU;

risks associated with trade restrictions and foreign import requirements, including the importation, certification, and localization of our solutions required in foreign countries, as well as changes in trade, tariffs, restrictions, or requirements;

potentially different pricing environments, longer sales cycles, and longer accounts receivable payment cycles and collections issues;

management communication and integration problems resulting from cultural differences and geographic dispersion;

increased turnover of international personnel as compared to our domestic operations;

potentially adverse tax consequences, including multiple and possibly overlapping tax structures, the complexities of foreign value added tax systems, restrictions on the repatriation of earnings, and changes in tax rates;

greater difficulty in enforcing contracts, accounts receivable collection, and longer collection periods;

the uncertainty and limitation of protection for intellectual property rights in some countries;

increased financial accounting and reporting burdens and complexities; and

lack of familiarity with local laws, customs, and practices, and laws and business practices favoring local competitors or commercial parties.

The occurrence of any one of these risks could harm our international business and, consequently, our operating results. Additionally, operating in international markets requires significant management attention and financial resources. We
23
cannot be certain that the investment and additional resources required to operate in other countries will produce desired levels of revenue or net income.

Unfavorable conditions in our industry or the global economy, including those caused by the ongoing conflicts around the world, or reductions in technology spending, could limit our ability to grow our business and negatively affect our results of operations.

Global business activities face widespread macroeconomic uncertainties, and our results of operations may vary based on the impact of changes in our industry or the global economy on us or our customers and potential customers. Negative conditions in the general economy in the United States, Europe, or Asia and in the global economy, including conditions resulting from changes in gross domestic product growth, financial and credit market fluctuations, inflation and efforts to control further inflation, rising interest rates, bank failures, international trade relations, political turmoil (such as the conflict in Israel and the surrounding area and the ongoing conflict between Russia and Ukraine), potential U.S. federal government shutdowns, natural catastrophes, warfare, and terrorist attacks could cause a decrease in business investments by existing or potential customers, including spending on technology, and negatively affect the growth of our business. As an example, in the United States, capital markets have experienced and continue to experience volatility and disruption. Furthermore, inflation rates in the United States have recently increased to levels not seen in decades. Global economic and global and domestic political uncertainty may cause some of our customers or potential customers to curtail spending generally, or IT and identity security spending specifically, and may ultimately result in new regulatory and cost challenges to our international operations.

In addition to the foregoing, adverse developments that affect financial institutions, transactional counterparties, or other third parties, such as bank failures or concerns or speculation about any similar events or risks, could lead to market-wide liquidity problems, which in turn may cause third parties, including our customers, to become unable to meet their obligations under various types of financial arrangements as well as general disruptions or instability in the financial markets. Such economic volatility could adversely affect our business, financial condition, results of operations, and cash flows, and future market disruptions could negatively impact us. In particular, we have in the past experienced longer sales cycles and related negotiations for prospective customers and existing customer expansions, reduced contract sizes, or generally increased scrutiny on technology spending and budgets from existing and potential customers, due in part to the effects of macroeconomic uncertainty. These customer dynamics may again occur in the future, and to the extent there is a sustained general economic downturn, a recession, or another situation where technology budgets grow at a slower rate or contract, these customer dynamics may be exacerbated.

We have employees and contractors in locations throughout the Middle East, Europe, and Asia, including in Israel. If the global effect of the ongoing conflict in Israel and the surrounding area or the ongoing conflict between Russia and Ukraine escalates or expands, our ability to conduct business in these regions could be adversely impacted, potentially resulting in delays to product development, sales and marketing, and other key business functions. Additionally, in light of reports of an increase in Russian cyber attacks in connection with the current conflict, we may face a heightened risk of state-sponsored cyber attacks in the near term. Our competitors, many of whom are larger and have greater financial resources than we do, may respond to challenging market conditions by lowering prices in an attempt to attract our customers, which may require us to respond in kind and may negatively impact our existing customer relationships and new customer acquisition strategy. In addition, the increased pace of consolidation in certain industries may result in reduced overall spending on our identity security solutions. We cannot predict the timing, strength, or duration of any economic slowdown, instability, or recovery, generally or within any particular industry.

Any failure to offer high-quality customer support may adversely affect our relationships with our customers and our financial results.

We typically bundle customer support with arrangements for our solutions. In deploying and using our platform and solutions, our customers typically require the assistance of our support teams to resolve complex technical and operational issues. We may be unable to modify the nature, scope, and delivery of our customer support to compete with changes in product support services provided by our competitors. Increased customer demand for support, without corresponding revenue, could increase costs and adversely affect our operating results. We may also be unable to respond quickly enough to accommodate short-term increases in customer demand for support. Our sales are highly dependent on our reputation and on positive recommendations from our existing customers. Any failure to maintain high-quality customer support, or a market perception that we do not maintain high-quality product support, could adversely affect our reputation and our ability to sell our solutions to existing and new customers.

24
If we fail to meet contractual commitments related to response time, service level commitments, or quality of professional services, we could be obligated to provide credits for future service or face contract termination, which could adversely affect our business, operating results, and financial condition.

Depending on the solutions purchased, our customer agreements contain service level agreements, under which we guarantee specified availability of our platform and solutions. If we are unable to meet the stated service level commitments to our customers or suffer extended periods of unavailability of our SaaS solution or other subscription offerings, we may be contractually obligated to provide affected customers with service credits or customers could elect to terminate and receive refunds for prepaid amounts. In addition, if the quality of our professional services does not meet contractual requirements, we may be required to re-perform the services at our expense or refund amounts paid for the services. Any failure to meet these contractual commitments could adversely affect our revenue, operating results, and financial condition, and any failure to meet service level commitments or extended service outages of our SaaS solution or other subscription offerings could adversely affect our business and reputation as customers may elect not to renew and we could lose future sales.

Our business depends, in part, on sales to the public sector, which are subject to a number of challenges and risks, and significant changes in the contracting or fiscal policies of the public sector could have an adverse effect on our business.

We derived approximately 12% to 13% of our revenue from sales of our solutions to federal, state, local, and foreign governments and public universities in each of the last three fiscal years, and we believe that the success and growth of our business will continue to depend in part on our successful procurement of government and other public sector contracts. Factors that could impede our ability to maintain or increase the amount of revenue derived from the public sector include:

changes in fiscal or contracting policies;

decreases in available government funding;

changes in government programs or applicable requirements;

the adoption of new laws or regulations or changes to existing laws or regulations; and

potential delays or changes in the government appropriations or other funding authorization processes.

The occurrence of any of the foregoing could cause governments, governmental agencies, and others in the public sector to delay or refrain from purchasing our solutions or otherwise have an adverse effect on our business, operating results, and financial condition.

Additionally, the sale of our solutions to the public sector is tied to budget cycles, and there are government requirements and authorizations that we may be required to meet. Further, we may be subject to audits and investigations relating to the contracts we enter into with the public sector, and violations could result in penalties and sanctions, including contract termination, refunding or forfeiting payments, fines and suspension, or debarment from future public sector business. Selling to these entities can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense. Public sector entities often require contract terms that differ from our standard arrangements and impose additional compliance requirements, require increased attention to pricing practices, or are otherwise time consuming and expensive to satisfy. For example, some of our government entity customers contract with us on the basis of our authorization under FedRAMP, which has in the past and may in the future require us to undertake additional actions and expense to ensure compliance. Public sector entities may also have statutory, contractual, or other legal rights to terminate contracts with our partners for convenience, for lack of funding, or due to a default, and any such termination may adversely impact our future results of operations. If we represent that we meet certain standards, authorizations (such as FedRAMP), or requirements and do not meet them, or if such authorizations are suspended or revoked, we could be subject to increased liability from our customers, investigation by regulators, or termination rights. Even if we do meet them, the additional costs associated with providing our service to public sector entities could harm our margins. Moreover, changes in underlying regulatory requirements could be an impediment to our ability to efficiently provide our service to public sector customers and to grow or maintain our customer base. Any of these risks related to contracting with public sector entities could adversely impact our future sales and results of operations or make them more difficult to predict.

Our failure to raise additional capital or generate cash flows necessary to expand our operations and invest in new technologies in the future could reduce our ability to compete successfully and harm our operating results.
25

We may need to raise additional funds, and we may not be able to obtain additional debt or equity financing on favorable terms, if at all. If we raise additional equity financing, our security holders may experience significant dilution of their ownership interests. If we engage in debt financing, we may be required to accept terms that restrict our ability to incur additional indebtedness, force us to maintain specified liquidity or other ratios, or restrict our ability to pay dividends or make acquisitions. If we need additional capital and cannot raise it on acceptable terms, or at all, we may not be able to, among other things:

develop and enhance our solutions;

continue to expand our product development, sales, and marketing organizations;

hire, train, and retain employees;

respond to competitive pressures or unanticipated working capital requirements; or

pursue acquisition opportunities.

We may acquire or invest in companies, which may divert our management’s attention and result in additional dilution to our stockholders. We may be unable to integrate acquired businesses and technologies successfully or achieve the expected benefits of such acquisitions, and acquisitions, particularly of development stage companies, may adversely affect our operating results and liquidity as well as our ability to meet expectations.

Our success will depend, in part, on our ability to expand our solutions and grow our business in response to changing technologies, customer demands, and competitive pressures. As we have in the past, we may in the future choose to do so through the acquisition of, or investment in, new or complementary businesses and technologies rather than through internal development. As a function of the industry in which we operate, we may acquire development stage companies that are not yet profitable, and that require continued investment, which could adversely affect our results of operations and liquidity as well as our ability to meet expectations, particularly if they were formulated prior to such acquisitions. Development stage companies generally involve a higher degree of risk and have not been proven, require additional capital to develop, and typically do not generate enough revenue to offset increased expenses associated therewith.

The identification of suitable acquisition or investment candidates can be difficult, time-consuming, and costly, and we may not be able to successfully complete identified acquisitions or investments. The risks we face in connection with acquisitions and/or investments include:

an acquisition may negatively affect our operating results because it may require us to incur charges or assume substantial debt or other liabilities, may cause adverse tax consequences or unfavorable accounting treatment, may expose us to claims and disputes by stockholders and third parties, including intellectual property claims and disputes, or may not generate sufficient financial return to offset additional costs and expenses related to the acquisition;

we may encounter difficulties or unforeseen expenditures in integrating the business, technologies, products, personnel, or operations of any company that we acquire;

an acquisition or investment may disrupt our ongoing business, divert resources, increase our expenses, and distract our management;

an acquisition may result in a delay or reduction of customer purchases for both us and the company acquired due to customer uncertainty about continuity and effectiveness of service from either company;

we may encounter difficulties in, or may be unable to, successfully sell any acquired products or effectively integrate them into or with our existing solutions;

our use of cash to pay for acquisitions or investments would limit other potential uses for our cash;

if we incur debt to fund any acquisitions or investments, such debt may subject us to material restrictions on our ability to conduct our business; and

26
if we issue a significant amount of equity securities in connection with future acquisitions, existing stockholders may be diluted and earnings per share may decrease.

The occurrence of any of these risks could adversely affect our business, operating results, and financial condition.

If our estimates or judgments relating to our critical accounting policies prove to be incorrect, our operating results could be adversely affected.

The preparation of financial statements in conformity with U.S. generally accepted accounting principles (“GAAP") requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in Part II, Item 7, “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities, and equity and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements include those related to the fair value allocation of multiple performance obligations in revenue recognition, the expected period of benefit of contract acquisition costs, the assumptions underlying the fair value used for equity-based compensation expense and estimated useful lives, and impairment of intangible assets and goodwill arising from business combinations. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of securities analysts and investors, resulting in a decline in the trading price of our common stock.

Changes in existing financial accounting standards or practices, or taxation rules or practices, may harm our operating results.

Changes in existing accounting or taxation rules or practices, new accounting pronouncements or taxation rules, or varying interpretations of current accounting pronouncements or taxation practice could harm our operating results or the manner in which we conduct our business. Further, such changes could potentially affect our reporting of transactions completed before such changes are effective.

GAAP is subject to interpretation by the Financial Accounting Standards Board (“FASB”), the SEC, and various bodies formed to promulgate and interpret appropriate accounting principles. A change in these principles or interpretations could have a significant effect on our reported financial results and could affect the reporting of transactions completed before the announcement of a change. Adoption of such new standards and any difficulties in implementation of changes in accounting principles, including the ability to modify our accounting systems, could cause us to fail to meet our financial reporting obligations, which could result in regulatory discipline and harm investors’ confidence in us.

We track certain business and operational metrics, which are subject to inherent challenges in measurement, and real or perceived inaccuracies in such metrics may harm our reputation and materially adversely affect our stock price, business, results of operations, and financial condition.

We track certain business and operational metrics, including metrics such as ARR, SaaS ARR, and dollar-based net retention rate, which may differ from estimates or similar metrics published by third parties due to differences in sources, methodologies, or the assumptions on which we rely. Our internal systems and tools are subject to a number of limitations, and our methodologies for tracking these metrics may change over time, which could result in unexpected changes to our metrics, including the metrics we publicly disclose. If the internal systems and tools we use to track these metrics undercount or overcount performance or contain algorithmic or other technical errors, the data we report may not be accurate.

If our solutions fail to help our customers achieve and maintain compliance with certain government regulations and industry standards, our business and operating results could be materially and adversely affected.

We believe we generate a portion of our revenues from our solutions because our customers use our solutions as part of their efforts to achieve and maintain compliance with certain government regulations and industry standards, and we expect that will continue for the foreseeable future. Examples of industry standards and government regulations include the Federal Information Security Management Act (FISMA) and associated National Institute for Standards and Testing ("NIST") Network Security Standards; the Sarbanes-Oxley Act; the Payment Card Industry Data Security Standard (PCI-DSS); Title 21 of the U.S. Code of Federal Regulations, which governs food and drug industries; the North American Electric Reliability Corporation Critical Infrastructure Protection Plan (NERC-CIP); the GDPR; the German Federal Financial Supervisory Authority (BaFin) Minimum Requirements for Risk Management; and the Monetary Authority of Singapore’s Technology Risk Management
27
Notices. These industry standards may change with little or no notice, including changes that could make them more or less onerous for businesses. In addition, governments may also adopt new laws or regulations, or make changes to existing laws or regulations, that could affect whether our customers believe our solution assists them in maintaining compliance with such laws or regulations. If our solutions fail to expedite our customers’ compliance initiatives, our customers may lose confidence in our solutions and could switch to those offered by our competitors. In addition, if government regulations and industry standards related to IT security are changed in a manner that makes them less onerous, our customers may view compliance as less critical to their businesses, and our customers may be less willing to purchase our solutions. In either case, our sales and financial results would suffer.

Our success depends on the experience and expertise of our senior management team and key employees. If we are unable to hire, retain, train, and motivate our personnel, or to maintain our corporate culture, our business, operating results, and prospects may be harmed.

Our success has depended, and continues to depend, on the efforts and talents of our senior management team and key employees, including our Chief Executive Officer, leadership team, engineers, product managers, sales and marketing personnel, and professional services personnel. Our future success will also depend upon our continued ability to identify, hire, and retain additional skilled and highly qualified personnel, which will require significant time, expense, and attention.

The majority of our employees, including all of our officers and key employees, are employed on an at-will basis, which means that they could terminate their employment with us at any time. The loss of one or more members of our senior management team, particularly if closely grouped, could adversely affect our ability to execute our business plan and thus, our business, operating results, and prospects. We do not maintain key man insurance on any of our officers or key employees, and we may not be able to find adequate replacements.

Competition for well-qualified employees in all aspects of our business, including sales, professional services, and software engineering, is intense. We have from time to time experienced, and may in the future have, difficulty hiring and retaining employees with appropriate qualifications, and many of the companies with which we compete for experienced personnel have greater resources than we have. We may need to invest significant amounts of cash and equity to attract and retain new employees, and we may never realize returns on these investments. Additionally, many of our employees may be able to receive significant proceeds from sales of our common stock in the public markets following the expiration of applicable lock-up periods, which may reduce their motivation to continue to work for us.

We believe that our corporate culture has been and will continue to be a key contributor to our success. The size of our workforce has grown significantly in recent years, and we expect headcount growth to continue for the foreseeable future. If we are not able to maintain our corporate culture as we grow, we may be unable to continue to foster the innovation, integrity, and collaboration we believe we need to support our growth, which could adversely affect our business.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our results of operations.

Our platform and solutions are billed in multiple currencies, and therefore, a portion of our revenue is subject to foreign currency risk. A strengthening of the U.S. dollar could increase the real cost of our platform and solutions to our customers outside of the United States, which could also adversely affect our results of operations. In addition, an increasing portion of our operating expenses are incurred outside the United States. These operating expenses are denominated in foreign currencies and are subject to fluctuations due to changes in foreign currency exchange rates. While we do not currently hedge against the risks associated with currency fluctuations, if our foreign currency risk increases in the future and we are not able to successfully hedge against the risks associated with currency fluctuations, our results of operations would be adversely affected.

Our business could be disrupted by catastrophic events.

Occurrence of any catastrophic event, including earthquake, fire, flood, tsunami, or other weather event, power loss, telecommunications failure, software or commodity appliance malfunction, cyber attack, war, terrorist attack, explosion, or pandemic could impact our business. Our insurance coverage may not compensate us for losses that may occur in the event of a significant natural disaster. Additionally, we rely on third-party systems and enterprise applications, technology systems, and our website for our development, marketing, operational support, hosted services, and sales activities. In the event of a catastrophic event, we may be unable to continue our operations and may endure system interruptions, reputational harm, delays in our product development, lengthy interruptions in our identity security solutions, and breaches of data security, all of which could have an adverse effect on our results of operations. If we are unable to develop adequate plans to ensure that our
28
business functions continue to operate during and after a disaster and to execute successfully on those plans in the event of a disaster or emergency, our business would be harmed.

Risks Related to Our Technology and Our Intellectual Property Rights

Our introduction and use of AI, and the integration of AI with our solutions, may not be successful and may present business, compliance, and reputational challenges, which could lead to operational or reputational damage, competitive harm, legal and regulatory risk, and additional costs, any of which could adversely affect our business, financial condition, and results of operations.

We have incorporated, and expect to continue to incorporate, AI in our solutions, and this incorporation of AI in our business and operations may become more significant over time. The use of generative AI, a relatively new and emerging technology in the early stages of commercial use, exposes us to additional risks, such as potential damage to our reputation, competitive position, and business, legal and regulatory risks, and additional costs. For example, generative AI has been known to produce false or “hallucinatory” inferences or output, and certain generative AI uses ML and predictive analytics, which can create inaccurate, incomplete, or misleading content, unintended biases, and other discriminatory or unexpected results, errors, or inadequacies, any of which may not be easily detectable by us or any of our related service providers. Accordingly, while AI systems may help provide more tailored or personalized user experiences, if the content, analyses, or recommendations that AI systems assist in producing in our solutions are, or are perceived to be, deficient, inaccurate, biased, unethical, or otherwise flawed, our reputation, competitive position, and business may be materially and adversely affected. In addition, new laws and regulations, or the interpretation of existing laws and regulations, in any of the jurisdictions we operate in may affect the use of our AI systems and our use of third-party AI tools and solutions and may expose us to government enforcement or civil suits.

As the legal and regulatory framework encompassing AI matures, it may result in increases in our operational and development expenses that impact our ability to earn revenue from or utilize any AI systems. Any of the foregoing and any similar issues, whether actual or perceived, could negatively impact our users’ experience and diminish the perceived quality and value of our offerings. This in turn could damage our brand, reputation, competitive position, and business. Additionally, if any of our employees, contractors, consultants, vendors, or service providers use any third-party AI-powered tools or solutions in connection with our business or the services they provide to us, it may lead to the inadvertent disclosure or incorporation of our confidential information into publicly available training sets, which may impact our ability to realize the benefit of, or adequately maintain, protect, and enforce our intellectual property or confidential information, harming our competitive position and business. Our ability to mitigate risks associated with disclosure of our confidential information, including in connection with AI systems, will depend on our implementation, maintenance, monitoring, and enforcement of appropriate technical and administrative safeguards, policies, and procedures governing the use of AI in our business.

Additionally, any output created by us using AI tools may not be subject to copyright protection, which may adversely affect our intellectual property rights in, or ability to commercialize or use, any such content. In the United States, a number of civil lawsuits have been initiated related to the foregoing and other concerns, any one of which may, among other things, require us to limit the ways in which our AI systems are trained and may affect our ability to develop our AI-powered solutions. For example, the output produced by AI tools may include information subject to certain privacy or right of publicity laws or constitute an unauthorized derivative work of the copyrighted material used in training the underlying AI model, any of which could also create a risk of liability for us, or adversely affect our business or operations. AI-related lawsuits to date have generally focused on AI service providers, which may increase our risks of liability. In addition, the use of AI has resulted in, and may in the future result in, cybersecurity breaches, incidents, or disruptions that implicate the personal information of clients of AI systems. To the extent that we do not have sufficient rights to use the data or other material or content used in or produced by the AI tools used in our business, or if we experience cybersecurity incidents in connection with our use of AI, it could adversely affect our reputation and expose us to legal liability or regulatory risk, including with respect to third-party intellectual property, privacy, data protection and cybersecurity, publicity, contractual, or other rights. Further, our competitors or other third parties may incorporate AI into their products more quickly or more successfully than us, which could impair our ability to compete effectively.

As the utilization of AI becomes more prevalent, we anticipate that it will continue to present new or unanticipated ethical, reputational, technical, operational, legal, competitive, and regulatory issues, among others. We expect that our incorporation of AI in our business will require additional resources, including the incurrence of additional costs, to develop and maintain our solutions and features to minimize potentially harmful or unintended consequences, to comply with applicable and emerging laws and regulations, to maintain or extend our competitive position and to address any ethical, reputational, technical, operational, legal, competitive, or regulatory issues which may arise as a result of any of the foregoing. As a result, the challenges presented with our use of AI could adversely affect our business, financial condition, and results of operations.
29

Our ability to introduce new identity security solutions and features is dependent on adequate research and development resources and our ability to successfully complete acquisitions. If we do not adequately fund our research and development efforts or complete acquisitions successfully, we may not be able to compete effectively, and our business and results of operations may be harmed.

To remain competitive, we must continue to offer new data security solutions and enhancements to our platform and existing solutions. This is particularly true as we further expand and diversify our capabilities. Maintaining adequate research and development resources, such as the appropriate personnel and development technology, to meet the demands of the market is essential. If we elect not to or are unable to develop solutions internally due to certain constraints, such as high employee turnover, lack of management ability, or a lack of other research and development resources, we may choose to expand into a certain market or strategy via an acquisition for which we could potentially pay too much or fail to successfully integrate into our operations. We may acquire or invest in companies, which may divert our management’s attention and result in additional dilution to our stockholders. For additional information about the risks we face in connection with acquisitions, see “—Risks Related to Our Business and Industry—We may acquire or invest in companies, which may divert our management’s attention and result in additional dilution to our stockholders. We may be unable to integrate acquired businesses and technologies successfully or achieve the expected benefits of such acquisitions, and acquisitions, particularly of development stage companies, may adversely affect our operating results and liquidity as well as our ability to meet expectations.” Further, many of our competitors expend a considerably greater amount of funds on their respective research and development programs, and those that do not may be acquired by larger companies that would allocate greater resources to our competitors’ research and development programs. Our failure to maintain adequate research and development resources or to compete effectively with the research and development programs of our competitors would give an advantage to such competitors, and our business, financial condition, and results of operations could be adversely affected. Moreover, there is no assurance that our research and development or acquisition efforts will successfully anticipate market needs and result in significant new marketable solutions or enhancements to our solutions, design improvements, cost savings, revenues, or other expected benefits. If we are unable to generate an adequate return on such investments, we may not be able to compete effectively, and our business and results of operations may be adversely affected.

Cyber attacks or other cybersecurity breaches, incidents, or disruptions with respect to our networks, systems, or applications, including unauthorized access to, or disclosure or other processing of, our proprietary, confidential, or sensitive information, including personal information, could disrupt our operations, compromise sensitive information related to our business or personal information processed by us or on our behalf, and expose us to liability, which could harm our reputation and adversely affect our business, financial condition, and results of operations, and as we grow, we may become a more attractive target for cyber attacks.

Our solutions analyze and otherwise process proprietary and confidential information, including personal information. Increasingly, companies in our industry are subject to a wide variety of attacks on their networks and systems. As a well-known provider of identity security solutions, we pose an attractive target for such attacks, and as our footprint grows larger, we may become an even more attractive target for cyber attacks. We have previously experienced, and may in the future experience, various attempts to access or disrupt our networks, systems, and applications. We face threats from a variety of sources, including sophisticated nation-state and nation-state supported actors, cyber criminals, terrorists, and politically motivated groups or individuals that pose risks to our internal networks, our platform, our third-party service providers, and our customers’ systems and the proprietary, confidential, or sensitive information, including personal information processed by us or on our behalf.

The nature of the attacks perpetrated against us may include theft of sensitive information, exploitation of our solutions as part of a supply chain attack against our customers, manipulation of data, ransomware, or others. Any of these attacks, if successful, can lead to significant interruptions in our operations, loss of sensitive data and income, reputational harm, and diversion of funds. In the case of ransomware, extortion payments may alleviate the negative impact of a ransomware attack, but we may be unwilling or unable to make such payments due to, for example, applicable laws or regulations prohibiting such payments. We do expend and may be required to expend significantly more capital and financial resources in the future to protect against any such threats or to alleviate problems caused by breaches in security.

Moreover, future or past business transactions (such as acquisitions or integrations) could expose us to additional cybersecurity risks and vulnerabilities, as our systems could be negatively affected by vulnerabilities present in acquired or integrated entities’ systems and technologies. Furthermore, we may discover security issues that were not found during due diligence of such acquired or integrated entities, and it may be increasingly difficult to integrate companies into our IT environment and security program successfully, or at all.
30

Despite significant efforts to create security barriers to safeguard against such threats, it is impossible for us to entirely mitigate these risks. Despite our security measures, our and our third-party service providers’ IT and infrastructure may be vulnerable to security risks, including unauthorized access to, use, or disclosure of customer data, theft of proprietary information, employee error or misconduct, denial of service attacks, loss or corruption of customer data, and computer hacking attacks or other cyber attacks subsequently originated from our infrastructure. The security measures we have integrated into our internal networks and platform, which are designed to detect unauthorized activity, protect our proprietary, confidential, or sensitive information, including personal information, prevent data loss and prevent or minimize security breaches, incidents, or disruptions, may not function as expected or may not be sufficient to protect our internal networks and platform against certain attacks. In addition, techniques used to sabotage or obtain unauthorized access to networks in which data is stored or through which data is transmitted change frequently, generally are not recognized until launched against a target, and may be difficult to discover for an extended period. Even if identified, we may be unable to adequately investigate or remediate incidents or breaches due to attackers increasingly using tools and techniques that are designed to circumvent controls, to avoid detection, and to remove or obfuscate forensic evidence. For example, threat actors may leverage emerging AI technologies to develop new hacking tools and attack vectors, exploit vulnerabilities, obscure their activities, and increase the difficulty of threat attribution and remediation. Such cyber attacks and other cybersecurity breaches, incidents, or disruptions may continue to evolve in frequency and sophistication, and as a result, we may be unable to anticipate these techniques or reasonably implement adequate preventative measures to prevent an electronic intrusion into our networks.

If an actual or perceived breach of our or our third-party service providers’ security occurs, whether as result of third-party action, employee error, malfeasance, or otherwise, the market perception of the effectiveness of our security measures could be harmed, our brand and reputation could be impacted, we could lose potential sales and existing customers, our ability to operate our business could be impaired, we could be subject to litigation, government enforcement actions, additional reporting requirements, and restrictions on data processing, and we may incur significant liabilities. Some of our contracts may not contain limitations of liability, and even where they do, there can be no assurance that any such limitations of liability are sufficient to protect us from liabilities, damages, or claims related to any such breaches. Additionally, while our insurance policies include liability coverage for certain breaches, subject to retention amounts that could be substantial, we cannot be sure that our insurance coverage will be sufficient to protect us from liabilities, damages, or claims related to any such breaches, that such coverage will continue to be available on commercially reasonable terms or at all or that such coverage will pay future claims. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or larger deductibles, could adversely affect our business, financial condition, and results of operations. Moreover, failure to maintain effective internal accounting controls related to identity security breaches and cybersecurity in general could impact our ability to produce timely and accurate financial statements and could subject us to regulatory scrutiny and/or government enforcement actions. Further, our solutions may be perceived as less desirable, which could negatively affect our business and damage our reputation. Our ability to retain existing customers, expand solutions, and use case penetration with existing customers and acquire new customers is dependent upon our reputation as a trusted intelligent security provider. The importance of our reputation in retaining existing business and acquiring new business is heightened by our focus on enterprise customers. In addition, we have a number of customers that operate in highly-regulated industries where our customers’ data is particularly sensitive, such as financial services and healthcare. A network or security breach could damage our relationships with customers, result in the loss of customers across one or more use case or solution, and make it more challenging to acquire new customers, and such damage would likely be heightened in the event a network or security breach occurred in the highly-regulated industries we serve. Because techniques used to obtain unauthorized access to, or sabotage, systems change frequently and may not be recognized until launched against a target, we and our customers may be unable to anticipate these techniques or implement adequate preventive measures.

Our operations involve analyzing and processing our customers’ and other third parties’ confidential and proprietary information, including, in some cases, personally identifiable information. We have legal and contractual obligations to protect the confidentiality and appropriate use of such information, including customer data. As a result, security incidents impacting our platform or the systems of our third-party service providers could result in a risk of loss or unauthorized access to or disclosure of the information we process on behalf of our customers. This, in turn, could require notification under applicable data privacy regulations and could lead to litigation, governmental audits and investigations, and possible liability, damage our relationships with our existing customers, trigger indemnification and other contractual obligations, cause us to incur investigation, mitigation, and remediation expenses, and have a negative impact on our ability to attract and retain new customers. Furthermore, any such incident, including a breach of our customers’ systems, could compromise our networks or networks secured by our solutions, creating system disruptions or slowdowns and exploiting security vulnerabilities of our or our customers’ networks, and the information stored on our or our customers’ systems could be accessed or disclosed without authorization, altered, lost, or stolen, which could subject us to liability and cause us financial harm. An actual or perceived breach of our networks, our customers’ networks, those of our third-party service providers or other networks secured by our
31
solutions, whether or not due to a vulnerability in our platform, may also undermine confidence in our platform or our industry and result in expenditure of significant resources in efforts to analyze, correct, eliminate, or work around errors or defects, delayed or lost revenue, delay in the development or release of new solutions, an increase in collection cycles for accounts receivable, damage to our brand and reputation, negative publicity, loss of channel partners, customers and sales, increased costs to remedy any problem, increased insurance expense, and costly litigation.

In addition, if a high-profile security incident occurs with respect to another identity security solution provider, our customers and potential customers may lose trust in the value of the identity security solution business model generally, including the security of our solutions, which could adversely impact our ability to retain existing customers or attract new ones, potentially causing a negative impact on our business. Any of these negative outcomes could adversely impact market acceptance of our solutions and could adversely affect our business, results of operations, and financial condition.

Interruptions, outages, or other disruptions affecting the delivery of our SaaS solution, or any of the third-party cloud-based systems that we use in our operations, may adversely affect our business, operating results, and financial condition.

Our continued growth depends in part on the ability of our existing customers and new customers to consistently access our platform and solutions at any time and within an acceptable amount of time. In addition, our ability to access certain third-party SaaS solutions, including those of our service providers, is important to our operations and the delivery of our customer support and professional services. We have experienced, and may in the future experience, service disruptions, outages, and other performance problems both in the delivery of our SaaS solution and in third-party SaaS solutions we use due to a variety of factors, including infrastructure changes, malicious actors, human or software errors, or capacity constraints. In some instances, we may not be able to identify the cause or causes of these performance problems within an acceptable period of time. If our SaaS solution or the third-party SaaS solutions we depend on are unavailable or if our customers are unable to access features of our SaaS solution within a reasonable amount of time or at all, our business would be negatively affected.

We host our SaaS solution primarily using AWS data centers. Our related operations depend on protecting the virtual cloud infrastructure hosted in AWS by maintaining its configuration, architecture, features, and interconnection specifications, as well as the information stored in these virtual data centers and which third-party internet service providers transmit. Although we have disaster recovery plans that utilize multiple AWS locations, any incident affecting their infrastructure that may be caused by fire, flood, severe storm, earthquake, or other natural disasters, cyber attacks, terrorist, or other attacks, public health issues, or other similar events beyond our control could negatively affect our SaaS platform. A prolonged AWS service disruption affecting our SaaS platform for any of the foregoing or other reasons would negatively impact our ability to serve our customers and could damage our reputation with current and potential customers, expose us to liability, cause us to lose customers, or otherwise harm our business. We may also incur significant costs for using alternative equipment or taking other actions in preparation for, or in reaction to, events that damage the AWS services we use, which would also likely require significant investments of time. In addition, AWS may terminate the agreement by providing 30 days’ prior written notice and may, in some cases, terminate the agreement immediately for cause upon notice. In the event that our AWS service agreements are terminated, or there is a lapse of service, elimination of AWS services or features that we utilize, interruption of internet service provider connectivity, or damage to such facilities, we could experience interruptions in access to our platform as well as significant delays and additional expense in arranging or creating new facilities and services and/or re-architecting our SaaS solution for deployment on a different cloud infrastructure service provider, which may adversely affect our business, operating results, and financial condition.

We rely on third-party software to provide many essential financial and operational services to support our business. Some of these vendors are less established and have shorter operating histories than traditional software vendors. Moreover, many of these vendors, including Salesforce, NetSuite, Workday, and ServiceNow, provide their services to us via a cloud-based model instead of software that is installed on our premises. As a result, we depend upon these vendors to provide us with services that are always available and are free of errors or defects that could cause disruptions in our business processes. Interruptions, outages, or other disruptions affecting SaaS solutions that we rely on can significantly impact our business, operating results, and financial condition. Such disruptions could cause operational delays, inefficiencies, and customer dissatisfaction, which could result in increased customer churn, revenue loss, and increased mitigation costs and potential penalties for not meeting service-level agreements. Frequent or significant disruptions could damage our reputation, making it harder to attract and retain customers. Additionally, service disruptions can result in non-compliance with regulatory requirements, which could lead to legal penalties and increased scrutiny.

32
If we fail to adapt and respond effectively to rapidly changing technology, evolving industry standards, changing regulations, and changing customer needs, requirements, or preferences, our platform and solutions may become less competitive.

The market in which we compete is relatively new and subject to rapid technological change, evolving industry standards, and changing regulations, as well as changing customer needs, requirements, and preferences. The success of our business will depend, in part, on our ability to adapt and respond effectively to these changes on a timely basis. In addition, as our customers’ technologies and business plans grow more complex, we expect them to face new and increasing challenges. Our customers require that our solution effectively identifies and responds to these challenges without disrupting the performance of our customers’ IT systems. As a result, we must continually modify and improve our solutions and introduce or acquire new solutions in response to changes in our customers’ IT infrastructures.

We may be unable to anticipate future market needs and opportunities or be able to develop enhancements to our platform or existing solutions or new solutions to meet such needs or opportunities in a timely manner, if at all. Even if we are able to anticipate, develop, and commercially introduce enhancements to our platform and existing solutions and new solutions, those enhancements and new solutions may not achieve widespread market acceptance. Our enhancements or new solutions could fail to attain sufficient market acceptance for many reasons, including:

delays in releasing platform or solutions enhancements or new solutions;

inability to interoperate effectively with existing or newly introduced technologies, systems, or applications of our existing and prospective customers;

defects, errors, or failures in our platform or solutions;

negative publicity about the performance or effectiveness of our platform or solutions;

introduction or anticipated introduction of competing products by our competitors;

installation, configuration, or usage errors by our customers or partners; and

changing of regulatory requirements related to security.

If we were unable to enhance our platform or existing solutions or develop new solutions that keep pace with rapid technological and industry change, our business, operating results, and financial condition could be adversely affected. If new technologies emerge that are able to deliver competitive products and services at lower prices, more efficiently, more conveniently, or more securely, such technologies could adversely impact our ability to compete effectively.

Real or perceived errors, failures, or disruptions in our platform and solutions could adversely affect our customers’ satisfaction with our solutions and/or our industry reputation and business could be harmed.

Our platform and solutions are very complex and have contained and may contain undetected defects, vulnerabilities, or errors, especially when solutions are first introduced or enhanced. Our platform and solutions are often used in connection with large-scale computing environments with different operating systems, system management software, equipment, and networking configurations, which may cause errors or failures of products, or other aspects of the computing environment into which our solutions are deployed. If our platform and solutions are not implemented or used correctly or as intended, inadequate performance and disruption of service may result. In addition, deployment of our platform and solutions into complicated, large-scale computing environments may expose errors, failures, or vulnerabilities in our solutions. Any such errors, failures, or vulnerabilities may not be found until after they are deployed to our customers. Some of our software and features are powered by ML and AI, which depend on datasets and algorithms that could be flawed, including through inaccurate, insufficient, outdated, or biased data. From time to time, we have experienced errors, failures, and bugs in our platform that have resulted in customer downtime, and we cannot assure you that we will be able to mitigate future errors, failures, vulnerabilities, or bugs in a quick or cost-effective manner.

We and certain of our third-party service providers have in the past experienced, and may in the future experience, performance issues due to a variety of factors, including infrastructure changes, human or software errors, website, or third-party hosting disruptions or capacity constraints due to a number of potential causes including technical failures, cyber attacks, security incidents, natural disasters, or fraud. We have also been the target of distributed denial of service attacks and other
33
cybersecurity attacks that attempt to disrupt our services. If our or our third-party service providers’ products, solutions, or corporate security are compromised, our website, professional services, customer support, or SaaS solution is unavailable, or there are flaws in our ML and AI processes, our business could be negatively affected. Moreover, if our security measures or solutions or third-party service providers are subject to cyber attacks that degrade or deny the ability of users to access our website or other solutions, our solutions may be perceived as insecure, and we may incur significant legal and financial exposure. In particular, our cloud-based solutions may be especially vulnerable to interruptions, performance problems, or cyber attacks. Furthermore, our solutions may not help detect situations in which a valid user identity has been compromised, for example as part of a highly sophisticated cyber attack of the type described below. If we, our third-party service providers, our partners, or one or more customers were to suffer a highly publicized breach, even if our platform and solutions perform effectively, such a breach could cause our customers or potential customers to lose trust in our identity security solutions in general, which could cause us to suffer reputational harm, lose existing commercial relationships and customers, or deter them from purchasing additional products, and prevent new customers from purchasing our solutions. Highly publicized cybersecurity events have heightened consumer, legislative, and regulatory awareness of these kinds of cybersecurity risks, while further emboldening individuals or groups to target IT systems more aggressively, highlighting the vulnerability of IT supply chains.

We continue to invest in the personnel, infrastructure, and third-party best practice software solutions and services necessary to mitigate these risks. However, if we are unable to attract and retain personnel with the necessary cybersecurity expertise, or fail to implement sufficient safeguarding measures, we may not be able to prevent, detect, and mitigate potentially disruptive events which could occur in the future. In some instances, we may not be able to identify the cause or causes of these events within an acceptable period of time. Even with these investments, we may not be able to stop a complex and sophisticated cyber attack. Such attacks can be particularly difficult to prevent or fully mitigate when they occur in the supply chain. If we are or become a target of such an attack, we may not be able to prevent, detect, and mitigate such an attack, which could cause disruptions in service or other performance problems, hurt our reputation and our ability to attract new customers and retain existing customers, and damage our customers’ businesses.

Since our customers use our platform and solutions for important aspects of their security environment and operational business, any real or perceived errors, failures, or vulnerabilities in our solutions, or disruptions in service or other performance problems, could hurt our reputation and may damage our customers’ businesses. Furthermore, defects, errors, vulnerabilities, or failures in our platform or solutions may require us to implement design changes or software updates. Any defects, vulnerabilities, or errors in our platform or solutions, or the perception of such defects, vulnerabilities, or errors, could result in: (i) expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work around errors or defects; (ii) loss of existing or potential customers or channel partners; (iii) delayed or lost revenue; (iv) delay or failure to attain market acceptance; (v) delay in the development or release of new solutions; (vi) negative publicity, which will harm our reputation; (vii) an increase in collection cycles for accounts receivable or the expense and risk of litigation; and (viii) harm to our operating results.

The contractual protections we have in our standard terms and conditions of sale, such as warranty disclaimers and limitation of liability provisions, may not fully or effectively protect us from claims by customers, commercial relationships, or other third parties. Any insurance coverage we may have may not adequately cover all claims asserted against us or may cover only a portion of such claims. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation and the diverting of management’s time and other resources.

If our platform and solutions do not effectively interoperate with our customers’ existing or future IT infrastructure and applications, implementations could be delayed or cancelled, which would harm our business.

Our success depends on the interoperability of our platform and solutions with third-party applications and data that we have not developed and do not control. Any changes in such applications or data that degrade the functionality of our platform or solutions or give preferential treatment to competitive software could adversely affect the adoption and usage of our solutions. We may not be successful in adapting our platform or solutions to operate effectively with these applications or data. If it is difficult for our customers to access and use our platform or solutions, or if our platform or solutions cannot connect a broadening range of applications and data, then our customer growth and retention may be harmed, and our business and operating results could be adversely affected.

Incorrect or improper implementation or use of our platform and solutions could result in customer dissatisfaction and harm our business, financial condition, and results of operations.

34
Our platform and solutions are deployed in a wide variety of IT infrastructures, including large-scale, complex technology environments, and we believe our future success will depend, at least in part, on our ability to support such deployments. Implementations of our platform and solutions may be technically complicated, and it may not be easy to maximize the value of our platform and solutions without proper implementation, training, and support. Some of our customers have experienced difficulties implementing our platform and solutions in the past and may experience implementation difficulties in the future. If we or our customers are unable to implement our platform and solutions successfully, customer perceptions of our platform and solutions may be impaired, our reputation and brand may suffer, or customers may choose not to renew their subscriptions or purchase additional identity security solutions from us.

Any failure by customers to appropriately implement our platform and solutions or any failure of our platform and solutions to effectively integrate and operate within our customers’ data management infrastructure could result in customer dissatisfaction, impact the perceived reliability of our platform and solutions, result in negative press coverage, negatively affect our reputation, and harm our business, financial condition, and results of operations.

We use third-party licensed software, third-party licensed services, and cloud services subscriptions in or with our solutions, and the inability to maintain these licenses and subscriptions or issues with the software we license or services we leverage could result in increased costs or reduced service levels, which would adversely affect our business.

Our solutions include software or other intellectual property licensed from certain third parties, and we use certain software and other intellectual property licensed from third parties in our business. We anticipate that we will continue to rely on such third-party software and intellectual property in the future, and from time to time, we may be required to renegotiate our current third-party licenses or license additional technology from third parties to develop new solutions or enhancements thereto or to facilitate new business models. This exposes us to risks over which we may have little or no control. For example, the third-party software we currently license may not always be available, or available on commercially reasonable terms, and we may not have access to alternative third-party software in the event of any issues with such software. In addition, a third party may assert that we or our customers are in breach of the terms of applicable licenses, which could, among other things, force us to cease use of such software and give such third party the right to terminate the applicable license or seek damages from us, or both. Additionally, we may not have the right to control the maintenance, prosecution, preparation, filing, enforcement, defense, or litigation of intellectual property that we license from third parties and are reliant on our licensors to do so. We also cannot be certain that activities such as intellectual property protection, maintenance, prosecution, and enforcement by our licensors have been or will be conducted consistent with our best interests or in compliance with applicable laws and regulations or will result in valid and enforceable intellectual property rights. It is possible that our licensors’ infringement proceedings or defense activities may be less vigorous than had we conducted them ourselves or may not be conducted in accordance with our best interests. Furthermore, we cannot be certain that our licensors are not infringing, misappropriating, or otherwise violating the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may offer our solutions. Our inability to obtain or maintain certain licenses or other rights, to obtain or maintain such licenses or rights on favorable terms, or the need to engage in litigation or any other proceedings regarding these matters could result in delays in releases of new solutions and could otherwise disrupt our business, until equivalent technology can be identified, licensed, or developed, if at all. Also, to the extent that our platform and solutions depend upon the successful operation of third-party software in conjunction with our software, any undetected errors, vulnerabilities, compromises, or defects in such third-party software could prevent the deployment or impair the functionality of our solutions, delay new feature introductions, result in a failure of our platform, and injure our reputation. Any of the foregoing could materially adversely affect our business, financial condition, and results of operations.

If we fail to obtain, maintain, protect, defend, or adequately enforce our intellectual property or proprietary rights, our competitive position could be impaired, and we may lose valuable assets, generate reduced revenue, and incur costly litigation to protect our rights.

We regard the protection of our copyrights, proprietary software, trademarks, domain names, trade secrets, and other intellectual property rights as critical to our success. We rely and expect to continue to rely on a combination of copyright, trademark, patent, trade secret, and unfair competition laws, as well as confidentiality procedures and agreements, protective covenant agreements, and other contractual protections with our employees, independent contractors, advisers, channel partners, resellers, and customers to protect our trade secrets, proprietary information, and intellectual property rights.

We strive to protect our intellectual property rights by relying on foreign, federal, state, and common law rights, as well as certain contractual restrictions. However, the steps we take to protect our intellectual property and proprietary rights, including physical, operational, and managerial protections of our confidential information, contractual obligations of confidentiality, assignment agreements with our employees and contractors, license agreements, the prosecution, defense,
35
enforcement, protection, and maintenance of registrations and applications for registration of intellectual property rights, and the defense and enforcement of common law rights require significant resources and may be inadequate. Effective trade secret, copyright, trademark, patent, and domain name protection is expensive to develop and maintain, both in terms of initial and ongoing registration requirements and expenses and the costs of defending and enforcing our rights. Given the costs and expenses of obtaining, maintaining, protecting, exploiting, defending, and enforcing our intellectual property rights, we may choose not to obtain, maintain, protect, exploit, defend, or enforce certain intellectual property rights that later turn out to be important. We cannot guarantee that our efforts to obtain, maintain, protect, exploit, defend, or enforce our intellectual property rights are adequate or that we have secured, or will be able to secure, appropriate permissions or protections for all of the intellectual property rights we use or rely on.

Our registered or unregistered trademarks, trade names, or other intellectual property rights may be challenged, infringed, diluted, circumvented, misappropriated, or otherwise violated or declared invalid or unenforceable or determined to be infringing on or dilutive of other marks. Our domain names and social media handles may also be misappropriated or otherwise misused. Further, at times, competitors may adopt trade names, trademarks, domain names, or social media handles similar to ours, thereby impeding our ability to build, maintain, or extend brand identity and possibly leading to market confusion or brand dilution. Furthermore, even if we are able to obtain intellectual property rights, any challenge to our intellectual property rights could result in them being narrowed in scope or declared invalid or unenforceable. Litigation may become necessary to enforce our intellectual property rights, protect our trade secrets, or determine the validity and scope of proprietary rights claimed by others. We may be unable to prevent the misappropriation or disclosure of our proprietary information or deter independent development of similar technologies by others, which may diminish the value of our brand and other intangible assets and allow competitors to more effectively mimic our solutions.

While it is our policy to require our employees, contractors, and other parties with whom we conduct business who may be involved in the conception or development of intellectual property for us to execute agreements assigning such intellectual property to us, we may be unsuccessful in executing such an agreement with each party who, in fact, conceives or develops intellectual property that we regard as our own. Additionally, any such assignment of intellectual property rights may not be self-executing or the assignment agreements may be breached, and we may be forced to bring claims against third parties, or defend claims that they may bring against us, to determine the ownership of what we regard as our intellectual property. Further, although it is our policy to enter into confidentiality agreements with employees and third parties to protect our trade secrets and other proprietary rights, we cannot guarantee that we have entered into such agreements with each party that has or may have had access to our trade secrets, confidential information, software, or other proprietary technology and, even if entered into, these agreements may otherwise fail to effectively prevent disclosure of our proprietary or confidential rights, information, or technologies, may be limited as to their term, or may not provide an adequate remedy in the event of unauthorized disclosure, misappropriation, use, or other violation of our trade secrets, confidential information, and other proprietary rights or technologies.

We pursue the registration or protection of our domain names and trademarks in the United States and in certain jurisdictions abroad. However, the laws of some foreign countries do not protect our intellectual property to the same extent as the laws of the United States, and effective intellectual property protection and enforcement mechanisms may not be available in those jurisdictions, which could make it difficult for us to stop the infringement, misappropriation, dilution, or other violation of our intellectual property or marketing of competing products or solutions in violation of our intellectual property rights generally. We may need to expend additional resources to defend our intellectual property in these countries. Any of the foregoing could adversely affect our business, financial condition, and results of operations.

We may be subject to intellectual property rights claims by third parties, including contractual counterparties, which may be costly to defend, result in damage to our reputation, and could require us to pay significant damages, limit our ability to use certain technologies, and adversely affect our business, financial condition, and results of operations.

Companies in the software and technology industries, including some of our current and potential competitors, own large numbers of patents, copyrights, trademarks, trade secrets, and other intellectual property rights and frequently enter into litigation based on allegations of infringement, misappropriation, or other violations of intellectual property rights. We have in the past and may in the future be subject to notices or claims that we have infringed, misappropriated, or misused the intellectual property of our competitors or other third parties, including third parties that may have significantly larger and more mature patent holdings than we do or are patent holding companies whose sole business is to assert such claims. To the extent we increase our visibility in the market, we face a higher risk of being the subject of intellectual property claims. Additionally, despite our efforts to ensure that our employees, contractors, consultants, vendors, and service providers do not use the intellectual property and other proprietary information or know-how of third parties in their work for us, intellectual property, including copyrighted materials, trade secrets, software code, or other proprietary information, we have been and could in the
36
future be subject to claims that we, our employees, or our contractors, consultants, vendors, and service providers have inadvertently or otherwise used or disclosed intellectual property, copyrighted materials, trade secrets, or other proprietary information of our competitors, former employers, or other parties. Litigation may be necessary to defend against these claims. If we fail in defending against such claims, a court could order us to pay substantial damages and prohibit us from using technologies or features that are essential to our solutions, if such technologies or features are found to incorporate or be derived from the trade secrets or other proprietary information of these parties. In addition, we may lose valuable intellectual property rights or personnel. A loss of key personnel or their work product could hamper or prevent our ability to develop, market, and support potential solutions or enhancements, which could severely harm our business. Even if we are successful in defending against these claims, such litigation could result in substantial costs and be a distraction to management.

Our agreements with customers and other third parties may include indemnification provisions under which we agree to indemnify them or otherwise be liable for losses suffered or incurred as a result of claims of intellectual property infringement or misappropriation, damages caused by us to property or persons, or other liabilities relating to or arising from our platform, solutions, or other contractual obligations. See “—Indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement, misappropriation, or violation as well as other losses.”

Any intellectual property, indemnification, or wrongful use or disclosure claims, with or without merit, could be time-consuming and expensive, could require litigation, and could divert our management’s attention and other resources. These claims could also subject us to significant liability for damages, potentially including treble damages if we are found to have willfully infringed patents or copyrights. These claims could also result in our having to stop using technology found to be in violation of a third party’s rights. We might be required to seek a license for the intellectual property, which may not be available on reasonable terms or at all. Even if a license is available, we could be required to pay significant royalties, which would increase our operating expenses. As a result, we may be required to develop alternative non-infringing technology, which could require significant effort and expense. If we cannot license or develop technology for any aspect of our business that may ultimately be determined to infringe on or misappropriate the intellectual property rights of another party, we could be forced to limit or stop sales of licenses to our platform and solutions and may be unable to compete effectively. We could also lose valuable intellectual property rights or key personnel as a result of a wrongful disclosure dispute. Furthermore, we may be subject to indemnification obligations with respect to third-party intellectual property pursuant to our agreements with our channel partners or customers. Any of these results would adversely affect our business, operating results, and financial condition.

Indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement, misappropriation, or violation as well as other losses.

Our agreements with customers and certain partners include indemnification provisions under which we agree to defend and indemnify such customer or partner for losses suffered or incurred as a result of third-party claims for intellectual property infringement or misappropriation of our solutions. The intellectual property infringement indemnity to such customers or partners is an uncapped liability for which we would be responsible, and intellectual property indemnity provisions survive termination or expiration of the applicable agreement.

From time to time, customers also require us to indemnify them for a third-party claim for a violation of law arising from our breach of obligations under the applicable agreement. The existence of such a dispute may have adverse effects on our customer relationship and reputation, and even if we contractually limit our liability with respect to such obligations, we may still incur substantial liability related to them. Any assertions by a third party, whether or not successful, with respect to any of these indemnification obligations could subject us to costly and time-consuming litigation, expensive remediation and licenses, divert management attention and financial resources, harm our relationship with that customer and other current and prospective customers, reduce demand for our platform and solutions, and harm our brand, business, operating results, and financial condition. Any dispute with a customer with respect to such obligations could have adverse effects on our relationship with that customer and other existing customers and new customers and adversely affect our business and operating results.

Our use of “open source” software could negatively affect our ability to sell our solutions and subject us to possible litigation.

Some aspects of our platform and solutions are built using open source software, and we intend to continue to use open source software in the future. From time to time, we contribute software source code to open source projects under open source licenses or release internal software projects under open source software licenses and anticipate doing so in the future. Open source software is generally freely accessible, usable, and modifiable. However, certain open source licenses may, in certain circumstances, require us to offer our solutions that incorporate the open source software for no cost, make available source
37
code for modifications or derivative works we create based upon the open source software, incorporate or use the open source software, and/or license such modifications or derivative works under the terms of the particular open source license or otherwise unfavorable terms. The terms of certain open source licenses to which we are subject have not been interpreted by U.S. or foreign courts, and there is a risk that open source software licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to monetize our solutions. While we try to insulate our proprietary code from the effects of such open source license provisions, we cannot guarantee that we will be successful, that all open source software is reviewed prior to use in our solutions, that our developers have not incorporated open source software into our solutions in potentially disruptive ways, or that they will not do so in the future. Additionally, we may from time to time face claims from third parties claiming ownership of, or demanding release of, the open source software or derivative works that we developed using such software, which could include our proprietary source code, or otherwise seeking to enforce the terms of the applicable open source software license. These claims could result in costly litigation and could require us to make our software source code freely available, purchase a costly license, or cease offering the implicated solutions unless and until we can re-engineer them to avoid infringement or violation. This re-engineering process could require significant additional research and development resources, and we may not be able to complete it successfully. We could also be subject to suits by parties claiming ownership of what we believe to be open source software. In addition to risks related to license requirements, use of certain open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or controls on the origin of software and, thus, may contain security vulnerabilities or broken code. Moreover, some open source projects have known security and other vulnerabilities and architectural instabilities, or are otherwise subject to security attacks due to their wide availability, and are provided on an “as-is” basis. There is typically no support available for open source software, and we cannot ensure that the authors of such open source software will implement or push updates to address security risks or will not abandon further development and maintenance. Further, our use of any AI tools that use, incorporate, or output any open source software may heighten the foregoing risks. Any of these risks could be difficult to eliminate or manage, and if not addressed, could have a negative effect on our business, operating results, and financial condition.

Risks Related to Indebtedness

We may incur significant indebtedness, which could reduce our strategic flexibility and liquidity and may have other adverse effects on our results of operations.

We are currently party to a credit agreement (the “Credit Agreement”) that provides for a senior secured term loan facility (the “Term Loan”) in an original aggregate principal amount of $1.59 billion and a senior secured revolving credit facility in an aggregate principal amount of $125.0 million (the “Revolving Credit Facility”). While as of March 27, 2025, we have fully repaid the Term Loan and have no outstanding borrowings or letters of credit under the Revolving Credit Facility, we have historically relied on the availability of debt financing and we may incur significant indebtedness in the future under the Revolving Credit Facility or otherwise. We may also consider investments in joint ventures or acquisitions, which may increase our indebtedness. Our ability to meet our future debt service obligations, if any, will depend on our future performance, which is subject to economic, financial, competitive, and other factors beyond our control, including the factors described in this “Risk Factors” section. If we are unable to generate adequate cash flow to meet any such obligations, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt, or obtaining additional equity capital on terms that may be onerous or highly dilutive. Prevailing economic conditions and global credit markets could adversely impact our ability to do so on terms acceptable to us, or at all. In addition, our existing Credit Agreement and any of our future debt agreements may contain restrictive covenants that prohibit us from adopting any of these alternatives. The amount and terms of any future indebtedness could also make us more vulnerable to economic downturns, less able to withstand competitive pressures, and less flexible in responding to changing business and economic conditions as well as require us to allocate more of our cash flow from operations to the payment of outstanding indebtedness, rather than research and development or business growth.

The terms, conditions, and restrictions contained in the Credit Agreement could expose us to risks that could adversely affect our liquidity and financial condition or otherwise adversely affect our operating results.

The Credit Agreement contains, and any future debt agreements may contain, various covenants that, among other things, limit our and certain of our subsidiaries’ abilities to:
incur additional indebtedness or guarantee indebtedness of others;
create additional liens on our assets;
merge, consolidate, or dissolve;
make loans or investments, including acquisitions;
38
sell assets;
engage in sale and leaseback transactions;
pay dividends and make other distributions on our capital stock, and redeem and repurchase our capital stock; or
enter into transactions with affiliates.

The Credit Agreement also contains, and any future debt agreements may also contain, numerous affirmative covenants, including financial covenants. Our failure to comply with these covenants could result in an event of default, which, if not cured or waived, could result in the acceleration of our then outstanding debt.

Interest rate fluctuations may have a material adverse effect on our business, results of operations, financial condition, and cash flows.

Indebtedness under the Revolving Credit Facility, if any, bears interest at variable rates, and we may incur additional variable interest rate indebtedness in the future. This exposes us to interest rate risk, and any interest rate swaps we enter into in order to reduce interest rate volatility may not fully mitigate our interest rate risk. If interest rates were to increase, our debt service obligations on the variable rate indebtedness would increase even if the amount borrowed remained the same, and our net income and cash flows, including cash available for servicing our indebtedness, would correspondingly decrease.

Risks Related to Laws and Regulations

We will face risks associated with the growth of our business with certain heavily regulated industry verticals.

We market and sell our platform and solutions to customers in heavily regulated industry verticals, including the banking, healthcare, and financial services industries. As a result, we face additional regulatory scrutiny, risks, and burdens from the governmental entities and agencies that regulate those industries. Entering new heavily regulated verticals and expanding in those verticals in which we are already operating will continue to require significant resources to address potential regulatory scrutiny, risks, and burdens, and there is no guarantee that such efforts will be successful or beneficial to us. If we are unable to successfully penetrate these verticals, maintain our market share in such verticals in which we already operate or cost-effectively comply with governmental and regulatory requirements applicable to our activities with customers in such verticals, our business, financial condition, and results of operations may be harmed.

Any actual or perceived failure by us to comply with our privacy policy or legal or regulatory requirements, rules, industry standards, contractual requirements, and other obligations relating to privacy, data protection, and cybersecurity, in one or multiple jurisdictions could result in proceedings, actions, or penalties against us.

Our solutions analyze and otherwise process customer information, including personal information and other information supplied by our customers. Our standard customer agreement prohibits customers from sending to or storing sensitive customer data in our solutions, whether proprietary data, confidential data, sensitive personal data, or otherwise. However, we may enter into agreements with customers with unique terms that allow for certain sensitive customer data to be sent to and stored in our solutions. Further, our customers’ use of data concerning, among others, their employees, contractors, customers, and/or partners is essential to their use of our platform and solutions, and our solutions are not architected in a manner that prevents our customers from submitting or storing sensitive customer data. We have implemented various features intended to enable our customers to better secure their information and comply with applicable privacy and security requirements in their data governance, but these features do not ensure their compliance and may not be effective against all potential privacy and identity security concerns.

A wide variety of domestic and foreign laws, rules and regulations, and contractual requirements apply to the use and processing of proprietary, confidential, and sensitive information, including personal information. These laws, rules, regulations, industry standards, contractual requirements, and other obligations are constantly evolving, and we expect that we will continue to become subject to new proposed laws, rules, regulations, industry standards, contractual requirements, and other obligations in the United States, the EU, the UK, and other jurisdictions.

For example, in the United States, there are numerous federal, state, and local privacy, data protection, and cybersecurity laws, rules, and regulations governing the use and processing of personal data. At the federal level, we are subject to, among other laws, rules, and regulations, the rules and regulations promulgated under the authority of the Federal Trade Commission, which has the authority to regulate and enforce against unfair or deceptive acts or practices in or affecting commerce, including acts and practices with respect to privacy, data protection, and cybersecurity. Moreover, Congress has
39
considered, and continues to consider, many proposals for comprehensive national data privacy and cybersecurity legislation. As another example, at the state level, we are subject to laws, rules, and regulations, such as the California Consumer Privacy Act (as amended by the California Privacy Rights Act (collectively, “CCPA”)), which, amongst other things, requires businesses to provide specific disclosures in privacy notices, implement new operational practices, honor requests from California residents to exercise certain privacy rights (such as the right to access and request deletion of their personal information and to opt out of certain sharing and sales of personal information) and provides for civil penalties of up to $7,500 per violation, as well as a private right of action for certain data breaches that may increase the likelihood of and risks associated with data breach litigation. Many other states have also enacted, or are in the process of enacting, comprehensive privacy, data protection, and cybersecurity laws, rules, and regulations that share similarities with the CCPA, which creates the potential for a patchwork of overlapping but different state laws. In addition, all 50 states have laws that require the provision of notification for security breaches of personal information to affected individuals, state officers, or others. Possible consequences for non-compliance with these various state laws include enforcement actions in response to rules and regulations promulgated under the authority of federal agencies, state attorneys general, and legislatures and consumer protection agencies.

Outside of the United States, an increasing number of laws, rules, regulations, and industry standards apply to privacy, data protection, and cybersecurity. For example, we are subject to the GDPR in the EU, and in the UK, we are subject to the UK’s Data Protection Act 2018 as supplemented by the GDPR as implemented into UK law (collectively, “UK GDPR”), both of which impose similar, stringent data protection requirements. The GDPR and UK GDPR are wide-ranging in scope and impose numerous additional requirements on companies that process personal data, including imposing special requirements in respect of the processing of personal data, requiring that consent of individuals to whom the personal data relates is obtained in certain circumstances, requiring additional disclosures to individuals regarding data processing activities, requiring that safeguards are implemented to protect the security and confidentiality of personal data, creating mandatory data breach notification requirements in certain circumstances, and requiring that certain measures (including contractual requirements) are put in place when engaging third-party processors. The GDPR and UK GDPR also provide individuals with various rights in respect of their personal data, including rights of access, erasure, portability, rectification, restriction, and objection. Failure to comply with the GDPR and the UK GDPR can result in significant fines and other liability, including fines of up to EUR 20 million (or GBP 17.5 million under the UK GDPR) or four percent of global revenue, whichever is greater. European data protection authorities have shown a willingness to impose significant fines and issue orders preventing the processing of personal data on non-compliant businesses and have already imposed fines for GDPR violations up to, in some cases, hundreds of millions of Euros. While the UK GDPR currently imposes substantially the same obligations as the GDPR, the UK GDPR will not automatically incorporate changes to the GDPR going forward (which would need to be specifically incorporated by the UK government). Moreover, the UK government has publicly announced plans to reform the UK GDPR in ways that, if formalized, are likely to deviate from the GDPR, all of which creates a risk of divergent parallel regimes and related uncertainty, along with the potential for increased compliance costs and risks for affected businesses. Legal developments in the European Economic Area (“EEA”) and the UK, including rulings from the Court of Justice of the European Union (“CJEU”), have also created complexity and uncertainty regarding processing and transfers of personal data from the EEA and the UK to the United States and other so-called third countries outside the EEA and the UK that have not been determined by the relevant data protection authorities to provide an adequate level of protection for privacy rights. Case law from the CJEU indicates that reliance on the standard contractual clauses—a standard form of contract approved by the European Commission as an adequate personal data transfer mechanism—alone may not necessarily be sufficient in all circumstances and that transfers must be assessed on a case-by-case basis. In July 2023, the European Commission adopted an adequacy decision in relation to the new EU-U.S. Data Privacy Framework (“DPF”) rendering the DPF effective as a GDPR transfer mechanism for personal data transferred from the EEA to the United States by U.S. entities self-certified under the DPF. In October 2023, the UK Extension to the DPF came into effect, as approved by the UK government, as a data transfer mechanism from the UK to U.S. entities self-certified under the DPF. While we have taken steps to mitigate the impact on us, such as implementing the European Commission’s standard contractual clauses, the efficacy and longevity of these mechanisms remains uncertain. Other jurisdictions outside the EU and the UK are similarly introducing or enhancing privacy, data protection, and cybersecurity laws, rules, and regulations, which could increase our compliance costs and the risks associated with noncompliance. We cannot yet fully determine the impact these or future laws, rules, and regulations may have on our business or operations. These laws, rules, and regulations may be inconsistent from one jurisdiction to another, subject to differing interpretations, and may be interpreted to conflict with our practices. While we have implemented controls and procedures designed to comply with the requirements of the privacy, data protection, and cybersecurity laws, rules, and regulations of the jurisdictions in which we operate, such controls and procedures may not be effective in ensuring compliance or preventing unauthorized transfers of personal information. Failure to comply with such requirements could result in fines, sanctions, or other penalties, which could materially affect our reputation, business, financial condition, and results of operations.

These and other applicable data protection and privacy-related laws and regulations are evolving and may result in regulatory and public scrutiny and escalating levels of enforcement and sanctions. See Part I, Item 1, “Business—Government
40
Regulations” for more information. Our failure to comply with contractual obligations or applicable laws and regulations, or to protect any personal or other customer data, could result in enforcement actions against us, including regulatory fines or other civil or criminal liability, as well as claims for damages, contractual or otherwise, by customers and other affected individuals, damage to our reputation, and loss of goodwill (both in relation to existing customers and prospective customers), any of which could adversely affect our business, operating results, financial performance, and prospects.

In addition, we are subject to certain contractual obligations and have made privacy commitments, including in privacy policies and customer data processing agreements, regarding our use and processing of personal data. As a company that supports customer privacy and security objectives, even the perception of a failure by us to comply with our privacy commitments, whether or not valid, may harm our reputation, inhibit adoption of our solutions by current and future customers, or adversely impact our ability to attract and retain workforce talent. Additionally, a failure or perceived failure to comply with privacy commitments could lead to regulator or civil claims if our commitments are found to be deceptive or otherwise misrepresentative of our actual policies and practices.

Loss, retention, or misuse of certain information and alleged violations of laws and regulations relating to privacy and data security, and any relevant claims, may expose us to potential liability and may require us to expend significant resources on identity security and in responding to and defending such allegations and claims. Any failure or perceived failure by us or any third parties with which we do business to comply with laws, rules, regulations, industry standards, contractual requirements, or other actual or asserted obligations to which we or such third parties are or may become subject may result in significant liability, adverse publicity, inability to process data, and investigations, proceedings, and other legal actions against us by governmental entities and private claims, demands, and litigation. Any such action or other matter could be expensive to defend, may require the expenditure of substantial legal and other costs and substantial time and resources, may result in fines, penalties, or other liabilities, and likely would damage our reputation and adversely affect our business, financial condition, and results of operations. We may in the future be party to such actions and disputes. In many jurisdictions, enforcement actions and consequences for non-compliance with privacy, data protection, and cybersecurity laws, rules, regulations, industry standards, contractual requirements, or other obligations are rising. Data subjects may also have a private right of action, as well as consumer associations, to lodge complaints with supervisory authorities, seek judicial remedies, and obtain compensation for damages resulting from violations of applicable privacy, data protection, and cybersecurity laws, rules, and regulations. In addition, privacy advocates and industry groups have regularly proposed, and may propose in the future, self-regulatory standards that may legally or contractually apply to us or be alleged to apply to us. If we fail or are alleged to fail to follow these standards, even if no personal information is compromised, we may incur significant fines or experience a significant increase in costs and face regulatory investigations and other proceedings or private claims, demands, and litigation. In addition, future laws, regulations, standards, and other obligations, and changes in the interpretation of existing laws, regulations, standards, and other obligations, could impair our customers’ ability to collect, use, or disclose data relating to individuals, which could decrease demand for our platform and solutions, increase our costs, and impair our ability to maintain and grow our customer base and increase our revenue. This includes evolutions in definitions of what constitutes “Personal Information” and “Personal Data” subject to privacy laws, especially relating to classification of intellectual property addresses, machine or device identification numbers, location data and other information. Changes in the law may limit or inhibit our ability to offer certain solutions or features, limit the growth of features and/or development of new solutions, including that supported by AI or ML, or limit our ability to operate or expand our business and develop technology alliance relationships that may involve the sharing of data.

Around the world, there are numerous lawsuits in process against various technology companies that process personal data. If those lawsuits are successful, it could increase the likelihood that our company may be exposed to liability for our own policies and practices concerning the processing of personal data and could hurt our business. Furthermore, the costs of compliance with, and other burdens imposed by laws, regulations, and policies concerning privacy and identity security that are applicable to the businesses of our customers may limit the use and adoption of our platform or solutions and reduce overall demand for them. Privacy concerns, whether or not valid, may inhibit market adoption of our solutions. Additionally, concerns about security or privacy may result in the adoption of new legislation that restricts the implementation of technologies like ours or requires us to make modifications to our solutions, which could significantly limit the adoption and deployment of our technologies or result in significant expense to modify our solutions.

We publicly post our privacy policies and practices concerning our processing, use, and disclosure of the personally identifiable information provided to us by our website visitors. Our publication of our privacy policies and other statements we publish that provide promises and assurances about privacy and security can subject us to potential state, federal, and international action if they are found to be deceptive or misrepresentative of our actual policies and practices or if our practices are found to be unfair.

41
Regulatory and legislative developments related to the use of AI could adversely affect our use of such technologies in our solutions and business.

We use AI throughout our business. As the regulatory framework for AI and automated decision making evolves, our business, financial condition, and results of operations may be adversely affected. The regulatory framework for AI and similar technologies and automated decision making is changing rapidly. It is possible that new laws and regulations will be adopted in the United States and in non-U.S. jurisdictions or that existing laws and regulations may be interpreted in ways that would affect the operation of our solutions and the way in which we use AI and similar technologies. We may not be able to adequately anticipate or respond to these evolving laws and regulations, and we may need to expend additional resources to adjust our offerings in certain jurisdictions if applicable legal frameworks are inconsistent across jurisdictions. In addition, because these technologies are themselves highly complex and rapidly developing, it is not possible to predict all of the legal or regulatory risks that may arise relating to our use of such technologies. Further, the cost to comply with such laws or regulations could be significant and could increase our operating expenses, which would adversely affect our business, financial condition, and results of operations.

For example, in August 2024, the EU Artificial Intelligence Act (the “AI Act”), which establishes broad obligations for the development and use of AI-based technologies in the EU based on their potential risks and level of impact, came into force. This framework categorizes AI systems, based on the risks associated with such AI systems’ intended purposes, as creating unacceptable or high risks, with all other AI systems being considered low risk. Furthermore, the AI Act includes requirements around transparency, conformity assessments and monitoring, risk assessments, human oversight, security, accuracy, general purpose AI, and foundation models, and provides for fines of up to the greater of €35 million or 7% of worldwide annual turnover for violations. There is a risk that our current or future AI-powered solutions may obligate us to comply with the applicable requirements of the AI Act, which may impose additional costs on us, increase our risk of liability, or adversely affect our business. For example, the AI Act prohibits certain uses of AI systems and places numerous obligations on providers and deployers of permitted AI systems, with heightened requirements based on AI systems that are considered high risk. This regulatory framework is expected to have a material impact on the way AI is regulated in the EU and beyond, and, together with developing regulatory guidance and judicial decisions in this area, may affect our use of AI and our ability to provide and to improve our solutions, require additional compliance measures and changes to our operations and processes, result in increased compliance costs and potential increases in civil claims against us, and could adversely affect our business, financial condition, and results of operations.

Failure to comply with anti-bribery, anti-corruption, and anti-money laundering laws could subject us to penalties and other adverse consequences.

We are subject to the Foreign Corrupt Practices Act (the “FCPA”), the U.K. Bribery Act, and other anti-corruption, anti-bribery, and anti-money laundering laws in various jurisdictions both domestic and abroad. The FCPA prohibits any U.S. individual or business from paying, offering, authorizing payment, or offering of anything of value, directly or indirectly, to any foreign official, political party, or candidate for the purpose of influencing any act or decision of the foreign entity in order to assist the individual or business in obtaining or retaining business. The U.K. Bribery Act is similar but even broader in scope in that it prohibits bribery of private (non-government) persons as well. The FCPA also obligates companies whose securities are listed in the United States to comply with certain accounting provisions requiring the company to maintain books and records that accurately and fairly reflect all transactions of the corporation, including international subsidiaries, and to devise and maintain an adequate system of internal accounting controls for international operations. Our sales model presents some risk under these laws. We leverage third parties, including channel partners, to sell our solutions and conduct our business abroad. We and our third-party intermediaries may have direct or indirect interactions with officials and employees of government agencies, state-owned or affiliated entities, and non-governmental commercial entities and may be held liable for the corrupt or other illegal activities of these third-party intermediaries, our employees, representatives, contractors, channel partners, and agents, even if we do not explicitly authorize such activities. While we have policies and procedure to address compliance with these laws, we cannot assure you that all of our employees and agents will not take actions in violation of our policies and applicable law, for which we may be ultimately held responsible. Noncompliance with these laws could subject us to investigations, sanctions, settlements, prosecution, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, adverse media coverage, and other consequences. Any investigations, actions, or sanctions could adversely affect our business, operating results, and financial condition.

We are subject to governmental export controls and economic sanctions laws that could impair our ability to compete in international markets and subject us to liability if we are not in full compliance with applicable laws.

42
Our business activities are subject to various restrictions under U.S. export controls and trade and economic sanctions laws, including the U.S. Commerce Department’s Export Administration Regulations and economic and trade sanctions regulations maintained by the U.S. Treasury Department’s Office of Foreign Assets Control. The U.S. export control laws and U.S. economic sanctions laws include prohibitions on the sale or supply of certain products and services to U.S. embargoed or sanctioned countries, governments, persons, and entities and also require authorization for the export of encryption items. We are also subject to Israeli export controls on encryption technology for our platform and identity security solutions. If the applicable U.S. or Israeli requirements regarding export of encryption technology were to change or if we change the encryption means in our solutions, we may need to satisfy additional requirements in the United States or Israel. There can be no assurance that we will be able to satisfy any additional requirements under these circumstances in either the United States or Israel.

In addition, various countries regulate the import of certain encryption technology, including through import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our solutions or could limit our customers’ ability to implement our solutions in those countries. Although we take precautions to prevent our solutions from being provided in violation of such laws, our solutions may have been in the past, and could in the future be, provided inadvertently in violation of such laws, despite the precautions we take. If we fail to comply with these laws and regulations, we and certain of our employees could be subject to civil or criminal penalties, including the possible loss of export privileges and monetary penalties. Obtaining the necessary authorizations, including any required license, for a particular transaction may be time-consuming, is not guaranteed, and may result in the delay or loss of sales opportunities. Although we take precautions to prevent transactions with U.S. sanction targets, we could inadvertently provide our solutions to persons prohibited by U.S. sanctions. This could result in negative consequences to us, including government investigations, penalties, and harm to our reputation.

Our corporate structure and intercompany arrangements are subject to the tax laws of various jurisdictions, and we could be obligated to pay additional taxes, which would harm our operating results.

Based on our current corporate structure, we may be subject to taxation in several jurisdictions around the world with increasingly complex tax laws, the application of which can be uncertain. The amount of taxes we pay in these jurisdictions could increase substantially as a result of changes in the applicable tax principles, including increased tax rates, new tax laws, or revised interpretations of existing tax laws and precedents. In addition, the authorities in these jurisdictions could challenge our methodologies for valuing developed technology or intercompany arrangements, including our transfer pricing. The relevant taxing authorities may determine that the manner in which we operate our business does not achieve the intended tax consequences. If such a disagreement were to occur, and our position were not sustained, we could be required to pay additional taxes, interest, and penalties. Such authorities could claim that various withholding requirements apply to us or our subsidiaries or assert that benefits of tax treaties are not available to us or our subsidiaries. Any increase in the amount of taxes we pay or that are imposed on us could increase our worldwide effective tax rate and adversely affect our business and operating results.

Our ability to use net operating losses and other tax attributes to offset future taxable income may be subject to certain limitations.

Our U.S. federal and state net operating loss (“NOLs”) carryforwards and certain other tax credits may be subject to limitations under Section 382 and Section 383 of the Internal Revenue Code of 1986, as amended (the “Code”), respectively, and similar provisions of state law. Under those sections of the Code, a corporation that undergoes an “ownership change,” generally defined as a greater than 50% change (by value) in its equity ownership over a three-year period, is subject to limitations on its ability to utilize its pre-change NOLs and other pre-change tax attributes, such as research tax credits, to offset future taxable income or taxes. Our existing NOLs may be subject to limitations arising from previous ownership changes, and if we undergo an ownership change, our ability to utilize NOLs and other tax attributes could be further limited by Sections 382 and 383 of the Code. In addition, future changes in our stock ownership, many of which are outside of our control, could result in an ownership change under Sections 382 and 383 of the Code. “Ownership changes” that have occurred in the past or that may occur in the future could result in the imposition of an annual limit on the amount of pre-ownership change NOLs and other tax attributes we can use to reduce taxable income, potentially increasing and accelerating our liability for income taxes, and also potentially causing those tax attributes to expire unused.

We function as a HIPAA “business associate” or service provider for certain of our customers and, as such, are subject to strict privacy and data security requirements. If we fail to comply with any of these requirements, or applicable requirements under state health information laws, we could be subject to significant liability, which can adversely affect our business as well as our ability to attract and retain new customers.

43
The Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (“HITECH”), and their respective implementing regulations (collectively referred to as “HIPAA”), imposes specified requirements relating to the privacy, security, and transmission of individually identifiable health information, including “protected health information” (“PHI”) under HIPAA. HIPAA requires, among other things, that “covered entities” and their business associates maintain reasonable and appropriate administrative, physical, and technical safeguards to protect PHI. Additionally, business associates are required to assist covered entities with various requirements under HIPAA, including reporting certain breaches, security incidents, or other unauthorized uses or disclosures of PHI to individuals, the Department of Health and Human Services Office for Civil Rights, and the media, depending on the extent of the disclosure. We may function as a business associate for certain of our customers that are HIPAA covered entities and service providers, and in that context we are regulated as a business associate for the purposes of HIPAA.

If we are unable to comply with our obligations under HIPAA as a business associate, we could face substantial civil or criminal liability or other regulatory action. HITECH also gave state attorneys general authority to file civil actions for damages or injunctions in federal courts to enforce the federal HIPAA laws and seek attorneys’ fees and costs associated with pursuing federal civil actions. Furthermore, the HIPAA-covered entities and service providers to which we provide solutions require us to enter into HIPAA-compliant business associate agreements with them. These agreements impose stringent data security obligations on us. If we are unable to meet the requirements of any of these business associate agreements, we could face contractual liability, as well as possible civil and criminal liability under HIPAA, all of which can have an adverse impact on our business and generate negative publicity, which, in turn, can have an adverse impact on our ability to attract and retain new customers.

In addition, many state laws govern the privacy and security of health information in certain circumstances, including having passed privacy legislation to cover consumer health data and sensitive data. These laws may differ from other state privacy requirements, including in the way such laws are interpreted and enforced by state regulatory authorities, and may be more stringent than HIPAA. Under these state laws, states may impose fines or penalties for violations and, depending on the state, may allow a private right of action for individuals who believe their information has been inappropriately used or disclosed, including from a security incident or breach. Additionally, many state attorneys general and the Federal Trade Commission have interpreted existing consumer protection laws to impose standards on the privacy, security, use, transfer, disclosure, disposal, and other treatment of an individual’s information, including health information.

Increased and complex scrutiny of environmental, social, and governance (“ESG”) matters may require us to incur additional costs or otherwise adversely impact our business.

Increased attention to climate change, diversity, equity, and inclusion, and other ESG issues, may result in increased costs (including but not limited to increased costs related to compliance, stakeholder engagement, and contracting), impact our reputation or otherwise affect our business performance. In addition, organizations that provide information to investors on corporate governance and related matters have developed ratings processes for evaluating companies on ESG matters. Such ratings are used by some investors to inform their investment or voting decisions. Unfavorable ESG ratings could lead to negative investor sentiment toward us and/or our industry, which could have a negative impact on our access to and costs of capital. To the extent ESG matters negatively impact our reputation, we may also not be able to compete as effectively to recruit or retain employees. We may take certain actions, including the establishment of ESG-related goals, to improve our ESG profile and/or respond to stakeholder demand; however, such actions may be costly or be subject to numerous conditions that are outside our control, and we cannot guarantee that such actions will have the desired effect.

Moreover, while we may create and publish voluntary disclosures regarding ESG matters from time to time, many of the statements in those voluntary disclosures are based on hypothetical expectations and assumptions that may or may not be representative of current or actual risks or events or forecasts of expected risks or events, including the costs associated therewith. Such expectations and assumptions are necessarily uncertain and may be prone to error or subject to misinterpretation given the long timelines involved and the lack of an established single approach to identifying, measuring, and reporting on many ESG matters. Such disclosures may also be at least partially reliant on third-party information that we have not independently verified or cannot be independently verified. In addition, we expect there will likely be increasing levels of regulation, disclosure-related and otherwise, with respect to ESG matters, and increased regulation will likely lead to increased compliance costs as well as scrutiny that could heighten all of the risks identified in this risk factor. Such ESG matters may also impact our customers, which may adversely impact our business, financial condition, or results of operations.

Risks Related to Ownership of Our Common Stock

44
The requirements of being a public company, including compliance with the reporting requirements of the Exchange Act and the requirements of the Sarbanes-Oxley Act and Nasdaq, may strain our resources, increase our costs, and distract management, and we may be unable to comply with these requirements in a timely or cost-effective manner.

As a public company, we need to comply with laws, regulations, and requirements, certain corporate governance provisions of the Sarbanes-Oxley Act, related regulations of the SEC, and the requirements of Nasdaq. As a newly public company, complying with these statutes, regulations, and requirements will occupy a significant amount of time of our Board and management and will significantly increase our costs and expenses as compared to when we were a private company. For example, as a newly public company, we have had to institute a more comprehensive compliance and reporting function, establish new internal policies, and involve and retain to a greater degree outside counsel and accountants in such activities.

In addition, we implemented a new ERP system. The ERP system is intended to combine and streamline the management of our financial, accounting, human resources, sales and marketing, and other functions, enabling it to manage operations and track performance more effectively. Any disruptions or difficulties in using the ERP system could adversely affect our controls and harm our business, financial condition, and results of operations, including our ability to forecast our business and collect receivables. Moreover, such disruption or difficulties could result in unanticipated costs and diversion of management attention.

The trading price of our common stock could be volatile, which could cause the value of your investment to decline.

Our initial public offering (our "IPO") occurred in February 2025. Therefore, there has only been a public market for our common stock for a short period of time. Although our common stock is listed on the Nasdaq Global Select Market, an active trading market for our common stock may not develop or, if developed, be sustained. Technology stocks have historically experienced high levels of volatility. Since shares of our common stock were sold in our IPO in February 2025 at a price of $23.00 per share, our stock price has fluctuated significantly. The trading price of our common stock may fluctuate substantially in response to numerous factors, many of which are beyond our control. These fluctuations could cause you to lose all or part of your investment in our common stock. Factors that could cause fluctuations in the trading price of our common stock include the following:

announcements of new solutions, products, or technologies, commercial relationships, acquisitions, or other events by us or our competitors;

changes in how customers perceive the benefits of our solutions;

shifts in the mix of revenue attributable to SaaS subscriptions from quarter to quarter;

departures of key personnel;

price and fluctuations in the overall stock market from time to time;

fluctuations in the trading volume of our shares or the size of our public float;

sales of large blocks of our common stock;

actual or anticipated changes or fluctuations in our operating results;

whether our operating results meet the expectations of securities analysts or investors;

changes in actual or future expectations of investors or securities analysts;

litigation involving us, our industry, or both;

regulatory developments in the United States, foreign countries, or both;

general economic conditions and trends;

major catastrophic events in our domestic and foreign markets; and

45
“flash crashes,” “freeze flashes,” or other glitches that disrupt trading on the securities exchange on which we are listed.

In addition, if the market for technology stocks or the stock market in general experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, operating results, or financial condition. The trading price of our common stock might also decline in reaction to events that affect other companies in our industry even if these events do not directly affect us. In the past, following periods of volatility in the trading price of a company’s securities, securities class action litigation has often been brought against that company. If our stock price is volatile, we may become the target of securities litigation. Securities litigation could result in substantial costs and divert our management’s attention and resources from our business. This could have an adverse effect on our business, operating results, and financial condition.

If securities analysts or industry analysts were to downgrade our stock, publish negative research or reports, or fail to publish reports about our business, our competitive position could suffer and our stock price and trading volume could decline.

The trading market for our common stock, to some extent, depends on the research and reports that securities or industry analysts publish about us or our business. We do not have any control over these analysts. If one or more of the analysts who cover us should downgrade our stock or publish negative research or reports, cease coverage of our company, or fail to regularly publish reports about our business, our competitive position could suffer and our stock price and trading volume could decline.

Our issuance of additional capital stock in connection with financings, acquisitions, investments, our stock incentive plans, or otherwise will dilute all other stockholders.

We may issue additional capital stock in the future that will result in dilution to all other stockholders. We may also raise capital through equity financings in the future. As part of our business strategy, we may acquire or make investments in complementary companies, products, or technologies and issue equity securities to pay for any such acquisition or investment. Any such issuances of additional capital stock may cause stockholders to experience significant dilution of their ownership interests and the per share value of our common stock to decline.

We do not intend to pay dividends on our common stock and, consequently, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.

We have never declared or paid any dividends on our common stock. We intend to retain any earnings to finance the operation and expansion of our business, and we do not anticipate paying any cash dividends in the foreseeable future. As a result, you may only receive a return on your investment in our common stock if the market price of our common stock increases.

Provisions of our corporate governance documents could make an acquisition of us more difficult and may prevent attempts by our stockholders to replace or remove our current management, even if beneficial to our stockholders.

Our certificate of incorporation and bylaws and the Delaware General Corporation Law (the “DGCL”) contain provisions that could make it more difficult for a third party to acquire us, even if doing so might be beneficial to our stockholders. Among other things:

these provisions allow us to authorize the issuance of undesignated preferred stock, the terms of which may be established and the shares of which may be issued without stockholder approval, and which may include supermajority voting, special approval, dividend, or other rights or preferences superior to the rights of stockholders;

these provisions provide for a classified board of directors with staggered three-year terms;

these provisions provide that, at any time when Thoma Bravo controls, in the aggregate, less than 40% in voting power of our stock entitled to vote generally in the election of directors, directors may only be removed for cause and only by the affirmative vote of holders of at least 66 2/3% in voting power of all the then-outstanding shares of our stock entitled to vote thereon, voting together as a single class;

46
these provisions prohibit stockholder action by written consent from and after the date on which Thoma Bravo controls, in the aggregate, less than 35% in voting power of our stock entitled to vote generally in the election of directors;

these provisions provide that for as long as Thoma Bravo controls, in the aggregate, at least 50% in voting power of our stock entitled to vote generally in the election of directors, any amendment, alteration, or repeal of our bylaws by our stockholders will require the affirmative vote of a majority in voting power of the outstanding shares of our capital stock and at any time when Thoma Bravo controls, in the aggregate, less than 50% in voting power of all outstanding shares of our stock entitled to vote generally in the election of directors, any amendment, alteration, or repeal of our bylaws by our stockholders will require the affirmative vote of the holders of at least 66 2/3% in voting power of all the then-outstanding shares of our stock entitled to vote thereon, voting together as a single class; and

these provisions establish advance notice requirements for nominations for elections to our Board or for proposing matters that can be acted upon by stockholders at stockholder meetings; provided, however, at any time when Thoma Bravo controls, in the aggregate, at least 10% in voting power of our stock entitled to vote generally in the election of directors, such advance notice procedure will not apply to Thoma Bravo.

We have opted out of Section 203 of the DGCL, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any interested stockholder for a period of three years following the date on which the stockholder became an interested stockholder. However, our certificate of incorporation contains a provision that provides us with protections similar to Section 203 and prevents us from engaging in a business combination with a person (excluding Thoma Bravo and any of their direct or indirect transferees and any group as to which such persons are a party) who acquires at least 15% of our common stock for a period of three years from the date such person acquired such common stock, unless board or stockholder approval is obtained prior to the acquisition. These provisions could discourage, delay, or prevent a transaction involving a change in control of our company. These provisions could also discourage proxy contests and make it more difficult for you and other stockholders to elect directors of your choosing and cause us to take other corporate actions you desire, including actions that you may deem advantageous, or negatively affect the trading price of our common stock. In addition, because our Board is responsible for appointing the members of our management team, these provisions could in turn affect any attempt by our stockholders to replace current members of our management team.

These and other provisions in our certificate of incorporation, bylaws, and Delaware law could make it more difficult for stockholders or potential acquirers to obtain control of our Board or initiate actions that are opposed by our then-current Board, including actions to delay or impede a merger, tender offer, or proxy contest involving our company. The existence of these provisions could negatively affect the price of our common stock and limit opportunities for you to realize value in a corporate transaction.

Thoma Bravo controls us, and its interests may conflict with ours or yours in the future.

Investment entities affiliated with Thoma Bravo UGP, LLC (together with its affiliated entities, "Thoma Bravo") control approximately 86% of the voting power of our outstanding common stock, which means that, based on its percentage voting power, Thoma Bravo controls the vote of all matters submitted to a vote of our stockholders. This control enables Thoma Bravo to control the election of the members of the Board and all other corporate decisions. Even when Thoma Bravo ceases to control a majority of the total voting power, for so long as Thoma Bravo continues to own a significant percentage of our common stock, Thoma Bravo will still be able to significantly influence the composition of our Board and the approval of actions requiring stockholder approval. Accordingly, for such period of time, Thoma Bravo will have significant influence with respect to our management, business plans, and policies, including the appointment and removal of our officers, decisions on whether to raise future capital, and amending our charter and bylaws, which govern the rights attached to our common stock. In particular, for so long as Thoma Bravo continues to own a significant percentage of our common stock, Thoma Bravo will be able to cause or prevent a change of control of us or a change in the composition of our Board and could preclude any unsolicited acquisition of us. The concentration of ownership could deprive you of an opportunity to receive a premium for your shares of common stock as part of a sale of us and ultimately might affect the market price of our common stock.

In addition, we have entered into a director designation agreement (the “Director Designation Agreement”) with Thoma Bravo that provides it the right to designate: (i) all of the nominees for election to our Board for so long as Thoma Bravo beneficially owns 40% or more of the total number of shares of our common stock beneficially owned by Thoma Bravo upon completion of the IPO, as adjusted for any reorganization, recapitalization, stock dividend, stock split, reverse stock split, or similar changes in our capitalization (such number of shares as may be adjusted, the “Original Amount"); (ii) a number of nominees for election to our Board (rounded up to the nearest whole number) equal to 40% of the total directors for so long as Thoma Bravo beneficially owns at least 30% and less than 40% of the Original Amount; (iii) a number of nominees for election to our Board (rounded up to the nearest whole number) equal to 30% of the total directors for so long as Thoma Bravo
47
beneficially owns at least 20% and less than 30% of the Original Amount; (iv) a number of nominees for election to our Board (rounded up to the nearest whole number) equal to 20% of the total directors for so long as Thoma Bravo beneficially owns at least 10% and less than 20% of the Original Amount; and (v) one nominee for election to our Board for so long as Thoma Bravo beneficially owns at least 5% of the Original Amount. The Director Designation Agreement also provides that Thoma Bravo may assign such right to an affiliate. The Director Designation Agreement prohibits us from increasing or decreasing the size of our Board without the prior written consent of Thoma Bravo. See Part III, Item 13, “Certain Relationships and Related Party Transactions, and Director Independence—Related Party Transactions—Director Designation Agreement” for more details with respect to the Director Designation Agreement.

Thoma Bravo and its affiliates engage in a broad spectrum of activities, including investments in our industry generally. In the ordinary course of their business activities, Thoma Bravo and its affiliates may engage in activities where their interests conflict with our interests or those of our other stockholders, such as investing in or advising businesses that directly or indirectly compete with certain portions of our business or are suppliers or customers of ours. Our certificate of incorporation provides that none of Thoma Bravo, any of its affiliates, or any director who is not employed by us (including any non-employee director who serves as one of our officers in both his or her director and officer capacities) or its affiliates will have any duty to refrain from engaging, directly or indirectly, in the same business activities or similar business activities or lines of business in which we operate. Thoma Bravo also may pursue acquisition opportunities that may be complementary to our business, and, as a result, those acquisition opportunities may not be available to us. In addition, Thoma Bravo may have an interest in pursuing acquisitions, divestitures, and other transactions that, in their judgment, could enhance their investment, even though such transactions might involve risks to you or may not prove beneficial.

We may issue preferred stock whose terms could adversely affect the voting power or value of our common stock.

Our charter authorizes us to issue, without the approval of our stockholders, one or more classes or series of preferred stock having such designations, preferences, limitations, and relative rights, including preferences over our common stock respecting dividends and distributions, as our Board may determine. The terms of one or more classes or series of preferred stock could adversely impact the voting power or value of our common stock. For example, we might grant holders of preferred stock the right to elect some number of our directors in all events or on the happening of specified events or the right to veto specified transactions. Similarly, the repurchase or redemption rights or liquidation preferences we might assign to holders of preferred stock could affect the residual value of our common stock.

Our charter designates the Court of Chancery of the State of Delaware as the sole and exclusive forum for certain types of actions and proceedings that may be initiated by our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers, employees, or agents.

Pursuant to our certificate of incorporation, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware will be the sole and exclusive forum for any claims in state court for (i) any derivative action or proceeding brought on our behalf, (ii) any action asserting a claim of breach of a fiduciary duty owed by any of our directors, officers, other employees, or stockholders to us or our stockholders, (iii) any action asserting a claim against us arising pursuant to any provision of the DGCL, our certificate of incorporation, or our bylaws, or (iv) any other action asserting a claim against us that is governed by the internal affairs doctrine; provided that for the avoidance of doubt, the forum selection provision that identifies the Court of Chancery of the State of Delaware as the exclusive forum for certain litigation, including any “derivative action,” will not apply to suits to enforce a duty or liability created by the Securities Act of 1933, as amended (the “Securities Act”) Securities Act, the Exchange Act, or any other claim for which the federal courts have exclusive jurisdiction. Our certificate of incorporation will also provide that, unless we consent in writing to the selection of an alternative forum, the federal district courts of the United States shall be the exclusive forum for the resolution of any complaint asserting a cause of action arising under the Securities Act. Our certificate of incorporation further provides that any person or entity purchasing or otherwise acquiring or holding any interest in shares of our capital stock is deemed to have notice of and consented to the provisions of our certificate of incorporation described above. The forum selection provisions in our certificate of incorporation may have the effect of discouraging lawsuits against us or our directors and officers and may limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us. If the enforceability of our forum selection provisions were to be challenged, we may incur additional costs associated with resolving such challenge. While we currently have no basis to expect any such challenge would be successful, if a court were to find our forum selection provisions to be inapplicable or unenforceable with respect to one or more of these specified types of actions or proceedings, we may incur additional costs associated with having to litigate in other jurisdictions, which could have an adverse effect on our business, financial condition, results of operations, cash flows, and prospects and result in a diversion of the time and resources of our employees, management, and Board.

48
A significant portion of our total outstanding shares of common stock are restricted from immediate resale but may be sold into the market in the near future. This could cause the market price of our common stock to drop significantly, even if our business is doing well.

Sales of a substantial number of shares of our common stock in the public market could occur at any time. These sales, or the perception in the market that the holders of a large number of shares of common stock intend to sell shares, could reduce the market price of our common stock. A significant number of shares of our common stock are subject to a 180-day lock-up period pursuant to lock-up agreements entered into in connection with our IPO and, are therefore, restricted from immediate resale under the federal securities laws. All of these shares of common stock will, however, be able to be resold after the expiration of the lock-up period, as well as pursuant to customary exceptions thereto or upon the waiver of the lock-up agreement by the representatives on behalf of the underwriters. We have also registered shares of common stock that we may issue under our equity compensation plans, which can be freely sold in the public market upon issuance, subject to the lock-up agreements. As restrictions on resale end, the market price of our stock could decline if the holders of currently restricted shares of common stock sell them or are perceived by the market as intending to sell them.

We are a controlled company within the meaning of the rules of Nasdaq and, as a result, qualify for and are relying on exemptions from certain corporate governance requirements.

Thoma Bravo beneficially owns, on a combined basis, a majority of the combined voting power of all classes of our outstanding voting stock. As a result, we are a controlled company within the meaning of the rules of Nasdaq. Under Nasdaq rules, a company of which more than 50% of the voting power is held by another person or group of persons acting together is a controlled company and may elect not to comply with certain Nasdaq corporate governance requirements, including the requirements that:

a majority of the board of directors consist of independent directors as defined under the rules of Nasdaq;

the nominating and governance committee be composed entirely of independent directors with a written charter addressing the committee’s purpose and responsibilities; and

the compensation committee be composed entirely of independent directors with a written charter addressing the committee’s purpose and responsibilities.

These requirements will not apply to us as long as we remain a controlled company. We currently utilize some or all of these exemptions. Accordingly, our stockholders may not have the same protections afforded to stockholders of companies that are subject to all of the corporate governance requirements of Nasdaq.
Item 1B. Unresolved Staff Comments.
None.

Item 1C. Cybersecurity.

Cybersecurity Risk Management and Strategy
We view managing cybersecurity risk as imperative to protecting the confidentiality, integrity, availability, and resiliency of the information and systems we use to achieve our strategic business goals and satisfy our customers and partners. To that end, we have developed a formal cybersecurity risk management program that is integrated into our broader enterprise risk processes in an effort to protect our applications, networks, and systems from risks from cybersecurity threats. We use elements of the NIST Cybersecurity Framework and other recognized industry standards to inform and guide the design of this program, though we do not purport to meet any particular technical standards, specifications, or requirements of NIST.
We engage with multiple teams across the business, including IT, Product, Engineering, DevOps, Legal, Human Resources, Compliance, and Sales, in an effort to address all aspects and phases of the cybersecurity risk lifecycle, including identification, assessment, treatment, monitoring, and reporting. We also engage with external independent partners on a regular basis to assess the maturity of our cybersecurity risk management program and to recommend improvements thereto, including with respect to third-party risk. We also conduct annual audits and control testing to evaluate the efficiency of our controls across the organization.
Key features of our cybersecurity risk management program include:
49
A dedicated team of risk analysts who manage the program and associated activities, such as risk assessments, risk lifecycle management, control assessments, and risk reporting.
Risk assessments that are conducted by the risk team on a regular basis, which sometimes include emerging topics addressed through targeted risk assessments.
Security incident response policies and procedures to investigate and respond to security incidents, including procedures to assess the threat of relevant vulnerabilities or security incidents, and to establish remediation and mitigation actions for events.
Security awareness training campaigns assigned to our users at least twice a year covering a multitude of security and privacy topics.
Management of third-party risk, including conducting cybersecurity assessments of vendors before onboarding them, followed by ongoing monitoring for compliance with standards.
We have not identified any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. We nevertheless face ongoing risks from cybersecurity threats that, if realized, could affect us, including our operations, business strategy, results of operations, or financial condition. See Part I, Item 1A, “Risk Factors” in this Annual Report for additional information regarding potential cybersecurity risks, particularly the risk factor titled “Cyber attacks or other cybersecurity breaches, incidents, or disruptions with respect to our networks, systems, or applications, including unauthorized access to, or disclosure or other processing of, our proprietary, confidential, or sensitive information, including personal information, could disrupt our operations, compromise sensitive information related to our business or personal information processed by us or on our behalf, and expose us to liability, which could harm our reputation and adversely affect our business, financial condition, and results of operations, and as we grow, we may become a more attractive target for cyber attacks.”
Cybersecurity Governance
Our Board oversees our risk management efforts and has created a dedicated cybersecurity committee to specifically oversee our cybersecurity risk policies, plans, and programs. The cybersecurity committee typically meets at least quarterly and at each regular meeting, management, including from our Chief Information Security Officer (CISO), provides an update to the committee regarding our cybersecurity risk management program, including with respect to plan design, recent cybersecurity incidents (if any), and general cybersecurity developments.
Our management team, including our CISO, is responsible for assessing and managing our risks from cybersecurity threats under the cybersecurity committee’s oversight. Our current CISO has nearly 20 years of cybersecurity experience in both the public and private sectors. His senior public sector roles include Senior Policy Advisor and the Director of Stakeholder Engagement in the Office of the National Cyber Director, Chief of Cyber Threat Analysis at the Cybersecurity and Infrastructure Security Agency (CISA), CISO of the Pandemic Response Accountability Committee, and Deputy CISO of the Pension Benefit Guaranty Corporation.
Our CISO leads an internal cybersecurity team comprised of individuals with varying experience and skillsets. This team covers a variety of cybersecurity-related functions, including security operations, strategy and governance risk and compliance, program management, security architecture and engineering, vulnerability management, and product security. We also have a dedicated security operations center that is responsible for detection and monitoring of cybersecurity incidents. Our CISO takes steps to stay informed about and monitor the identification, prevention, detection, protection, mitigation, and remediation of key cybersecurity risks and incidents through various means. In the case of a security event, the security incident response plan is activated to respond to the security event. We also assess and manage our cyber risks through our internal Information Security and Privacy Governance Committee, which is composed of a cross-organizational leadership team and was formed to oversee the management, operation, and overall effectiveness of the information security management system.
Item 2. Properties.
Our corporate headquarters in Austin, Texas consists of 165,000 square feet of space under a lease that expires in April 2029. We also have additional office space under traditional leases in Pune, India, Tel Aviv, Israel, and London, United Kingdom and under coworking arrangements in various locations in North America, EMEA, and APAC.
We believe that our facilities are adequate for our current needs and anticipate that suitable additional space will be readily available to accommodate any foreseeable expansion of our operations. For more information about our lease commitments, see also Note 7 “Leases” in our notes to our consolidated financial statements included in this Annual Report.
50
Item 3. Legal Proceedings.
We are not currently a party to, nor is our property currently subject to, any material legal proceedings other than ordinary routine litigation incidental to the business, and we are not aware of any such proceedings contemplated by governmental authorities.
Item 4. Mine Safety Disclosures.
Not applicable.
51
PART II
Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities.
Market Information
Our common stock commenced trading on the Nasdaq Global Select Market on February 13, 2025 under the ticker symbol “SAIL.”
Holders of Record
As of March 21, 2025, there were approximately 1,780 stockholders of record of our common stock, and the closing price of our common stock was $20.25 per share as reported on the Nasdaq Global Select Market. Because many shares of our common stock are held by brokers and other institutions as record holders and on behalf of stockholders, we are unable to estimate the total number of stockholders represented by these record holders.
Dividend Policy
We have never declared or paid any cash dividends on our common stock. We currently intend to retain all of our earnings to finance the growth and development of our business, and we do not currently intend to pay any cash dividends in the foreseeable future. Any further determination to pay dividends on our common stock will be at the discretion of our Board, subject to applicable laws, and will depend on our financial condition, results of operations, capital requirements, general business conditions and other factors that our Board considers relevant. In addition, our Credit Agreement places restrictions on our ability to pay cash dividends. See Note 9 “Credit Agreement and Debt” in our notes to our consolidated financial statements included in this Annual Report for more information regarding terms and conditions of the Credit Agreement.

Recent Sales of Unregistered Securities
Set forth below is information regarding securities sold by us within the past three years that were not registered under the Securities Act (without giving effect to the Corporate Conversion (as defined below)). Also included is the consideration, if any, received by us for such securities and information relating to the section of the Securities Act, or rule of the SEC, under which exemption from registration was claimed.

Since January 31, 2022, we have made sales of the following unregistered securities:

In connection with the Take-Private Transaction (as defined below), on August 16, 2022, we issued approximately 362,467,732.36 Class A units representing limited partner interests of SailPoint Parent, LP ("Class A Units") and approximately 79,188,048.57 Class B units representing limited partner interests of SailPoint Parent, LP ("Class B Units") for an aggregate of $5,950,501,667 to Thoma Bravo.

In connection with the Take-Private Transaction, on August 16, 2022, we issued approximately 1,589,850.46 Class A Units and approximately 347,333.27 Class B Units to Mark McClain, our Chief Executive Officer, in exchange for rollover equity of $26,100,000.

In March 2023, we issued employees and directors an aggregate of approximately 3,151,863.31 Class A Units and approximately 688,583.46 Class B Units for a total value of $51,743,000, of which approximately 2,774,563.17 Class A Units remain outstanding and approximately 606,155.19 Class B Units remain outstanding as of January 31, 2025.

From June 2023 through January 31, 2025, we granted directors and employees an aggregate of approximately 8,492,521.45 time-based restricted Class B Units, subject to certain participation thresholds, for a total value of $147,711,283.32, of which approximately 7,522,647.12 remain outstanding as of January 31, 2025.

On December 23, 2024, we issued approximately 36,548,286.44 Class A Units and approximately 7,984,676.29 Class B Units to Thoma Bravo for an aggregate purchase price of $600,000,000.

On January 7, 2025, we issued approximately 19,567.57 Class A Units and approximately 4,274.91 Class B Units to certain of our directors and other equityholders who exercised their preemptive rights under our partnership agreement in connection with Thoma Bravo’s purchase for an aggregate purchase price of approximately $0.3 million.
52

The offers and sales of the above securities were deemed to be exempt from registration under the Securities Act in reliance upon Section 4(a)(2) of the Securities Act or Regulation D promulgated thereunder, or Rule 701 promulgated under Section 3(b) of the Securities Act, as transactions by an issuer not involving any public offering or pursuant to benefit plans and contracts relating to compensation as provided under Rule 701. The recipients of the above securities represented their intentions to acquire the securities for investment only and not with a view to or for sale in connection with any distribution thereof.
Purchase of Equity Securities by the Issuer and Affiliated Purchasers
None.

Securities Authorized for Issuance under Equity Compensation Plans

As of January 31, 2025, we had no equity compensation plans or individual compensation arrangements under which our equity securities were authorized for issuance.
Use of Proceeds from Initial Public Offering of Common Stock
On February 12, 2025, the Registration Statement on Form S-1 (File No. 333-284339) (the “Registration Statement”) relating to our IPO was declared effective by the SEC and we priced our IPO. Pursuant to the Registration Statement, we registered an aggregate of 60.0 million shares of our common stock, of which 57.5 million shares were sold by us and 2.5 million shares were sold by certain selling stockholders named therein at a price to the public of $23.00 per share (for an aggregate offering price of $1,380.0 million). We received net proceeds of approximately $1,249.1 million, net of approximately $59.5 million of underwriting discounts and commissions and approximately $13.8 million of offering costs. Morgan Stanley & Co. LLC and Goldman Sachs & Co. LLC acted as joint lead book-running managers and representatives of the underwriters.

There has been no material change in the planned use of proceeds from our IPO as described in the related prospectus filed with the SEC pursuant to Rule 424(b)(4) under the Securities Act, except that we repaid the Term Loan in full.
Item 6. [Reserved]
Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations
You should read the following discussion and analysis of our financial condition and results of operations together with our consolidated financial statements and the related notes included in Part II, Item 8 of this Annual Report.

Our fiscal year end is January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal year ended January 31, 2025 and January 31, 2024 are referred to herein as "fiscal 2025" and "fiscal 2024," respectively, and the period from August 16, 2022 to January 31, 2023 is referred to as "Successor" and the period from February 1, 2022 to August 15, 2022 is referred to as "Predecessor." Year-to-year comparisons between fiscal 2024 to the Successor and Predecessor periods and discussions of items in such periods are not included in this Annual Report, and can be found in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in our final prospectus dated February 12, 2025 and filed with the SEC pursuant to Rule 424(b)(4) on February 14, 2025.
Overview
We deliver solutions to enable comprehensive identity security for the enterprise. We do this by unifying identity data across systems and identity types, including employee identities, non-employee identities, and machine identities. Our SaaS and customer-hosted offerings leverage intelligent analytics to provide organizations with critical visibility into which identities currently have access to which resources, which identities should have access to those resources, and how that access is being used. Our solutions enable organizations to establish, control, and automate policies that help them define and maintain a robust security posture and achieve regulatory compliance. Powered by AI, our solutions enable organizations to overcome the scale and complexity of managing identities in real-time across dynamic, complex IT environments. Our solutions empower organizations to maintain a robust security posture and achieve regulatory compliance.

53
Today, we offer a range of solutions to meet the varied needs of our customers across a broad set of deployment options including: Identity Security Cloud, our SaaS-based cloud solution built on our unified platform, Atlas, and IdentityIQ, our customer-hosted identity security solution. These solutions are designed to enable our customers to make more effective decisions regarding access, improve security processes, and provide them with a deeper understanding of identity and access.

SailPoint was founded in 2005 by industry experts to develop a new category of identity solutions, address emerging identity security challenges, and drive innovation in the identity market. After establishing leadership in on-premises identity solutions, SailPoint pioneered standalone identity governance and administration SaaS solutions with advanced analytics. Today, SailPoint delivers a robust, extensible SaaS platform for identity security that is ready for the AI age with modern data architecture and just-in-time access to critical data for advanced use cases.

In recent years, we have transitioned our business to a subscription model. This transition is substantially complete with subscription revenue, which consists primarily of SaaS, maintenance, and term subscriptions, comprising 92% and 89% of our total revenue for the year ended January 31, 2025 and 2024, respectively. As of January 31, 2025, our ARR was $876.7 million, reflecting an increase of 29% compared to January 31, 2024. Our go-to-market motion is focused primarily on our SaaS solution, and the growth in our ARR is primarily driven by an increase in SaaS ARR. As of January 31, 2025, our SaaS ARR was $540.3 million, reflecting an increase of 39% as compared to $388.3 million as of January 31, 2024.

Our transformation has led to rapid growth while increasing the visibility and predictability of our financial model. As of January 31, 2025, 2024 and 2023, our ARR was $876.7 million, $681.8 million, and $520.1 million, respectively, representing year-over-year growth of 29%, 31%, and 39%, respectively. As of January 31, 2025, 2024, and 2023, our SaaS ARR was $540.3 million, $388.3 million, and $266.6 million, respectively, representing year-over-year growth of 39%, 46%, and 60%, respectively.

For the fiscal year ended January 31, 2025, 2024 and from the period from August 16, 2022 to January 31, 2023 (Successor) and the period from February 1, 2022 to August 15, 2022 (Predecessor):

Our revenue was $861.6 million, $699.6 million, $276.7 million, and $276.2 million, respectively.

Our gross profit margin was 65%, 60%, 58%, and 70%, respectively.

Our adjusted gross profit margin was 78%, 77%, 77%, and 73%, respectively.

Our subscription gross profit margin was 70%, 67%, 64%, and 78%, respectively.

Our adjusted subscription gross profit margin was 84%, 84%, 83%, and 81%, respectively.

Our operating margin was (22)%, (48)%, (62)%, and (52)%, respectively.

Our adjusted operating margin was 15%, 8%, 3%, and (7)%, respectively.

Our net loss was $(315.8) million, $(395.4) million, $(183.3) million, and $(149.2) million, respectively.

Adjusted gross profit margin, adjusted subscription gross profit margin, and adjusted operating margin are non-GAAP financial measures. See “—Non-GAAP Financial Measures” for our definitions of these non-GAAP financial measures, information about how and why we use these non-GAAP financial measures, a discussion of the limitations of these non-GAAP financial measures, and a reconciliation of each of these non-GAAP financial measures to its most directly comparable financial measure calculated in accordance with GAAP.

Recent Developments
On January 31, 2025, we effected a 60.91-for-1 forward unit split and a 0.45-for-1 reverse unit split of our Class A Units and Class B Units, respectively. All Class A Unit and Class B Unit and per unit information included in this Annual Report have been retroactively adjusted to reflect this unit split for all periods presented. Additionally, all incentive unit and per unit information was adjusted to reflect the 0.45-for-1 reverse unit split of the Class B Units in this Annual Report.
On January 31, 2025, the board of managers of SailPoint Parent, LP approved modifications to accelerate vesting of certain incentive units, equity appreciation rights ("EARs"), and cash settled awards subject to the pricing and closing of the
54
IPO and immediately prior to the Corporate Conversion. The Company expects to record an estimated equity-based compensation expense of $113.8 million. The equity awards that will be accelerated or modified, as applicable, are held by our directors, executive officers, and employees.
On February 12, 2025, we closed our IPO of 60.0 million shares of common stock at an initial offering price to the public of $23.00 per share for an aggregate offering price of $1,380.0 million. We received net proceeds of approximately $1,249.1 million, net of the underwriting discounts, commissions and offering costs.
On February 12, 2025, in conjunction with the closing of the IPO, SailPoint Parent, LP converted into a Delaware corporation pursuant to a statutory conversion and changed its name to SailPoint, Inc. (the "Corporate Conversion"). In conjunction with the Corporate Conversion, all of our outstanding partnership units were converted into an aggregate of 499,060,464 shares of our common stock. The number of shares of common stock issuable to holders of Class A Units and holders of Class B Units in connection with the Corporate Conversion was determined pursuant to the applicable provisions of the plan of conversion. We continue to be controlled by Thoma Bravo following the Corporate Conversion. After giving effect to the Corporate Conversion and the closing of the IPO, Thoma Bravo controls approximately 86.2% of the voting power of the company.
In conjunction with the closing of the IPO, we settled all outstanding fees payable to Thoma Bravo.
On February 19, 2025, the Company repaid $690.0 million of its Term Loan from the proceeds of its IPO. On March 3, 2025, the Company repaid the remaining balance of $350.0 million of its Term Loan and will record an estimated $15.3 million loss from extinguishment of debt related to debt issuance costs.
During February 2025, the Company issued 16,483,859 restricted stock units primarily in connection with our IPO under a new SailPoint, Inc. Omnibus Incentive Plan (the "Omnibus Incentive Plan") to certain of its employees, including our executive officers, and directors of the board upon the closing of the IPO. Stock-based compensation expense is estimated to be $388.4 million and will be recognized subsequent to the date of the closing of the IPO over the vesting terms, which are predominately two or four year terms.

Our Business Model

Our customers include many of the world’s largest and most complex organizations, including large enterprises across all major verticals and governments. The approximate number of customers at each ARR level are as follows:

As of January 31,
2025
2024
2023
Customers
2,9752,7602,525
Customers less than $250,000 in ARR
1,9951,9801,910
Customers greater than $250,000 in ARR
980780615
Customers greater than $1,000,000 in ARR
1609060

The number of customers with $250,000 or more of ARR as of January 31, 2025 increased 26% on a year-over-year basis, and the number of customers with over $1,000,000 of ARR as of January 31, 2025 increased 78% on a year-over-year basis. Most new customers purchase one of our SaaS suites, Standard, Business, or Business Plus. For the last twelve months ending January 31, 2025, over 90% of new SaaS customers landed with a suite offering. We believe we deliver exceptional value to our customers and as a result benefit from high customer retention. Our go-to-market approach tends to result in a larger land, with future opportunities for expansion. We focus on expanding our customer relationships over time with significant up-selling and cross-selling opportunities, including suite upgrades and additional products. In recent years, our expansion motion has grown rapidly, demonstrating the growing value proposition of our solutions. As of January 31, 2025, our dollar-based net retention rate was 114%.

For Identity Security Cloud, our SaaS-based cloud solution, and IdentityIQ, our customer-hosted solution, our customers typically enter into three-year contracts, with annual billing upfront.

For Identity Security Cloud, our pricing is tiered and based on the suite, with the option for the customer to purchase additional products and capabilities a-la-carte. We price our IdentityIQ term subscriptions based on a number of factors, including the number of digital identities governed with the solution. Customers also have the option to purchase additional
55
products and capabilities. As of January 31, 2025, the weighted duration of our SaaS and term subscription contracts was approximately three years.

Key Factors Affecting Our Performance
Our historical financial performance has been, and we expect our financial performance in the future to be, driven by our ability to:
Add New Customers within Existing Markets. Countless organizations still use a combination of legacy solutions and home-grown tools. Furthermore, we estimate that over 60% of organizations in our target market still have a fragmented identity experience or use a mostly manual process based on our internal research. As a result, we believe that there is a significant opportunity for us to accelerate the growth of our customer base by enhancing our marketing efforts, increasing our sales capacity and productivity, and expanding and further leveraging our use of channel partners, including MSPs. Our ability to attract new customers depends on a number of factors, including the effectiveness and pricing of our solutions, our ability to drive awareness of them, and the offerings of our competitors.

Generate Additional Sales to Existing Customers. We believe that our existing customer base provides us with a significant opportunity to expand incremental sales. Most new customers initially purchase one of our SaaS suites (Standard, Business, or Business Plus). We focus on expanding our customer relationships over time through up-selling and cross-selling opportunities, including suite upgrades and additional products. Additionally, we are focused on continuing to migrate customers of our customer-hosted solution to our SaaS suites, which typically results in increased ARR because of the additional functionality that our SaaS suites offer. Our focus on growing our product portfolio as well as expanding customer relationships over time through cross-selling and up-selling has driven expansion of our dollar-based net retention rate from 110% as of January 31, 2023 to 114% as of January 31, 2025. Our ability to increase sales to existing customers will depend on a number of factors, including our customers’ satisfaction with our products, competition, pricing, and overall changes in our customers’ spending levels.

Increase Share of Revenue Derived from SaaS. Our go-to-market motion is focused primarily on Identity Security Cloud, our SaaS offering. For the twelve months ended January 31, 2025, SaaS contracts comprised approximately 78% of incremental ARR, up from 75% for the twelve months ended January 31, 2023, and we expect this trend to continue in the future. We define incremental ARR as the increase in ARR from the prior period to current period. While we expect that this increase in SaaS contracts will drive growth in ARR, it is also expected to have a near term negative impact on revenue growth, driven by differences in revenue recognition policies between SaaS subscriptions and term subscriptions, and gross margins, as we incur hosting costs for our SaaS offering. Our ability to increase our revenue from SaaS subscriptions will depend on a number of factors, including our customers’ specific circumstances, some of which necessitate their preference for our customer-hosted identity governance solution, IdentityIQ.

Deepen our Penetration in International Markets. We expect to continue to invest in our sales and marketing efforts and channel partner network to expand our reach and deepen our presence in existing geographies and expand into new geographies. We believe that our global market opportunity is large and growing in response to the evolving IT and threat landscapes. For the twelve months ended January 31, 2025, we generated 68% of our revenue from the United States, 19% from EMEA, and 13% from the rest of the world, billed primarily in U.S. dollars. Our ability to deepen our penetration in international markets will depend on a number of factors, including the competitiveness of our solutions, the efficacy of our channel partner network, and our sales and marketing efforts.

Sustain Technology Leadership Through Extending Identity Security Portfolio. We recently launched new offerings in non-employee risk management, data access security, access risk management, and cloud infrastructure entitlement management. We are thoughtfully investing in AI, both to increase the capabilities of our solutions, as well as to help our customers protect their organizations while adopting AI for their own use cases. We intend to continue investing to extend our position as the leader in identity security by developing or acquiring new products and technologies and extending our portfolio into additional identity security use cases. Our future success is dependent on our ability to successfully develop, identify, market, and sell existing and new products to both new and existing customers.

Impact of Current Economic Conditions

Worldwide economic and political uncertainties and negative trends, including financial and credit market fluctuations, tariffs and increasing trade protectionism, changes in government spending levels, uncertainty in the banking sector, rising interest rates, inflation and other impacts from the macroeconomic environment have, and could continue to, adversely affect our business operations or financial results. As we continue to monitor the direct and indirect impacts of these circumstances,
56
the broader implications of these macroeconomic and political events on our business, results of operations and overall financial position remain uncertain. See the section titled "Risk Factors'' included under Part I, Item 1A above for further discussion of the possible impact of these factors and other risks on our business.

Key Business Metrics

In addition to our financial information prepared in accordance with GAAP, we monitor the following key business metrics to help us measure and evaluate the effectiveness of our operations. Prior to the Take-Private Transaction, our Predecessor monitored the key business metric of ARR. The Take-Private Transaction did not have any direct effects on ARR or our other key business metrics. Although we believe we have a reasonable basis for each of these metrics, we caution you that these metrics are based on a combination of assumptions that may prove to be inaccurate over time. Please see the section titled “Risk Factors” for more information.

Annual Recurring Revenue

We believe ARR is a key metric to measure our business performance because it measures our ability to generate sales with new customers and to maintain and expand spend with existing customers. The way we define ARR normalizes the impact of revenue recognition differences between SaaS contracts and term subscription agreements. In recent years, ARR has grown faster than revenue, as a greater share of incremental ARR has been driven by SaaS contracts which have ratable revenue recognition compared to term subscription agreements where a portion of the contract value is recognized as revenue up-front.

We define ARR as the annualized value of SaaS, maintenance, term subscription, and other subscription contracts as of the measurement date. To the extent that we are actively negotiating a renewal or new agreement with a customer after the expiration of a contract, we continue to include that contract’s annualized value in ARR until the customer notifies us that it is not renewing its contract. The amount included in our ARR calculation related to these contracts was less than 1% as of the end of each period shown in the ARR table below. We calculate ARR by dividing the active contract value by the number of days of the contract and then multiplying by 365. ARR should be viewed independently of revenue, as ARR is an operating metric and is not intended to be combined with or to replace revenue. ARR is not a forecast of future revenue, which can be impacted by ASC 606 allocations, and ARR does not consider other sources of revenue that are not recurring in nature.

ARR does not have a standardized meaning and is not necessarily comparable to similarly titled measures presented by other companies. Our ARR has grown in each of the past three years, reflecting growth in new customers as well as expanded sales to existing customers. The following table presents our ARR as of the end of each period noted below (dollars in millions):

As of January 31,
202520242023
ARR
$876.7 $681.8 $520.1 

SaaS Annual Recurring Revenue

In recent years, we have transitioned our business to a SaaS-first subscription model. As a result of those efforts, our SaaS ARR has more than doubled from January 31, 2023 to January 31, 2025, and the share of SaaS ARR to total ARR has increased from 51% to 62% from January 31, 2023 to January 31, 2025. We believe the share of ARR generated by our SaaS solution will continue to increase over time.

We define SaaS ARR as the annualized value of SaaS contracts as of the measurement date. To the extent that we are actively negotiating a renewal or new agreement with a customer after the expiration of a contract, we continue to include that contract’s annualized value in SaaS ARR until the customer notifies us that it is not renewing its contract. The amount included in our ARR calculation related to these contracts was less than 1% as of the end of each period shown in the SaaS ARR table below. We calculate SaaS ARR by dividing the active SaaS contract value by the number of days of the contract and then multiplying by 365.

SaaS ARR should be viewed independently of subscription revenue as SaaS ARR is an operating metric and is not intended to be combined with or replace subscription revenue. SaaS ARR is not a forecast of future subscription revenue, which can be impacted by ASC 606 allocations and renewal rates and does not consider other sources of revenue that are not recurring in nature. The following table presents our SaaS ARR as of the end of each period noted below (dollars in millions):
57

As of January 31,
202520242023
SaaS ARR
$540.3 $388.3 $266.6 

Dollar-Based Net Retention Rate

Our focus on growing our product portfolio as well as expanding customer relationships over time through cross-selling and up-selling has driven expansion of our dollar-based net retention rate from 110% as of January 31, 2023 to 114% as of January 31, 2025.

We define dollar-based net retention rate as the comparison of our ARR from our subscription customers against the same metric for those subscription customers from the prior year. For the purposes of calculating our dollar-based net retention rate, we define a subscription customer as a separate legal entity that has entered into a distinct subscription agreement. Our dollar-based net retention rate reflects customer expansion, contraction, and churn. We calculate our dollar-based net retention rate as of period end by starting with the ARR from all subscription customers as of 12 months prior to such period end, or prior period ARR. We then calculate the ARR from these same subscription customers as of the current period end, or current period ARR. We then divide the current period ARR by the prior period ARR to arrive at our dollar-based net retention rate. The dollar-based net retention rate at the end of any period is the weighted average of the dollar-based net retention rates as of the end of each of the trailing 4 quarters. The following table presents our dollar-based net retention rate as of the end of each period noted below:
As of January 31,
202520242023
Dollar-based net retention rate
114 %114 %110 %

Factors Affecting the Comparability of Our Results of Operations

Our historical results of operations may not be comparable from period to period or going forward. Set forth below is a brief discussion of the key factors impacting the comparability of our results of operations.

Take-Private Transaction

On August 16, 2022, we were acquired in an all-cash take-private transaction by Thoma Bravo (the "Take-Private Transaction"). As a result of the Take-Private Transaction, SailPoint Parent, LP indirectly acquired all of the capital stock of SailPoint Technologies Holdings, Inc. ("STHI"), a Delaware corporation that was previously traded on the New York Stock Exchange under the symbol “SAIL” from November 2017 until the completion of the Take-Private Transaction on August 16, 2022. SailPoint Parent, LP was formed in connection with the Take-Private Transaction to serve as a holding company and did not have previous operations. Accordingly, STHI is viewed as the predecessor to SailPoint Parent, LP, and the consolidated financial statements present consolidated financial information of (i) STHI as the predecessor for periods prior to the Take-Private Transaction and (ii) SailPoint, LP as the successor for periods from and after the Take-Private Transaction.

The Predecessor and Successor consolidated financial information are not comparable primarily due to the application of acquisition accounting in the Successor financial statements as of August 16, 2022 (the date on which the Take-Private Transaction was completed), which generally requires, among other things, that the identifiable assets acquired and liabilities assumed be recognized at their estimated fair values as of the date on which the Take-Private Transaction was completed and the excess of the purchase price over the fair value of such identifiable assets and liabilities be recognized as goodwill. See Note 5 "Business Combinations" to the consolidated financial statements for more information. Due to this application of acquisition accounting, (i) Successor’s amortization expense from acquired intangible assets is higher than Predecessor’s, which negatively impacts Successor’s cost of revenue and operating expenses (research and development expenses and sales and marketing expenses) as compared to Predecessor’s, and (ii) Successor’s amortization expense related to contract acquisition costs is lower than Predecessor’s (the fair value of the acquirer contract acquisition cost balance was determined to be nil), which positively impacts Successor’s operating expenses (sales and marketing expenses) as compared to Predecessor’s. In addition, acquisition-related transaction costs incurred as part of the Take-Private Transaction were expensed as incurred in the Predecessor period and all transaction expenses that were contingent on the completion of the Take-Private Transaction were recorded in the Predecessor period, which positively impacted Successor’s operating expenses (general and administrative expenses) as compared to Predecessor’s. Also, as a result of the Take-Private Transaction, (a) interest expenses materially increased due to
58
the Term Loan, which we entered into in connection with the Take-Private Transaction, (b) equity-based compensation increased due to cash-settled awards and incentive units, which negatively impacts Successor’s cost of revenue and operating expenses (research and development expenses, sales and marketing expenses, and general and administrative expense), (c) we incurred Thoma Bravo monitoring fees (which are annual service-fees for consultation and advice related to corporate strategy, budgeting of future corporate investments, acquisition and divestiture strategies, and debt and equity financings; see Note 11 “Related Party Transactions” in the notes to our consolidated financial statements for more information), which negatively impacted Successor’s operating expenses (general and administrative expenses), although we incurred less costs associated with operating as a private company, and (d) the effective tax rate increased due to the change in valuation allowance in connection with the Take-Private Transaction.

The Take-Private Transaction did not, however, have any direct effects on our key business metrics (ARR, SaaS ARR, and dollar-based net retention rate). The Take-Private Transaction also did not result in a material change of management, with four of the five current executive officers, including the Chief Executive Officer and the President, serving in the same or substantially same capacities as they did prior to the Take-Private Transaction.

Public Company and Other Costs

We incur additional costs associated with operating as a public company as compared to periods prior to the IPO. The Sarbanes-Oxley Act, as well as rules adopted by the SEC and national securities exchanges, require public companies to implement specified corporate governance practices that were inapplicable to us as a private company. These additional rules and regulations increase our legal, regulatory, financial, and insurance compliance costs and make some activities more time-consuming and costly. We incurred a significant increase in equity-based compensation expense due to the conversion and vesting of equity awards issued prior to the IPO as well as the issuance of equity awards to certain employees in connection with the IPO. We no longer incur the Thoma Bravo monitoring fees discussed above.

Impact of the Offering on Employee Incentive Plans and Operating Results

We will incur additional compensation related costs associated with modifications to outstanding EARs and incentive units and the issuance of new restricted stock units under the Omnibus Plan to certain of our employees.
Components of Results of Operations
Revenue
Subscription Revenue
The majority of our revenue relates to subscription revenue which consists of (i) fees for access to, and related support for, the SaaS offerings, (ii) fees for term subscriptions, (iii) fees for ongoing maintenance and support of perpetual license solutions, and (iv) other subscription services such as cloud managed services, and certain professional services. Term subscriptions include the term licenses and ongoing maintenance and support. Maintenance and support agreements consist of fees for providing software updates on a when and if available basis and for providing technical support for software products for a specified term.
Subscription revenue, including support for term licenses, is recognized ratably over the term of the applicable agreement. Revenue related to term subscription performance obligations, excluding support for term subscriptions, is recognized upfront at the point in time when the customer has taken control of the software license.
Over time, we expect subscription revenue will increase as a percentage of total revenue as we continue to
focus on increasing our subscription revenue, specifically our SaaS offering, as a key strategic priority.
Perpetual License Revenue 
Revenues from perpetual license performance obligations are recognized upfront at the point in time when the customer has taken control of the software license. All perpetual license transactions include maintenance and support performance obligations which are included in subscription revenue.
We expect perpetual license revenue as a percentage of total revenue to continue to decrease over time as we focus on increasing our subscription revenue.
Services and Other Revenue 
59
Services and other revenue consist primarily of fees from professional services provided to customers and partners to configure and optimize the use of our solutions as well as non-subscription training services. Our professional services are structured on a time-and-materials or fixed priced basis, and the related revenue is recognized as the services are rendered.
Over time, we expect our professional services revenue as a percentage of total revenue to decrease as we increasingly rely on partners to help our customers deploy our software.
Cost of Revenue
Cost of Subscription Revenue
Cost of subscription revenue consists primarily of third-party cloud-based hosting costs, software, amortization expenses for developed technology acquired, equity-based compensation, employee-related costs (which we define as salaries, benefits, bonuses, and allocated overhead) for providing subscriptions, third party royalties, and contractor costs to supplement staff levels. We expect third-party cloud-based hosting costs to increase as our SaaS subscriptions continue to grow.
Cost of Perpetual License Revenue
Cost of perpetual license revenue consists of amortization expense for developed technology acquired and third-party royalties.
Cost of Services and Other Revenue
Cost of services and other revenue consists primarily of employee-related costs of professional services and training organizations, equity-based compensation, travel-related costs, and contractor costs to supplement staff levels.
Impairment of Intangible Assets
Impairment of intangible assets consists of impairment charges for developed technology acquired.
Gross Profit and Gross Profit Margin
Gross profit is revenue less cost of revenue, and gross profit margin is gross profit as a percentage of total revenue. Gross profit has been and will continue to be affected by various factors, including the mix of our revenue, the costs associated with third-party cloud-based hosting services and software for our SaaS offering, and the extent to which we expand our customer support, professional services, and training organizations. We expect that our overall gross profit margin will fluctuate from period to period depending on the mix of these various factors. Our gross profit margin may decrease in the short term as we transition to generating an increasing share of our revenue from our SaaS offering.
Operating Expenses
Research and Development Expenses 
Research and development expenses consist primarily of employee-related costs, equity-based compensation, software and hosting arrangement expenses, professional services expense, and amortization expense for acquired intangible assets.
We believe that continued investment in our offerings is vital to the growth of our business, and we intend to continue to invest in product development. We expect our research and development expenses to continue to increase on an absolute basis in the foreseeable future but to decrease as a percentage of revenue as our business grows.
Sales and Marketing Expenses 
Sales and marketing expenses consist primarily of employee-related costs, equity-based compensation, costs for events and travel, costs of general marketing and promotional activities, payment processing fees and amortization expense for acquired intangible assets, and contract acquisition costs.
We expect our sales and marketing expenses to increase on an absolute basis for the foreseeable future as we continue to invest in our sales force for expansion to new geographic and vertical markets. We expect sales and marketing expenses to continue to be our largest operating expense category.
60
General and Administrative Expenses
General and administrative expenses consist primarily of employee-related costs related to the corporate functions such as executive and internal administrative operations, as well as equity-based compensation, third-party professional fees, bad debt expense, travel, and facilities costs.
We expect our general and administrative expenses to increase on an absolute basis as a result of operating as a public company, including costs to comply with the rules and regulations applicable to companies listed on a national securities exchange, costs related to compliance and reporting obligations, and increased expenses for insurance, investor relations, and professional services. However, we expect that our general and administrative expense will decrease as a percentage of our revenue as our revenue grows over the longer term as our business grows.
We also expect to incur higher equity-based compensation as we operate as a public company, which will result in an increase in costs of revenue, research and development expenses, sales and marketing expenses, and general and administrative expenses.
Other Income (Expense), Net
Other income (expense), net consists primarily of interest income and interest expense. Interest income consists primarily of interest received on cash equivalents, which we expect will fluctuate based on our cash balances and interest rates.
In the Predecessor period, interest expense consists primarily of contractual interest expense on the $400.0 million aggregate principal amount of 0.125% Convertible Senior Notes issued by STHI in September 2019 and the Credit Agreement, along with amortization of debt discount and issuance costs. In the Successor period, interest expense consists primarily of contractual interest on our Term Loan plus amortization of debt issuance costs.
Income Tax Benefit (Expense)
Our income tax benefit (expense) consists of U.S. and state income taxes and income taxes in certain foreign jurisdictions in which we conduct business. Our income tax rate varies from the federal statutory rate due to state income taxes, differences in accounting and tax treatment of our equity-based compensation, research and development credits, and changes in the valuation allowance. We expect fluctuation in effective income tax rates, as well as its potential impact on our results of operations, to continue.
Seasonality
We generally experience seasonal fluctuations in demand for our products and services. Our quarterly sales are impacted by industry buying patterns. As a result, our sales have generally been highest in the fourth calendar quarter and lowest in the first calendar quarter. Although these seasonal factors are common in the technology industry, historical patterns should not be considered a reliable indicator of our future sales activity or performance.
61
Results of Operations
The following table sets forth our results of operations for the periods presented and as a percentage of revenue(1) (in thousands, except for percentages, units and per unit data). The period-to-period comparison of results is not necessarily indicative of results for future periods.
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to January 31, 2023February 1, 2022 to August 15, 2022
Revenue
Subscription$793,919 92 %$622,830 89 %$233,047 84 %$227,398 82 %
Perpetual licenses400 — 5,842 10,806 13,841 
Services and other67,292 70,900 10 32,820 12 34,915 13 
Total revenue861,611 100 699,572 100 276,673 100 276,154 100 
Cost of revenue
Subscription (2)
236,581 28 205,053 29 85,044 31 49,440 18 
Perpetual licenses (3)
154 — 2,227 — 3,718 908 — 
Services and other (2)
68,998 69,355 10 28,055 10 32,454 12 
Total cost of revenue305,733 36 276,635 40 116,817 42 82,802 30 
Gross profit555,878 65 422,937 61 159,856 58 193,352 70 
Operating expenses
Research and development (2) (3)
169,730 20 180,778 26 78,223 28 81,261 29 
Sales and marketing (2) (3)
466,903 54 461,187 66 201,331 73 140,939 51 
General and administrative (2)
107,979 13 113,701 16 51,896 19 115,723 42 
Total operating expenses744,612 86 755,666 108 331,450 120 337,923 122 
Loss from operations(188,734)(22)(332,729)(48)(171,594)(62)(144,571)(52)
Other income (expense), net
Interest income4,158 10,658 1,933 360 — 
Interest expense(186,652)(22)(187,059)(27)(74,844)(27)(1,492)(1)
Other income (expense), net(5,401)(1)(3,219)(1)(1,278)(1)(1,873)(1)
Total other income (expense), net(187,895)(22)(179,620)(26)(74,189)(27)(3,005)(1)
Loss before income taxes(376,629)(44)(512,349)(73)(245,783)(89)(147,576)(53)
Income tax benefit (expense)60,799 116,982 17 62,524 23 (1,663)(1)
Net loss (4)
$(315,830)(37)%$(395,367)(57)%$(183,259)(66)%$(149,239)(54)%
Class A yield$(764,549)$(583,672)$(250,638)
Net loss attributable to Class B unitholders$(1,080,379)$(979,039)$(433,897)
Loss per unit attributable to Class B unitholders—basic and diluted$(12.91)$(12.13)$(5.46)
Weighted average Class B Units outstanding—basic and diluted83,716 80,746 79,535 
_______________
(1) Certain percentages may not foot due to rounding.
62
(2) Includes equity-based compensation expense as follows:
Successor
Predecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to January 31, 2023February 1, 2022 to August 15, 2022
(In thousands)
Cost of revenue
Subscription$7,119 $6,675 $3,276 $2,246 
Services and other6,652 5,772 2,744 1,921 
Operating expenses
Research and development23,139 30,373 14,775 11,222 
Sales and marketing38,387 52,292 21,480 14,393 
General and administrative24,272 39,707 16,758 9,772 
Total equity-based compensation expense$99,569 $134,819 $59,033 $39,554 

(3) Includes amortization expense of acquired intangible assets as follows:
Successor
Predecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to January 31, 2023February 1, 2022 to August 15, 2022
(In thousands)
Cost of revenue
Subscription$103,329 $100,820 $42,422 $4,603 
Perpetual licenses154 2,147 3,383 562 
Operating expenses
Research and development380 32 — 367 
Sales and marketing126,445 154,030 69,882 3,526 
Total amortization expense$230,308 $257,029 $115,687 $9,058 

(4) Net losses for the Predecessor period for the period from February 1, 2022 to August 15, 2022 was entirely attributable to Predecessor shareholders. Additionally, due to the impact of the Take-Private Transaction, the Company’s capital structures for the Successor and Predecessor periods are not comparable. As a result, the presentation of loss per share for the periods prior to the Take-Private Transaction is not meaningful.
63
Comparison of the Years Ended January 31, 2025 and 2024
Revenue
Year Ended January 31,
20252024variance $variance %
(In thousands, except percentages)
Revenue
Subscription
SaaS$444,595 $312,259 $132,336 42 %
Maintenance and support154,351 155,528 (1,177)(1)%
Term subscriptions173,917 144,181 29,736 21 %
Other subscription services21,056 10,862 10,194 94 %
Total subscription793,919 622,830 171,089 27 %
Perpetual licenses400 5,842 (5,442)(93)%
Services and other67,292 70,900 (3,608)(5)%
Total revenue$861,611 $699,572 $162,039 23 %
Subscription Revenue. Subscription revenue increased by $171.1 million, or 27%, for the year ended January 31, 2025 compared to the year ended January 31, 2024 primarily due to an increase in SaaS revenue and term subscription revenue due to our focus on selling subscriptions to new and existing customers.
Perpetual License Revenue. License revenue decreased by $5.4 million, or (93)%, for the year ended January 31, 2025 compared to the year ended January 31, 2024 primarily due to our emphasis on transitioning our sales effort from perpetual license solutions to subscriptions.
Services and Other Revenue. Services and other revenue decreased by $3.6 million, or 5% for the year ended January 31, 2025 compared to the year ended January 31, 2024. This decrease is primarily a result of a shift toward selling a higher proportion of professional services and training on a subscription basis.

Cost of Revenue
Year Ended January 31,
20252024variance $variance %
(In thousands, except percentages)
Cost of revenue
Subscription$236,581 $205,053 $31,528 15 %
Perpetual licenses154 2,227 (2,073)(93)%
Services and other68,998 69,355 (357)(1)%
Total cost of revenue$305,733 $276,635 $29,098 11 %
Cost of Subscription Revenue. Cost of subscription revenue increased $31.5 million, or 15%, for the year ended January 31, 2025 compared to the year ended January 31, 2024 primarily due to an increase in software and hosting costs of $18.6 million from the increase in sales of SaaS subscriptions, an increase in employee-related costs of $7.3 million, primarily due to increases in headcount and investments in existing employees to support the growth in the business, an increase in third-party royalties of $1.9 million, an increase in amortization of intangibles of $2.5 million and an increase in amortization of capitalized software of $0.4 million.
Cost of Perpetual Licenses. Cost of licenses decreased $2.1 million, or (93)%, for the year ended January 31, 2025 compared to the year ended January 31, 2024 primarily due to a decrease in our license revenue.
Cost of Services and Other. Cost of services and other decreased by $0.4 million, or (1)%, for the year ended January 31, 2025 compared to the year ended January 31, 2024. The cost of services and other revenue remained consistent with the prior period.
64
Gross Profit and Gross Margin
Year Ended January 31,
20252024variance $variance %
(In thousands, except percentages)
Gross profit
Subscription$557,338 $417,777 $139,561 33 %
Perpetual licenses246 3,615 (3,369)(93)%
Services and other(1,706)1,545 (3,251)(210)%
Total gross profit$555,878 $422,937 $132,941 31 %
Year Ended January 31,
20252024
Gross profit margin
Subscription70 %67 %
Perpetual licenses62 %62 %
Services and other(3)%%
Total gross profit margin65 %60 %
Subscription. Subscription gross profit increased by $139.6 million, or 33%, during the year ended January 31, 2025 compared to the year ended January 31, 2024. The increase was primarily due to the growth in subscriptions. Subscription gross profit margin was 70% for the year ended January 31, 2025 and 67% for the year ended January 31, 2024. The change was primarily due to the increased SaaS revenue and term subscription revenue from our focus on selling subscriptions to new and existing customers.
Perpetual Licenses. License gross profit decreased by $3.4 million, or (93)%, during the year ended January 31, 2025 compared to the year ended January 31, 2024. The decrease in gross profit was primarily due to an increase in selling subscription-based products as compared to licenses. Perpetual license gross profit margin remained materially consistent with the prior period.
Services and Other. Services and other gross profit decreased by $3.3 million, or (210)%, during the year ended January 31, 2025 compared to the year ended January 31, 2024. The decrease in gross profit is primarily due lower revenue from professional services and training as a result of the shift toward selling these services on a subscription basis. Services and other gross profit margin was (3)% for the year ended January 31, 2025 and 2% for the year ended January 31, 2024. The change was primarily due to the decrease in services and other revenue with costs remaining consistent.
Total gross profit increased by $132.9 million, or 31%, during the year ended January 31, 2025 compared to the year ended January 31, 2024. The increase is primarily due to the growth in total revenue. Total gross profit margin was 65% for the year ended January 31, 2025 and 60% for the year ended January 31, 2024. The increase was primarily due to the increased subscription revenue.
Operating Expenses
Year Ended January 31,
20252024variance $variance %
(In thousands, except percentages)
Operating expenses
Research and development$169,730 $180,778 $(11,048)(6)%
Sales and marketing466,903 461,187 5,716 %
General and administrative107,979 113,701 (5,722)(5)%
Total operating expenses$744,612 $755,666 $(11,054)(1)%
Research and Development Expenses. Research and development expenses decreased by $11.0 million, or (6)%, for the year ended January 31, 2025 compared to the year ended January 31, 2024. This decrease was primarily driven by a $7.5
65
million decrease in employee-based costs due mainly to the capitalization of internal-use software development costs and a $7.2 million decrease in equity-based compensation as a greater number of cash-settled awards are now fully vested. The decrease was offset by a $1.7 million increase in professional service fees. and a $1.6 million increase in software and hosting costs.
Sales and Marketing Expenses. Sales and marketing expenses increased by $5.7 million, or 1%, for the year ended January 31, 2025 compared to the year ended January 31, 2024. This increase was primarily driven by a $39.6 million increase in employee-based costs to support increased penetration into our existing customer base and expansion into new industry verticals and geographic markets, a $3.3 million increase in advertising and promotion costs, and a $3.7 million increase in travel expenses and an $1.6 million increase in software and hosting costs. This increase was partially offset by a $13.9 million decrease in equity-based compensation as a greater number of cash-settled awards are now fully vested, a $27.6 million decrease in intangible amortization attributable to certain intangible assets acquired in the Take-Private Transaction reaching full amortization and a $0.9 million decrease in professional services fees.
General and Administrative Expenses. General and administrative expenses decreased by $5.7 million, or (5)%, for the year ended January 31, 2025 compared to the year ended January 31, 2024. This decrease was primarily driven by a $15.4 million decrease in equity-based compensation as a greater number of cash-settled awards are now fully vested. This decrease was partially offset by a $1.3 million increase in employee-related costs due to higher headcount and increased investments in existing employees, a $3.5 million increase in professional service fees, a $2.8 million increase in provision for credit losses, a $1.4 million increase in software and hosting costs and a $0.6 million increase in travel expense.
Other Income (Expense), Net
Year Ended January 31,
20252024variance $variance %
(In thousands, except percentages)
Other income (expense), net
Interest income$4,158 $10,658 $(6,500)(61)%
Interest expense(186,652)(187,059)407 — %
Other income (expense), net(5,401)(3,219)(2,182)68 %
Total other income (expense), net$(187,895)$(179,620)$(8,275)%
Other expense increased by $8.3 million, or 5%, for the year ended January 31, 2025 compared to the year ended January 31, 2024. This increase was primarily due to a $6.5 million decrease in interest income due to a reduction in our cash and cash equivalents and a $2.2 million increase in other expense related to foreign currency exchange loss.
Income Tax (Expense) Benefit
Year Ended January 31,
20252024variance $variance %
(In thousands, except percentages)
Income tax benefit (expense)$60,799 $116,982 $(56,183)(48)%

The Company recorded an income tax benefit of $60.8 million for the year ended January 31, 2025 compared to an income tax benefit of $117.0 million for the year ended January 31, 2024, leading to a net benefit decrease of $56.2 million, or (48)%, year-over-year. The decrease is primarily due to a decrease in current year pre-tax book losses and change in valuation allowance. We recognize deferred tax assets to the extent that we believe these assets are more likely than not to be realized and continue to maintain a valuation allowance to reduce our deferred tax assets to the amount realizable. The total valuation allowance is $32.3 million and is primarily related to interest expense, loss and credit carryforwards.

The effective tax rate for the years ended January 31, 2025 and 2024 were 16.1% and 22.8%, respectively. The main drivers for the differences in the rates from the prior period to the current period are related to an increase in foreign taxes on earnings, decrease in research and development tax credits, and increase in valuation allowance. Our tax expense to date relates primarily to state as well as foreign income taxes. For further information, refer to Note 15 “Income Taxes” in our notes to our consolidated financial statements included in this Annual Report.
66
We operate in several tax jurisdictions and are subject to taxes in each country or jurisdiction in which we conduct business. Earnings from our non-U.S. activities are subject to local country income tax and may be subject to U.S. income tax if such earnings are distributed to the U.S.
We consider the earnings of certain foreign subsidiaries to be permanently reinvested in foreign jurisdictions.

Non-GAAP Financial Measures

In addition to our financial information presented in accordance with GAAP, we use certain “non-GAAP financial measures” to clarify and enhance our understanding of past performance.

Our non-GAAP financial measures may not provide information that is directly comparable to that provided by other companies in our industry because they may calculate non-GAAP financial results differently. In addition, there are limitations in using non-GAAP financial measures because they are not prepared in accordance with GAAP and exclude expenses that may have a material impact on our reported financial results. In particular, interest expense, which is excluded from adjusted income from operations, has been a significant recurring expense in our business. The presentation of non-GAAP financial information is not meant to be considered in isolation or as a substitute for the directly comparable financial measures prepared in accordance with GAAP. We urge you to review the reconciliations of our non-GAAP financial measures to the comparable GAAP financial measures included below and not to rely on any single financial measure to evaluate our business.

We believe excluding items that neither relate to the ordinary course of business nor reflect our underlying business performance, such as equity-based compensation, the amortization of acquired intangible assets, and acquisition-related expenses, enables management and investors to compare our underlying business performance from period-to-period. Accordingly, we believe these adjustments facilitate a useful evaluation of our current operating performance and comparison to our past operating performance and provide investors with additional means to evaluate cost and expense trends. In addition, we also believe these adjustments enhance comparability of our financial performance against those of other technology companies.

Adjusted Gross Profit and Adjusted Gross Profit Margin

We define adjusted gross profit and adjusted gross profit margin as excluding equity-based compensation expense, amortization of acquired intangible assets, acquisition related expenses (credits), Thoma Bravo monitoring fees (which are annual service-fees as described in Note 11 “Related Party Transactions” in the notes to our consolidated financial statements), and restructuring expenses.

The following table reflects the reconciliation of adjusted gross profit to gross profit and adjusted gross profit margin to gross profit margin:

SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to January 31, 2023February 1, 2022 to August 15, 2022
(In thousands, except percentages)
GAAP gross profit$555,878 $422,937 $159,856 $193,352 
GAAP gross profit margin65 %60 %58 %70 %
Equity-based compensation expense13,771 12,447 6,020 4,167 
Amortization of acquired intangible assets103,483 102,967 45,805 5,165 
Acquisition-related expenses and Thoma Bravo monitoring fees— 58 — — 
Restructuring— 94 262 — 
Adjusted gross profit$673,132 $538,503 $211,943 $202,684 
Adjusted gross profit margin78 %77 %77 %73 %

Our adjusted gross profit margin (adjusted gross profit as a percentage of revenue) has remained generally consistent in recent periods and reflects the high value-added nature of our offerings. Our adjusted gross profit margin may decrease in the short term as we transition to generating more revenue from our SaaS offering, for which we incur hosting costs.

Adjusted Subscription Gross Profit and Adjusted Subscription Gross Profit Margin
67

We define adjusted subscription gross profit and adjusted subscription gross profit margin as excluding equity-based compensation expense, amortization of acquired intangible assets, impairment of intangible assets, acquisition related expenses (credits), Thoma Bravo monitoring fees (which are annual service-fees as described in Note 11 “Related Party Transactions” in the notes to our consolidated financial statements), and restructuring expenses.

The following table reflects the reconciliation of adjusted subscription gross profit to subscription gross profit and adjusted subscription gross profit margin to subscription gross profit margin:

SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to January 31, 2023February 1, 2022 to August 15, 2022
(In thousands, except percentages)
GAAP subscription gross profit$557,338 $417,777 $148,003 $177,958 
GAAP subscription gross profit margin70 %67 %64 %78 %
Equity-based compensation expense7,119 6,675 3,276 2,246 
Amortization of acquired intangible assets103,329 100,820 42,422 4,603 
Acquisition-related expenses and Thoma Bravo monitoring fees— 58 — — 
Restructuring— 85 175 — 
Adjusted subscription gross profit$667,786 $525,415 $193,876 $184,807 
Adjusted subscription gross profit margin84 %84 %83 %81 %

Our adjusted subscription gross profit margin (adjusted subscription gross profit as a percentage of subscription revenue) has remained generally consistent in recent periods and reflects the high value-added nature of our offerings. Our adjusted subscription gross profit margin is expected to decrease in the short term as we transition to generating more revenue from our SaaS offering, for which we incur hosting costs.

Adjusted Income from Operations and Adjusted Operating Margin

We define adjusted income from operations as income (loss) from operations excluding equity-based compensation expense, amortization of acquired intangible assets which includes impairment charges, impairment of intangible assets, acquisition-related expenses, benefit from amortization related to acquired contract acquisition costs, Thoma Bravo monitoring fees (which were annual service-fees for consultation and advice related to corporate strategy, budgeting of future corporate investments, acquisition and divestiture strategies, and debt and equity financings as described in Note 11 “Related Party Transactions” in the notes to our consolidated financial statements), and restructuring expenses. The Thoma Bravo monitoring fees were incurred pursuant to a services agreement, and we do not expect to receive similar services in the future or enter into a similar arrangement again in the future.

The following table reflects the reconciliation of adjusted income (loss) from operations to operating income (loss):

68
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to January 31, 2023February 1, 2022 to August 15, 2022
(In thousands, except percentages)
GAAP income (loss) from operations$(188,734)$(332,729)$(171,594)$(144,571)
GAAP income (loss) from operations margin(22)%(48)%(62)%(52)%
Equity-based compensation expense99,569 134,819 59,033 39,554 
Amortization of acquired intangible assets230,308 257,029 115,687 9,058 
Amortization of acquired contract acquisition costs (1)
(25,682)(28,461)(12,819)— 
Acquisition-related expenses and Thoma Bravo monitoring fees17,283 20,051 10,598 76,871 
Restructuring— 3,541 7,508 — 
Adjusted income (loss) from operations$132,744 $54,250 $8,413 $(19,088)
Adjusted operating margin15 %%%(7)%

(1) In accordance with U.S. GAAP reporting requirements, the Company has written off its contract acquisition costs at the time of the Take-Private Transaction. Therefore, U.S. GAAP commissions expense related to contract acquisition costs after the Take-Private Transaction will not reflect the commissions expense that would have been reported if the contract acquisition costs were not written off. Accordingly, the Company believes that presenting the approximate amount of acquisition-related commission expenses (so that the full amount of commission expense is included) provides a more appropriate representation of commission expense in a given period and, therefore, provides readers of the Company’s financial statements with a more consistent basis for comparison across accounting periods.

Our adjusted operating margin increased in the year ended January 31, 2025 compared to prior periods, primarily due to the growth in our overall business and increased operating leverage. Our adjusted operating margin increased in the year ended January 31, 2025 compared to the year ended January 31, 2024, primarily due to the growth in our overall business and increased operating leverage.
Liquidity, Capital Resources and Cash Requirements
Since the inception of SailPoint Parent, LP, our primary sources of liquidity are cash flows from operations, issuance of Class A Units, Class B Units, debt financing, and issuance of our common stock in the IPO. Our primary uses of liquidity are contractual interest payments related to our Term Loan (prior to the repayment thereof), operating expenses, working capital requirements, and capital expenditures.
In November 2024, we drew $25.0 million on our Revolving Credit Facility in preparation for a business acquisition with the remainder for general corporate purposes. The acquisition was completed in December 2024. In December 2024, we issued Class A Units and Class B Units to Thoma Bravo for an aggregate purchase price of $600.0 million, and in January 2025, upon exercise of their preemptive rights pursuant to our partnership agreement, we issued Class A Units and Class B Units to certain of our directors and other equityholders for an aggregate purchase price of approximately $0.3 million. We used $550.0 million and $25.0 million of such proceeds to repay a portion of the borrowings outstanding under our Term Loan and Revolving Credit Facility, respectively, in December 2024 and plan to use the remainder for general corporate purposes. On February 19, 2025, we repaid $690.0 million of the Term Loan from the proceeds of the IPO. On March 3, 2025, we repaid the remaining balance of $350.0 million of the Term Loan.
Cash flows from operations have been historically negative as we continue to develop and expand our products and services and increase our sales and marketing efforts. Although we may have quarterly results where cash flows from operations are positive due to timing of license renewals or other factors, we expect to continue to incur cash flow outflow in the foreseeable future.
As of January 31, 2025, our principal source of liquidity was cash and cash equivalents totaling $121.3 million and our Revolving Credit Facility as described further below. We have restricted cash of $3.1 million as of January 31, 2025, primarily related to a letter of credit for one of our leases.
69

We believe our existing cash and cash equivalents and amounts available under our Credit Facility will be sufficient to meet our liquidity, capital expenditures, and anticipated working capital requirements to fund our operations for at least the next 12 months.

Our future capital requirements will depend on many factors, including but not limited to our revenue growth rate, timing of cash receipt and payments, and the timing and extent of spending to support strategic initiatives. We may also enter into arrangements to acquire or invest in complementary businesses, services, and technologies.
To the extent existing cash and cash equivalents are not sufficient to fund future activities, we may borrow under our Credit Agreement or seek to raise additional funds through equity, equity-linked or debt financings. We may enter into agreements or letters of intent with respect to potential investments in, or acquisitions of, complementary businesses, services or technologies, which could also require us to seek additional equity financing, incur indebtedness or use cash resources. In the event that additional financing is required from outside sources, we may not be able to raise it on terms acceptable to us or at all. If we are unable to raise additional capital when desired, or if we cannot expand our operations or otherwise capitalize on our business opportunities because we lack sufficient capital, our business, operating results and financial condition would be adversely affected.
Revolving Credit Facility

On August 16, 2022, we entered into the Credit Agreement. The Credit Agreement provides for (i) a six-year $125.0 million senior secured Revolving Credit Facility, including a letter of credit subfacility of up to $5.0 million and (ii) a seven-year $1.6 billion Term Loans. On February 19, 2025, we repaid $690.0 million of the Term Loan from the proceeds of the IPO. On March 3, 2025, we repaid the remaining balance of $350.0 million of the Term Loan. As of March 27, 2025, we have no borrowings outstanding under the Revolving Credit Facility.

The Revolving Credit Facility matures in August 2028. Borrowing under the Revolving Credit Facility may be used to provide ongoing working capital as well as for other general corporate purposes of the Company. We are required to pay a commitment fee on any unused portion of the Revolving Credit Facility at a rate of 0.50% per annum. We also pay customary letter of credit fees, including a fronting fee equal to 0.25% per annum of the dollar equivalent of the maximum amount available to be drawn under all outstanding letters of credit, as well as customary issuance and administration fees. We may voluntarily repay and reborrow outstanding loans under the Revolving Credit Facility at any time without a premium or a penalty.

The Credit Agreement contains covenants that, among other things and subject to certain exceptions and qualifications, restrict our ability and the ability of certain of our subsidiaries to incur or guarantee additional indebtedness or issue disqualified stock or certain preferred stock; pay dividends and make other distributions or repurchase stock; make certain investments; create or incur liens; sell assets; create restrictions affecting the ability of restricted subsidiaries to make distributions, loans, or advances or transfer assets to the Company or the restricted subsidiaries; enter into certain transactions with our affiliates; designate restricted subsidiaries as unrestricted subsidiaries; and merge, consolidate, transfer or sell all or substantially all of our assets. The Company is subject to quarterly financial covenants relating to maintaining a minimum liquidity and Annual Recurring Revenue Ratio (as defined in the Credit Agreement). The Company was in compliance with all applicable covenants as of January 31, 2025 and for each period presented herein.

Obligations outstanding under the Credit Agreement are secured by perfected first priority pledges of and security interests in (i) the equity interests of the Company held by its direct parent and (ii) substantially all of the assets of the Company and each subsidiary guarantor (subject to customary exceptions as more fully described in the Credit Agreement), including equity interests of each subsidiary guarantor under the Credit Agreement.
Summary of Cash Flows
As of January 31, 2025, we had $121.3 million of cash and cash equivalents (of which $11.6 million is held in our foreign subsidiaries), $125.0 million of availability under the Credit Agreement, and $350.7 million in net working capital, which we define as current assets less current liabilities, excluding deferred revenue. As of January 31, 2024, we had $211.6 million of cash and cash equivalents (of which $10.4 million was held in our foreign subsidiaries), $125.0 million of availability under the Credit Agreement, and $404.7 million in net working capital. The decrease in cash and cash equivalents and net working capital is due primarily to the interest paid on the Term Loan and operating losses.
70
The following table summarizes our cash flows for the periods presented:
Year Ended
January 31, 2025January 31, 2024
(In thousands)
Net cash used in operating activities$(106,391)$(250,354)
Net cash used in investing activities(28,944)(12,664)
Net cash provided by financing activities41,257 50,432 
Net change in cash, cash equivalents and restricted cash$(94,078)$(212,586)
Cash Flows from Operating Activities
During the year ended January 31, 2025, cash used in operating activities was $106.4 million, which consisted of a net loss of $315.8 million, adjusted by non-cash charges of $237.9 million and a net decrease of $28.4 million in our net operating assets and liabilities. The non-cash charges are primarily comprised of depreciation and amortization expense of $237.2 million, equity-based compensation of $31.7 million, amortization of contract acquisition costs of $24.9 million, amortization of debt discount and issuance costs, including the early write-off of issuance costs related to the repayment of the Term Loan, of $12.7 million and provision for credit losses of $2.5 million, partially offset by deferred taxes of $71.2 million. The net cash outflow from changes in operating assets and liabilities was primarily a result of an increase in deferred contract acquisition costs of $71.7 million due to an increase in our sales, an increase in accounts receivable of $41.7 million due to the timing of receipts of payments from customers, an increase in contract assets of $11.7 million primarily due to growth in our revenue and the timing of invoices and payments, an increase in prepayments and other current assets of $13.7 primarily due to our marketing efforts, an increase of $6.0 million of other non-current assets due to the implementation of cloud computing arrangements and a decrease in accounts payable of $5.3 million primarily due to the timing of vendor invoices and payments. The outflows were offset by an increase in deferred revenue of $72.9 million due to an increase in billings for subscriptions, an increase in accrued expenses and other liabilities of $36.6 million due to the timing of cash disbursements primarily related to interest payments, commissions and fees due to Thoma Bravo.
For the year ended January 31, 2024, net cash used in operating activities was $250.4 million, which resulted from net loss of $395.4 million, adjusted for non-cash charges of $193.6 million and net cash outflows of $48.5 million from changes in operating assets and liabilities. Non-cash charges primarily consisted of depreciation and amortization expense of $263.6 million, equity-based compensation expense of $37.5 million, amortization of contract acquisition costs of $11.5 million, and amortization of debt discount and issuance costs of $4.2 million, offset by a change in deferred taxes of $124.9 million. The net cash outflow from changes in operating assets and liabilities was primarily driven by an increase in contract acquisition costs of $61.7 million due to an increase in our sales, and an increase in accounts receivable of $57.4 million and an increase in contract assets of $21.1 million as a result of the growth in our revenue and the timing of invoices and payments. These outflows were offset by an increase in deferred revenue of $65.2 million as a result of the growth in our sales and the timing of invoices, and an increase in accrued expenses and other liabilities of $22.6 million and in accounts payable of $4.2 million as a result of higher expenditures to support our growth and the timing of vendor invoices and payments.
Cash Flows used in Investing Activities
During year ended January 31, 2025, cash used in investing activities was $28.9 million, consisting primarily of $15.4 million in net cash paid for business acquisitions, $8.2 million for capitalized software development costs and $5.4 million in purchases of property and equipment.
Cash used in investing activities for the year ended January 31, 2024 was $12.7 million, primarily consisting of $8.2 million used for a business acquisition and $2.6 million for the purchase of property and equipment.
Cash Flows from Financing Activities
During year ended January 31, 2025, cash provided by financing activities was $41.3 million primarily due to the issuance of Class A Units and Class B Units of $600.0 million to Thoma Bravo, offset by the repayment of our Term Loan of $550.0 million, payments of deferred offering costs of $2.9 million and the repurchase of Class A Units and Class B Units of $6.2 million.
Cash provided by financing activities for the year ended January 31, 2024 was $50.4 million, reflecting $51.7 million of proceeds from the issuance of Class A Units and Class B Units, offset by $1.3 million for the repurchase of Class A Units and Class B Units.
71
Material Cash Commitments

Under the Credit Facilities, the principal amount of the Term Loan of $1.04 billion as of January 31, 2025 is due in August 2029. On February 19, 2025, we repaid $690.0 million of its Term Loan from the proceeds of its IPO, resulting in a revised principal amount due of $350.0 million. On March 3, 2025, we repaid the remaining principal balance of $350.0 million. We have no remaining debt obligations as of March 26, 2025.

As of January 31, 2025, we had in aggregate $243.6 million in contractual purchase commitments associated with agreements that are enforceable and legally binding, of which $103.2 million are due within the next 12 months. Included in the aggregate contractual purchase commitments is the remaining commitment with a cloud storage provider that has a term of July 2023 through June 2028. In June 2023, we entered into a contract with a cloud hosting provider and under the terms of the agreement we are committed to spend $54.0 million, $59.0 million, $62.0 million, $65.0 million, and $67.5 million in contract years one, two, three, four, and five, respectively, for a total of $307.5 million. If we do not meet the minimum purchase obligation during any of those years, we are required to pay the difference. As of January 31, 2025, we spent $54.0 million of the first-year commitment and $44.3 million of the second year commitment.

As of January 31, 2025, we had in aggregate $22.4 million in future minimum lease payments for operating lease obligations, of which $6.4 million are due within the next 12 months.
We did not have any material off-balance sheet arrangements during the periods presented or as of January 31, 2025.
Critical Accounting Policies and Estimates

Our consolidated financial statements are prepared in accordance with GAAP. The preparation of these financial statements requires our management to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, costs and expenses and related disclosures. Our estimates are based on our historical experience and on various other factors that we believe are reasonable under the circumstances, the results of which form the basis for making judgments about the carrying value of assets and liabilities that are not readily apparent from other sources. Actual results may differ from these judgments and estimates under different assumptions or conditions and any such differences may be material. We evaluate our assumptions, judgments, and estimates on a regular basis. To the extent that there are differences between our estimates and actual results, our future financial statement presentation, financial condition, results of operations and cash flows will be affected.

Our critical accounting policies are those that materially affect our consolidated financial statements and involve difficult, subjective, or complex judgments by management. The critical accounting estimates, assumptions, and judgments that we believe to have the most significant impact on our consolidated financial statements are described below. This discussion is provided to supplement the descriptions of our accounting policies contained in Note 1 “Description of Business and Summary of Significant Accounting Policies” in the notes to our consolidated financial statements.
Revenue Recognition

Revenue consists of fees for SaaS subscriptions, term, and perpetual licenses for our software products, post-contract customer support, and other subscription services and professional services including training and other revenue. Subscription, including support for term and perpetual licenses, is recognized ratably over the term of the applicable agreement. Revenue related to term and perpetual license performance obligations is generally recognized upfront at the point in time when the customer has taken control of the software license. Revenue related to professional services is recognized as the services are rendered. The majority of our contracts with customers include various combinations of licenses, subscriptions, and professional services. Therefore, significant judgement is required to determine whether products and services are considered distinct performance obligations that should be accounted for separately or as a combined performance obligation.

We allocate the transaction price to each performance obligation in the contract on a relative standalone selling price (“SSP”) basis. Judgment is required to determine the SSP for each distinct performance obligation. We typically determine SSP based on observable prices for performance obligations when sold separately. When standalone sales and pricing information are not available, we estimate SSP based on pricing objectives, market conditions, and other factors, including customer size and geography, and product and service specific factors. We review the estimated SSP for our performance obligations periodically and update the estimates, if needed, to ensure that the methodology utilized reflects updated inputs such as observable prices and assumptions.
72
Business Combinations

We account for business combinations in accordance with the acquisition method of accounting. We allocate the fair value of purchase consideration to the tangible assets acquired, liabilities assumed, and intangible assets acquired based on their estimated acquisition-date fair values. The excess of the fair value of purchase consideration over the fair values of these identifiable assets and liabilities is recorded as goodwill.

Determining the fair value of the identifiable intangible assets requires management to make significant estimates and assumptions. We generally valued the identified intangible assets using an income or cost approach. Significant estimates in valuing certain intangible assets may include, but are not limited to, estimating future cash flows from the intangible assets and discount rates.

In addition, estimating the useful life of an intangible asset requires judgment. We determine useful life after analyzing all pertinent factors which include the period over which an intangible asset will contribute directly or indirectly to our cash flows and the expected use of the asset.
Recoverability of Goodwill and Long-Lived Assets
Goodwill is tested for impairment annually, or more often if and when events or circumstances indicate that an impairment may exist. We perform the annual impairment test in the fourth quarter of each fiscal year. The process of evaluating the potential impairment is highly subjective and requires the application of significant judgment. We first assess whether there are qualitative factors which would indicate that it is more likely than not that the fair value of a reporting unit is less than its carrying value. We consider events and circumstances such as, but not limited to, macroeconomic conditions, industry and market conditions, our overall financial performance, and other relevant entity-specific events.

If the qualitative assessment indicates that the fair value of the reporting unit is less than its carrying amount, a quantitative assessment is performed. We would estimate the fair value of the reporting unit and compare this amount to the carrying value of the reporting unit. If the carrying value of the reporting unit exceeds its fair value, an impairment charge is recorded. There were no impairments of goodwill recognized during the fiscal year ended January 31, 2025, 2024 and the period from August 16, 2022 to January 31, 2023 (Successor) and the period from February 1, 2022 to August 15, 2022 (Predecessor).

We evaluate long-lived assets, including finite-lived intangible assets, property and equipment, and other assets, for impairment whenever events or changes in circumstances indicate that the carrying amount of the assets or asset group may not be recoverable. Events or changes in circumstances that could result in an impairment review include, but are not limited to, significant underperformance relative to historical or projected future operating results, significant changes in the manner of use of the acquired assets or the strategy for our overall business, and significant negative industry or economic trends.

Determining whether a long-lived asset is impaired and the extent of an impairment requires various estimates and assumptions, including whether a triggering event occurred, the identification of asset groups, estimates of future cash flows, and the discount rate used to determine fair values. Recoverability of these assets or asset groups is measured by comparison of the carrying amount of each asset, or related asset group, to the future undiscounted cash flows the asset or asset group is expected to generate. If the undiscounted cash flows are less than the carrying amount, an impairment charge is recorded to reduce the carrying amount of the asset group to its fair value. If an event occurs that would cause us to revise our estimates and assumptions used in analyzing the fair value of our property and equipment or our finite-lived intangibles and other assets, that revision could result in a non-cash impairment charge that could have a material impact on our financial results.
Contract Acquisition Costs
Sales commissions paid to our sales force and the related employee costs, collectively “contract acquisition costs,” are considered incremental and recoverable costs of obtaining a contract with a customer. We typically pay sales commissions for both initial and follow-on sales of perpetual licenses, inclusive of initial maintenance and support, term subscriptions, and SaaS subscriptions. Sales commissions paid for follow-on sales are typically not commensurate with those paid for initial sales. Beginning in the year ended January 31, 2024, we ceased paying sales commissions on perpetual licenses as we focused on selling subscriptions. We capitalize incremental costs of obtaining a contract with a customer and amortize the costs over the expected period of benefit provided of five years.

73
We use significant judgment in determining the period of benefit of five years by taking into consideration customer contracts, customer turnover rates, our technology’s useful life, and other factors. We periodically review the estimated period of benefit. If a change is required in the estimated period of benefit, it could materially affect the amortization amounts of contract acquisition costs included in sales and marketing expense in the consolidated statements of operations.
Equity-Based Compensation

We have granted our employees equity-based incentive awards. These awards are in the form of incentive units and cash-settled awards for Successor. In connection with the Take-Private Transaction, unvested stock options and restricted stock units on August 16, 2022 were converted to contingent rights to receive an amount in cash. We measure equity-based compensation expense for all equity-based awards granted based on the estimated fair value of those awards on the date of grant. The fair value of the incentive units at each grant date is determined using an option pricing method, as discussed further below. We recognize the impact of forfeitures in equity-based compensation expense when they occur.

Incentive Unit Valuations

The fair value of stock-based awards issued by the Predecessor is based on the fair value of the stock as of the grant date using market information.

For the Successor, the fair value of our Class B Units underlying our equity-based awards has historically been determined by our Board, with input from management and contemporaneous third-party valuations, as there was no public market for our Class B Units. We believe that our Board has the relevant experience and expertise to determine the fair value of our Class B Units. Given the absence of a public trading market of our Class B Units, and in accordance with the American Institute of Certified Public Accounting and Valuation Guide, Valuation of Privately-Held Company Equity Securities Issued as Compensation, our Board exercised reasonable judgment and considered numerous objective and subjective factors to determine the best estimate of the fair value of our Class B Units at each incentive unit grant date, including:

contemporaneous independent third-party valuations of our units;
our actual operating and financial performance;
current business conditions and projections;
our stage of development and revenue growth;
likelihood of achieving a liquidity event, such as an initial public offering, direct listing, a take-private transaction, or an acquisition given prevailing market conditions;
the rights, preferences, and privileges of our units;
the lack of marketability of our units;
the market performance of comparable publicly traded companies; and
the U.S. and global capital market conditions.

In valuing our Class B Units, the Board determined the value using both the income and the market approach valuation methods. The income approach estimates value based on the expectation of future cash flows that a company will generate. These future cash flows are discounted to their present values using a discount rate based on our weighted average cost of capital (“WACC”) or based on the venture capital rates of return from various published studies, adjusted to reflect the risks inherent in our cash flows. To derive our WACC, a cost of equity was developed using the Capital Asset Pricing Model (CAPM) and comparable company betas, and a cost of debt was determined based on our estimated cost of borrowing. The costs of debt and equity were then weighted based on our actual capital structure or were derived from a study of venture capital required rates of return. The market approach estimates value based on a comparison of our company to comparable publicly traded companies in a similar line of business and to acquisitions in the market. From the comparable companies, a representative market multiple is determined and subsequently applied to our historical and forecasted financial results to estimate our enterprise value. From the acquisitions analysis, a representative market multiple is determined and subsequently applied to our historical financial results to estimate our enterprise value.

Prior to January 2024, once we determined an equity value, we used the option-pricing method (“OPM”) to allocate value to each equity class, including incentive units. The OPM allows for the allocation of a company’s equity value among the various equity capital owners. The OPM uses unitholders’ liquidation preferences, participation rights, and dividend policy to determine how proceeds from a liquidity event shall be distributed among the various ownership classes at a future date.

74
Beginning in January 2024, we used a hybrid of the probability-weighted expected return method (“PWERM”) and OPM. The PWERM estimates the probability weighted value across multiple scenarios but uses OPM to estimate the allocation of value within one or more of those scenarios. Determining the fair value of the enterprise using the PWERM requires us to develop assumptions and estimates for both the probability of an initial public offering liquidity event and stay private outcomes, as well as the values we expect those outcomes could yield.

Where relevant, we also considered an appropriate discount adjustment to recognize the lack of marketability and liquidity due to the fact that unitholders of private companies do not have access to trading markets similar to stockholders of public companies. The discount for marketability was determined using various quantitative methods and assessed for reasonableness using relevant qualitative information. Application of these approaches involves the use of estimates, judgments, and assumptions that are highly complex and subjective, such as those regarding our expected future revenue, expenses, and future cash flows, discount rates, discount for lack of marketability, market multiples, the selection of comparable companies, and the probability of possible future events. Changes in any or all of these estimates and assumptions or the relationships between those assumptions impact our valuations as of each valuation date and may have a material impact on the valuation of our incentive units.
Recent Accounting Pronouncements
For a description of our recently adopted accounting pronouncements and recently issued accounting standards not yet adopted, see Note 1 “Description of Business and Summary of Significant Accounting Policies” in the notes to our consolidated financial statements.
Item 7A. Quantitative and Qualitative Disclosures About Market Risk
We are exposed to market risk in the ordinary course of our business. Market risk represents the risk of loss that may impact our financial position due to adverse changes in financial market prices and rates. Our market risk exposure is primarily a result of fluctuations in interest rates and foreign currency exchange rates. We do not hold or issue financial instruments for trading purposes.
Interest Rate Risk
We had cash and cash equivalents and restricted cash of $124.4 million as of January 31, 2025, which are held in cash deposits and money market funds. The carrying amount of our cash equivalents reasonably approximates fair value due to the short maturities of these instruments. Our cash and cash equivalents consist primarily of bank demand deposits and money market funds. Our investments are made for capital preservation purposes, and we do not enter into investments for trading or speculative purposes.

We do not have material exposure to market risk with respect to our cash and cash equivalents, as these consist primarily of highly liquid investments purchased with original maturities of three months or less as of January 31, 2025. As of January 31, 2025, we do not believe a hypothetical 10% change in interest rates would have a material impact on the value of our cash equivalents.

As of January 31, 2025, we had total indebtedness with an outstanding principal balance of $1.04 billion under our Term Loan. Borrowings under the Term Loan initially bore interest at an Adjusted Term Secured Overnight Financing Rate ("SOFR") determined by reference to the forward-looking term rate based on the SOFR as administered by the Federal Reserve Bank of New York, plus a credit spread adjustment for interest periods of one month, three months, and six months, respectively, plus in each, 6.00%. The interest rate on our Term Loan as of January 31, 2025 was 10.52% based on the Adjusted Term SOFR for a three-month interest period. Upon the repayment of our Term Loan, we have no remaining debt obligations or interest rate risk as of March 27, 2025.
Foreign Currency Exchange Risk
As a global company, we face exposure to adverse movements in foreign currency exchange rates. We primarily conduct business in the United States and EMEA. Our exposure is the result of operating in foreign countries, including growing our international headcount, which results in incurring expenses in local currencies while most of our sales are generated in U.S. dollars.
75
Fluctuations in foreign currency exchange rates may cause us to recognize transaction gains and losses in our consolidated statements of operations. As the impact of foreign currency exchange rates has not been material to our historical operating results, to date we have not entered into derivative or hedging transactions; we may do so in the future if our exposure to foreign currency becomes more significant. As our international operations grow, we will continue to reassess our approach to managing our risk relating to fluctuations in foreign exchange rates.
As of January 31, 2025, our cash and cash equivalents included $11.6 million held in currencies other than the U.S. dollar. Decreases in the value of the U.S. dollar relative to other currencies may negatively affect our operating results as expressed in U.S. dollars. These amounts are included in other income (expense), net on our consolidated statements of operations.
We manage our foreign subsidiaries as integral direct components of our operations and determined that the U.S. dollar is our functional currency. We do not believe that a hypothetical 10% change in the value of the U.S. dollar relative to other currencies would have a material effect on our results of operations or cash flows, and to date, we have not engaged in any hedging strategies with respect to foreign currency transactions. As our international operations grow, we will continue to reassess our approach to managing our risk relating to fluctuations in currency rates.
76

INDEX TO CONSOLIDATED FINANCIAL STATEMENTS

77
REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM

To the Shareholders and the Board of Directors of SailPoint Parent, LP

Opinion on the Financial Statements
We have audited the accompanying consolidated balance sheets of SailPoint Parent, LP and subsidiaries (the Company) as of January 31, 2025 and 2024, the related consolidated statements of operations, redeemable convertible units and partners’ deficit, and cash flows for the two years in the period ended January 31, 2025 and the related notes (collectively referred to as the “consolidated financial statements”). In our opinion, the consolidated financial statements present fairly, in all material respects, the financial position of the Company at January 31, 2025 and 2024, and the results of its operations and its cash flows for each of the two years in the period ended January 31, 2025, in conformity with U.S. generally accepted accounting principles.

Basis for Opinion
These financial statements are the responsibility of the Company's management. Our responsibility is to express an opinion on the Company’s financial statements based on our audits. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States) (PCAOB) and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.
We conducted our audits in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether due to error or fraud. The Company is not required to have, nor were we engaged to perform, an audit of its internal control over financial reporting. As part of our audits we are required to obtain an understanding of internal control over financial reporting but not for the purpose of expressing an opinion on the effectiveness of the Company's internal control over financial reporting. Accordingly, we express no such opinion.
Our audits included performing procedures to assess the risks of material misstatement of the financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the financial statements. Our audits also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the financial statements. We believe that our audits provide a reasonable basis for our opinion.

Critical Audit Matter 
The critical audit matter communicated below is a matter arising from the current period audit of the consolidated financial statements that was communicated or required to be communicated to the audit committee and that: (1) relates to accounts or disclosures that are material to the financial statements and (2) involved our especially challenging, subjective or complex judgments. The communication of the critical audit matter does not alter in any way our opinion on the consolidated financial statements, taken as a whole, and we are not, by communicating the critical audit matter below, providing a separate opinion on the critical audit matter or on the accounts or disclosures to which it relates.

















78
Revenue Recognition – Allocation of Transaction Price to Performance Obligations
Description of the Matter














As described in Note 1 of the consolidated financial statements, the Company recognizes revenue in order to depict the transfer of control of promised goods or services to customers in an amount that reflects the consideration the company expects to be entitled to in exchange for those goods or services.

The Company enters into contracts with customers that include various combinations of licenses, subscriptions, and professional services. Judgment exists in determining the timing and amount of revenue recognition for these customer contracts, which include multiple performance obligations, including the estimation of standalone selling price for each distinct performance obligation, particularly for those goods and services that are not sold separately.

Given these factors, auditing management’s recognition of revenue requires judgment because of the significant management estimates required in allocating standalone selling prices.
How We Addressed the Matter in Our Audit










To test management’s estimation of the standalone selling prices for distinct performance obligations, our audit procedures included, among others, obtaining an understanding of the Company’s various product and service offerings and evaluating management’s application of the revenue recognition accounting requirements to determine which product and service offerings were distinct. To test management’s determination of relative standalone selling price for performance obligations, we performed audit procedures that included, among others, assessing the appropriateness of the methodology applied including the judgements and assumptions used to determine standalone selling price per service offering, testing the mathematical accuracy of the underlying data and calculations, and testing transactions to corroborate the data underlying the Company’s calculations. We also assessed the appropriateness of the related disclosures in the consolidated financial statements.


/s/ Ernst & Young LLP

We have served as the Company’s auditor since 2024.

Austin, Texas

March 27, 2025






79
REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM


Board of Directors and Shareholders
SailPoint Parent, LP

Opinion on the financial statements
We have audited the accompanying consolidated balance sheet of SailPoint Parent, LP (a Delaware limited partnership) and subsidiaries (the “Company”) (not presented herein) as of January 31, 2023 (Successor), the related consolidated statements of operations, stockholders’ equity (Predecessor), redeemable convertible units and partners’ deficit (Successor), and cash flows for the period August 16, 2022 to January 31, 2023 (Successor) and February 1, 2022 to August 15, 2022 (Predecessor), and the related notes (collectively referred to as the “consolidated financial statements”). In our opinion, the consolidated financial statements present fairly, in all material respects, the results of its operations and its cash flows for the period August 16, 2022 to January 31, 2023 (Successor) and February 1, 2022 to August 15, 2022 (Predecessor), in conformity with accounting principles generally accepted in the United States of America.

Basis for opinion
These consolidated financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on the Company’s consolidated financial statements based on our audit. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States) (“PCAOB”) and are required to be independent with respect to the Company in accordance with U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.
We conducted our audit in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether due to error or fraud. The Company is not required to have, nor were we engaged to perform, an audit of its internal control over financial reporting. As part of our audit we are required to obtain an understanding of internal control over financial reporting but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control over financial reporting. Accordingly, we express no such opinion.
Our audit included performing procedures to assess the risks of material misstatement of the financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the financial statements. Our audit also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the financial statements. We believe that our audit provides a reasonable basis for our opinion.

/s/ GRANT THORNTON LLP

We have served as the Company’s auditor from 2010 to 2024.

St. Louis, Missouri
September 12, 2024 (except Note 1 as it relates to the unit split and the effects thereof, as to which the date is February 4, 2025 and Note 16, as to which the date is March 27, 2025)






80
SAILPOINT PARENT, LP AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(In thousands, except units)
January 31, 2025January 31, 2024
Assets
Current assets
Cash and cash equivalents$121,293 $211,647 
Accounts receivable, net of allowance254,050 213,307 
Contract acquisition costs32,834 18,668 
Contract assets, net of allowance58,335 51,703 
Prepayments and other current assets45,870 35,752 
Total current assets512,382 531,077 
Property and equipment, net22,879 16,332 
Contract acquisition costs, non-current94,270 61,657 
Contract assets, non-current, net of allowance33,788 28,717 
Other non-current assets36,206 33,219 
Goodwill5,151,668 5,138,855 
Intangible assets, net1,560,723 1,779,875 
Total assets$7,411,916 $7,589,732 
Liabilities, redeemable convertible units and partners' deficit
Current liabilities
Accounts payable$3,515 $8,820 
Accrued expenses and other liabilities158,135 117,570 
Deferred revenue413,043 335,465 
Total current liabilities574,693 461,855 
Deferred tax liabilities, non-current136,528 206,464 
Other long-term liabilities32,128 24,954 
Deferred revenue, non-current36,399 36,575 
Long-term debt, net1,024,467 1,562,215 
Total liabilities1,804,215 2,292,063 
Commitments and contingencies (Note 8)
Redeemable convertible units, no par value, unlimited units authorized, 499,052,847 and 454,618,712 units issued and outstanding as of January 31, 2025 and 2024, respectively; aggregate liquidation preference of $8,100,352 and $6,861,381 as of January 31, 2025 and 2024, respectively11,196,141 5,838,864 
Partners' deficit
Additional paid in capital— 37,431 
Accumulated deficit(5,588,440)(578,626)
Total partners' deficit(5,588,440)(541,195)
Total liabilities, redeemable convertible units and partners' deficit$7,411,916 $7,589,732 
See accompanying notes to consolidated financial statements.
81
SAILPOINT PARENT, LP AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(In thousands, except per unit amounts)
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 toFebruary 1, 2022 to
January 31, 2023August 15, 2022
Revenue
Subscription$793,919 $622,830 $233,047 $227,398 
Perpetual licenses400 5,842 10,806 13,841 
Services and other67,292 70,900 32,820 34,915 
Total revenue861,611 699,572 276,673 276,154 
Cost of revenue
Subscription236,581 205,053 85,044 49,440 
Perpetual licenses154 2,227 3,718 908 
Services and other68,998 69,355 28,055 32,454 
Total cost of revenue305,733 276,635 116,817 82,802 
Gross profit555,878 422,937 159,856 193,352 
Operating expenses
Research and development169,730 180,778 78,223 81,261 
Sales and marketing466,903 461,187 201,331 140,939 
General and administrative107,979 113,701 51,896 115,723 
Total operating expenses744,612 755,666 331,450 337,923 
Loss from operations(188,734)(332,729)(171,594)(144,571)
Other income (expense), net
Interest income4,158 10,658 1,933 360 
Interest expense(186,652)(187,059)(74,844)(1,492)
Other income (expense), net(5,401)(3,219)(1,278)(1,873)
Total other income (expense), net(187,895)(179,620)(74,189)(3,005)
Loss before income taxes(376,629)(512,349)(245,783)(147,576)
Income tax benefit (expense)60,799 116,982 62,524 (1,663)
Net loss$(315,830)$(395,367)$(183,259)$(149,239)
Class A yield(764,549)(583,672)(250,638)
Net loss attributable to Class B unitholders(1,080,379)(979,039)(433,897)
Loss per unit attributable to Class B unitholders - basic and diluted$(12.91)$(12.13)$(5.46)
Weighted average Class B units outstanding - basic and diluted83,716 80,746 79,535 
See accompanying notes to consolidated financial statements.
82
SAILPOINT PARENT, LP AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF REDEEMABLE CONVERTIBLE UNITS AND PARTNERS' DEFICIT
(In thousands)



Redeemable Convertible UnitsAdditional
paid in
capital		Accumulated DeficitTotal Partners' Deficit
SuccessorUnitsAmount
Balance at August 16, 2022— $— $— $— $— 
Issuance of Class A Units364,058 3,926,009 — — — 
Issuance of Class B Units79,535 1,862,385 — — — 
Net Loss— — — (183,259)(183,259)
Balance at January 31, 2023443,593 5,788,394 — (183,259)(183,259)
Issuance of Class A Units3,152 35,095 — — — 
Issuance of Class B Units689 16,648 — — — 
Repurchase of Class A Units(78)(863)(38)— (38)
Repurchase of Class B Units(19)(410)— — — 
Equity-based compensation expense— — 37,469 — 37,469 
Vesting of incentive units into Class B Units1,603 — — — — 
Net loss— — — (395,367)(395,367)
Balance at January 31, 2024448,940 5,838,864 37,431 (578,626)(541,195)
Issuance of Class A Units36,568 407,171 — — — 
Issuance of Class B Units7,989 193,150 — — — 
Repurchase of Class A Units(300)(3,338)(589)— (589)
Repurchase of Class B Units(329)(1,583)(662)— (662)
Equity-based compensation expense— — 31,714 — 31,714 
Vesting of incentive units into Class B Units2,293 — — — — 
Adjustment to reflect redemption value of redeemable convertible Class A Units— 3,736,278 — (3,736,278)(3,736,278)
Adjustment to reflect redemption value of redeemable convertible Class B Units— 1,019,561 (67,894)(951,668)(1,019,562)
Adjustment to reflect redemption value of unvested incentive units— 6,038 — (6,038)(6,038)
Net loss— — — (315,830)(315,830)
Balance at January 31, 2025495,161 $11,196,141 $— $(5,588,440)$(5,588,440)

See accompanying notes to consolidated financial statements.


83
SAILPOINT PARENT, LP AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY
(In thousands)


Preferred stockCommon stockAdditional
paid in
capital		Accumulated DeficitTotal Stockholders'
Equity
PredecessorSharesAmountSharesAmount
Balance at January 31, 2022— — 93,776 486,836 (87,462)399,383 
Exercise of stock options— — 156 — 2,825 — 2,825 
Restricted stock units vested, net of tax settlement— — 749 — (1,534)— (1,534)
Equity-based compensation expense— — — — 39,554 — 39,554 
Common stock issued under employee stock purchase plan— — 134 — 5,435 — 5,435 
Net loss— — — — — (149,239)(149,239)
Balance at August 15, 2022— $— 94,815 $$533,116 $(236,701)$296,424 

See accompanying notes to consolidated financial statements.



84
SAILPOINT PARENT, LP AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(In thousands)
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 toFebruary 1, 2022 to
January 31, 2023August 15, 2022
Cash flows from operating activities
Net loss$(315,830)$(395,367)$(183,259)$(149,239)
Adjustments to reconcile net loss to net cash used in operating activities:
Depreciation and amortization expense237,248 263,638 118,838 12,366 
Amortization and write-off of debt discount and issuance costs12,685 4,152 1,748 1,017 
Amortization of contract acquisition costs24,899 11,519 2,762 16,211 
(Gain) loss on disposal of property and equipment— 36 126 26 
Provision for credit losses2,534 1,662 2,554 244 
Equity-based compensation expense31,714 37,469 — 39,554 
Deferred taxes(71,209)(124,919)(64,883)(967)
Net changes in operating assets and liabilities, net of business acquisitions
Accounts receivable(41,653)(57,397)(36,002)14,908 
Contract acquisition costs(71,678)(61,716)(32,890)(23,078)
Contract assets(11,730)(21,139)(3,217)(5,364)
Prepayments and other current assets(13,744)(594)(1,206)(8,553)
Other non-current assets6,006 (87)(2,257)(502)
Operating leases, net293 335 163 (792)
Accounts payable(5,346)4,232 (9,293)4,514 
Accrued expenses and other liabilities36,565 22,634 (115,584)43,687 
Deferred revenue72,855 65,188 53,118 4,452 
Net cash used in operating activities(106,391)(250,354)(269,282)(51,516)
Cash flows from investing activities
Purchase of property and equipment(5,362)(2,577)(1,730)(5,295)
Proceeds from sale of property and equipment14 31 22 
Capitalized software development costs(8,219)— — — 
Purchase of intangible assets— (1,900)— — 
Business acquisitions, net of cash acquired(15,377)(8,218)(5,824,632)— 
Net cash used in investing activities(28,944)(12,664)(5,826,340)(5,286)
Cash flows from financing activities
Proceeds from issuance of units600,321 51,743 5,762,294 — 
Proceeds from issuance of long-term debt— — 1,590,000 — 
Payment of debt issuance costs— — (33,052)— 
Settlement of capped calls— — 111,376 — 
Proceeds from revolving line of credit25,000 — — — 
Repayments to revolving line of credit(25,000)— — — 
Repayment of term loan(550,000)— (903,942)— 
Payments of deferred offering costs(2,892)— — — 
Payment for taxes related to net share settled restricted stock units— — — (1,534)
Proceeds from employee stock purchase plan— — — 5,435 
Net proceeds from exercise of stock options— — — 2,825 
Repurchase of units(6,172)(1,311)— — 
Net cash provided by financing activities41,257 50,432 6,526,676 6,726 
Net change in cash, cash equivalents and restricted cash(94,078)(212,586)431,054 (50,076)
Cash, cash equivalents and restricted cash, beginning of period218,468 431,054 — 444,216 
Cash, cash equivalents and restricted cash, end of period$124,390 $218,468 $431,054 $394,140 


85

SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 toFebruary 1, 2022 to
January 31, 2023August 15, 2022
Supplemental cash flow information:
Cash paid for:
Interest$152,171 $182,029 $66,018 $327 
Income taxes, net of refunds12,948 5,584 2,135 2,902 
Cash paid for amounts included in the measurement of lease liabilities:
Operating cash flows from operating leases6,013 6,134 2,521 3,688 
Supplemental disclosure of noncash investing and financing activities:
Adjustment to reflect the redemption value of the redeemable convertible units and incentive units4,761,878 — — — 
Contingent and holdback consideration included in accrued expenses and other liabilities6,375 — — — 
Deferred offering costs included in accounts payable and accrued expenses and other liabilities6,994 — — — 
Operating lease right of use assets obtained in exchange for lease liabilities
1,725 1,702 901 2,270 
Reconciliation of cash, cash equivalents and restricted cash from the consolidated balance sheets to the consolidated statements of cash flows:
Cash and cash equivalents$121,293 $211,647 $424,323 $387,429 
Restricted cash within prepayments and other current assets3,097 6,821 6,731 6,711 
Total cash, cash equivalents, and restricted cash in the consolidated statements of cash flows$124,390 $218,468 $431,054 $394,140 
See accompanying notes to consolidated financial statements.
86
SAILPOINT PARENT, LP AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
1. Description of Business and Summary of Significant Accounting Policies
Organization
SailPoint Parent, LP (the “Company”) was formed as a Delaware limited partnership in April 2022 and is a holding company that, through its subsidiaries, owns all of the outstanding partnership units of SailPoint Intermediate Holdings III, LP (“Holdings”), a Delaware limited partnership, that was formed in June 2022. The Company is an affiliated entity of Thoma Bravo.
On August 16, 2022 (the “Closing Date” or “Merger Date”), Holdings closed on the Agreement and Plan of Merger (the “Merger Agreement”) by and among Holdings, SailPoint Technologies Holdings, Inc. (“Technologies Holdings”), and Project Hotel California Merger Sub, Inc., a Delaware corporation and wholly owned subsidiary of Holdings (“Merger Sub”). Pursuant to the Merger Agreement, Merger Sub merged with and into Technologies Holdings (the “Merger”), with Technologies Holdings surviving the Merger as a wholly owned subsidiary of Holdings.
The Company did not have any significant operations prior to the Merger. Subsequent to the Merger, the Company succeeded substantially all of the business of Technologies Holdings and Technologies Holdings is viewed as the predecessor to the Company (the “Predecessor”). Accordingly, these consolidated financial statements include certain historical consolidated financial and other data of the Predecessor for periods prior to the completion of the business combination. Periods subsequent to the Merger Date reflect the financial statements of the Company after the business combination (the "Successor”).
The consolidated financial statements and footnotes include a black line division between the columns titled “Predecessor” and “Successor” to signify that the amounts shown for the periods prior to and following the Merger are not comparable. The Predecessor has recorded all expenses that were contingent on the closing of the Merger in the Predecessor period. See Note 5 for additional information on the Merger.
The Company conducts business as SailPoint and delivers solutions to enable comprehensive identity security for the enterprise. For ease of reference, the terms “SailPoint,” or the “Company” as used in this report refer to both the Predecessor and the Successor and their respective subsidiaries.
Unit Split
On January 31, 2025, the Company effected a 60.91-for-1 forward unit split and a 0.45-for-1 reverse unit split of the Company’s Class A Units and Class B Units, respectively. All Class A Unit and Class B Unit and per unit information included in the accompanying consolidated financial statements and footnotes have been retroactively adjusted to reflect this unit split for all periods presented. Additionally, all incentive unit and per unit information in the consolidated financial statements and footnotes was adjusted to reflect the 0.45-for-1 reverse unit split of the Company’s Class B Units.
Completion of Initial Public Offering
On February 12, 2025, the Company closed its initial public offering (IPO) of 60.0 million shares of its common stock at an initial offering price to the public of $23.00 per share for an aggregate offering price of $1.380.0 million. The Company received net proceeds of approximately $1,249.1 million, net of the underwriting discounts, commissions and offering costs.
Corporate Conversion

Prior to February 12, 2025, the Company was a Delaware limited partnership named SailPoint Parent, LP. On February 12, 2025, concurrent with the closing of its IPO, SailPoint Parent, LP converted into a Delaware corporation pursuant to a statutory conversion and changed its name to SailPoint, Inc. The purpose of the Corporate Conversion was to reorganize the Company's corporate structure so that the entity that is offering its common stock to the public is a corporation rather than a limited partnership and so that the Company's existing equity holders own the Company's common stock rather than partnership interests in a limited partnership.

In conjunction with the Corporate Conversion, all of the Company's outstanding partnership units were converted into an aggregate of 499,060,464 shares of our common stock. The number of shares of common stock issuable to holders of Class A Units and holders of Class B Units in connection with the Corporate Conversion were determined pursuant to the applicable
87
provisions of the plan of conversion. The Company continues to be controlled by Thoma Bravo following the Corporate Conversion. After giving effect to the Corporate Conversion and the closing of its IPO, Thoma Bravo controls approximately 86.2% of the voting power of the company.

As a result of the Corporate Conversion, SailPoint, Inc. succeeded to all of the property and assets of SailPoint Parent, LP and succeeded to all of the debts and obligations of SailPoint Parent, LP. SailPoint, Inc. is governed by a certificate of incorporation filed with the Delaware Secretary of State. The consolidated financial statements and footnotes do not give effect to the Corporate Conversion.
Basis of Presentation
The accompanying consolidated financial statements, which include the accounts of the Company and its wholly owned subsidiaries, have been prepared in conformity with accounting principles generally accepted in the United States of America (“GAAP”) and applicable rules and regulations of the Securities and Exchange Commission (“SEC”). The consolidated financial statements include the accounts of SailPoint Parent, LP and its subsidiaries. All intercompany accounts and transactions have been eliminated in consolidation.
The Company has not entered into transactions that require presentation as other comprehensive income (loss). Total
comprehensive income (loss) is equal to net income (loss) for all periods presented.
Use of Estimates
The preparation of consolidated financial statements in conformity with GAAP requires management to make estimates and assumptions about future events that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the financial statements and the reported amounts of revenue and expenses during the reporting period. Future events and their effects cannot be determined with certainty. On an ongoing basis, management evaluates these estimates judgments and assumptions.
The Company bases its estimates on historical and anticipated results and trends and on various other assumptions that the Company believes are reasonable under the circumstances, including assumptions as to future events. In particular, the Company makes estimates with respect to the fair value allocation of multiple performance obligations in revenue recognition, the expected period of benefit of contract acquisition costs, the assumptions underlying the fair value used for equity-based compensation expense, and estimated useful lives and impairment of intangible assets and goodwill arising from business combinations and the assumptions underlying the fair value used for the redemption value of the redeemable convertible units. Appropriate adjustments, if any, to the estimates used are made prospectively based upon such periodic evaluation. Actual results could differ from those estimates.
Cash, Cash Equivalents and Restricted Cash
The Company considers all highly liquid investments with an original maturity of three months or less from date of purchase to be cash equivalents. The Company is required to maintain cash collateral for an unconditional standby letter of credit in the amount of $2.8 million related to the Company’s corporate headquarters lease.
Fair Value of Financial Instruments
Assets and liabilities recorded at fair value in the financial statements are categorized based upon the level of judgment associated with the inputs used to measure their fair value. Hierarchical levels which are directly related to the amount of subjectivity associated with the inputs to the valuation of these assets or liabilities are as follows:
Level 1: Observable inputs that reflect quoted prices (unadjusted) for identical assets or liabilities in active markets.
Level 2: Observable inputs, other than Level 1 prices, such as quoted prices for similar assets or liabilities, quoted prices in markets that are not active or other inputs that are observable or can be corroborated by observable market data for substantially the full term of the assets or liabilities.
Level 3: Unobservable inputs reflecting the Company’s own assumptions incorporated in valuation techniques used to determine fair value. These assumptions are required to be consistent with market participant assumptions that are reasonably available.

The level in the fair value hierarchy within which a fair value measurement in its entirety falls is based on the lowest level input that is significant to the fair value measurement in its entirety.

88
Concentration of Credit and Other Risks
Financial instruments that potentially subject the Company to concentrations of credit risk consist of cash and cash equivalents, accounts receivable, and contract assets. The Company maintains its cash in bank deposit accounts that exceeded federally insured limits as of January 31, 2025 and 2024. There was no concentration of credit risk for customers as of January 31, 2025 and 2024 as no individual entity represented more than 10% of accounts receivable and contract assets. No customer accounted for more than 10% of revenue during the year ended January 31, 2025 and 2024. No customer represented more than 10% of revenue during the Successor and Predecessor periods presented. The Company does not experience concentration of credit risk in foreign countries as no foreign country represents more than 10% of the Company’s consolidated revenues or net assets.
The Company’s revenue by geographic region based on the customer’s location is presented in Note 16 “Segments and Geographic Information.”
Accounts Receivable and Allowance for Expected Credit Losses
The Company continuously assesses the collectability of outstanding customer balances and in doing so, the Company assesses the need to maintain an allowance for expected credit losses resulting from the non-collection of customer balances. The allowance for expected credit losses is a valuation account that is deducted from the financial asset’s amortized cost basis to present the net amount expected to be collected on contracts with customers. Accounts receivable and contract assets are written off when management believes the amount is not collectible. Recoveries of financial assets previously written off are recorded directly to earnings when received.
Management estimates the allowance for expected credit losses using relevant available information relating to past events, current conditions and reasonable and supportable forecasts over a financial asset’s contractual term. The Company’s historical credit loss experience provides the basis for the estimation of expected credit losses. The Company reviews renewals and new businesses for factors such as past collection experience, age of the customer balances, significant trends in current balances, internal operations, and macroeconomic conditions. The Company evaluates these economic conditions and makes adjustments to historical loss information for certain economic risk factors. In development of the expected credit loss model, the Company evaluated its financial assets with similar risk characteristics on a collective (pool) basis. A financial asset will be measured individually only if it does not share similar risk characteristics with other financial assets.
Property and Equipment
Property and equipment is stated at cost less accumulated depreciation. Depreciation is recorded using the straight-line method over the estimated useful lives of the respective assets, generally three years to five years. Leasehold improvements are depreciated over the shorter of the estimated useful life of the asset or the related lease term. Repairs and maintenance costs are expensed as incurred. Assets to be disposed of are reported at the lower of carrying value or net realizable value.
Goodwill
Goodwill represents acquisition costs in excess of the fair value of the identified net assets acquired. The Company has one reporting unit for goodwill impairment purposes. Goodwill is tested for impairment annually, or more often if and when events or circumstances indicate that an impairment may exist. The Company performs the annual impairment test in the fourth quarter of each fiscal year.
The Company first performs a qualitative assessment to determine whether it is more likely than not that the fair value of a reporting unit is less than its carrying value. If the assessment indicates that the fair value of the reporting unit is less than its carrying amount, a quantitative assessment is performed. The Company estimates the fair value of the reporting unit and compares this amount to the carrying value of the reporting unit. If the carrying value of the reporting unit exceeds its fair value, an impairment charge is recorded.
Intangible Assets
Intangible assets are amortized on a straight-line basis over their estimated useful lives. Amortization expense is recognized in the consolidated statements of operations based on the use of the intangible asset. The Company’s intangible assets primarily consist of customer relationships, developed technology, and trade names. The Company periodically reviews the estimated remaining useful life of intangible assets and whether events or changes in circumstances warrant a revision to the remaining period of amortization.
Long-Lived Assets
89
Periodically, the Company evaluates the recoverability of its long-lived assets, including property and equipment and intangible assets, for possible impairment whenever events or circumstances indicate that the carrying amount of such assets or asset groups may not be recoverable. Recoverability of these assets or asset groups is measured by comparison of the carrying amount of each asset, or related asset group, to the future undiscounted cash flows the asset or asset group is expected to generate. If the undiscounted cash flows are less than the carrying amount, an impairment charge is recorded to reduce the carrying amount of the asset group to its fair value.
Business Combinations
The Company allocates the fair value of purchase consideration to the tangible assets acquired, liabilities assumed, and intangible assets acquired based on their estimated acquisition-date fair values. The excess of the fair value of purchase consideration over the fair values of these identifiable assets and liabilities is recorded as goodwill. Such valuations require management to make significant estimates and assumptions, especially with respect to intangible assets. Significant estimates in valuing certain intangible assets may include, but are not limited to, future expected cash flows from acquired users, acquired technology, and trade names from a market participant perspective, useful lives, and discount rates. Management’s estimates of fair value are based upon assumptions believed to be reasonable, but which are inherently uncertain and unpredictable and, as a result, actual results may differ from estimates. During the measurement period, which is one year from the acquisition date, the Company may record adjustments to the assets acquired and liabilities assumed, with the corresponding offset to goodwill. Upon the conclusion of the measurement period, any subsequent adjustments are recorded to earnings.
Software Development Costs
Software development costs for products intended to be sold, leased or otherwise marketed are expensed as incurred until technological feasibility has been established, at which time such costs are capitalized until the product is available for general release to customers. Technological feasibility is established when a product design and working model have been completed and the completeness of the working model and its consistency with the product design have been confirmed by testing. To date, the establishment of technological feasibility of the Company’s products and general release of such software have substantially coincided. As a result, the Company has not capitalized any software development costs through January 31, 2025 and all such costs have been recorded as research and development expenses as incurred in the consolidated statements of operations.
Internal Use Software Development Costs
Costs to develop software internally are capitalized and recorded as a component of property and equipment, net. The Company capitalizes qualifying costs associated with internally-developed software incurred during the application development stage. Costs incurred during the preliminary project and post-implementation stages, including training and maintenance, are expensed as incurred. Capitalized costs are amortized on a project-by-project basis using the straight-line method over an estimated useful life of six years and is recorded as cost of subscription revenue in the consolidated statements of operations. The Company capitalized internal use software development costs of $8.2 million for the year ended January 31, 2025. There were no amounts capitalized for the year ended January 31, 2024 and for the Successor and Predecessor periods of 2023. Amortization expense was $0.4 million for the year ended January 31, 2025 and is included in cost of subscription revenue in the consolidated statements of operations.
Capitalized Implementation Costs
Costs to implement cloud computing hosting arrangements are capitalized and amortized using the straight-line method over the expected term of the arrangement, including periods which are reasonably expected to be renewed. Costs include direct costs for third-party consulting services. Software maintenance and training costs are expensed in the period in which the services are received. Capitalized costs, net of accumulated amortization, are included in prepayments and other non-current assets. The Company capitalized implementation costs of $5.8 million for the year ended January 31, 2025. Amounts for the year ended January 31, 2024, and for the Successor and Predecessor periods of 2023 were not material. Amortization expense was $1.4 million for the year ended January 31, 2025. Amortization expense for the year ended January 31, 2024, and the Successor and Predecessor periods in 2023 was not material.
Deferred Offering Costs
Deferred offering costs, which consist of direct incremental legal, accounting, consulting, and other fees related to the Company’s IPO are capitalized in prepayments and other current assets on the consolidated balance sheets. The deferred offering costs will be offset against IPO proceeds upon the consummation of an IPO. There were deferred offering costs of $9.7 million as of January 31, 2025. There were no deferred offering costs as of January 31, 2024.
90
Revenue Recognition
The Company recognizes revenue in order to depict the transfer of promised goods or services to customers in an amount that reflects the consideration the Company expects to be entitled in exchange for those goods or services. To achieve this, the following steps are applied:

Identify the contract with a customer
Identify the performance obligations in the contract
Determine the transaction price
Allocate the transaction price to the performance obligations in the contract
Recognize revenue when or as performance obligations are satisfied

Revenue consists of fees for software-as-a-service (“SaaS”) subscriptions, perpetual and term licenses for the Company’s software products, post-contract customer support (referred to as maintenance and support) and other subscription services and professional services including training and other revenue. The Company recognizes revenue net of any applicable value added or sales tax.
Subscription Revenue
Subscription revenue consists of (i) fees for access to, and related support for, the SaaS offerings, (ii) fees for term subscriptions to the Company’s software solutions, (iii) fees for ongoing maintenance and support of perpetual licensed solutions and (iv) other subscription services, which includes cloud managed services, and certain professional services.
Term subscriptions include the term licenses and ongoing maintenance and support. Maintenance and support agreements consist of fees for providing software updates on a when and if available basis and for providing technical support for software products for a specified term.
Subscription revenue, including support for term licenses, is recognized straight-line over the term of the applicable agreement. Revenue related to term license performance obligations is generally recognized upfront at the point in time when the customer has taken control of the software license.
Subscription arrangements generally have a term of three years and are non-cancellable. The Company typically invoices the customer in advance and in annual installments.
Perpetual License Revenue
Perpetual licenses provide customers with the same functionality as term licenses but differs primarily in duration of the license. Revenues from license performance obligations are generally recognized upfront at the point in time when the customer has taken control of the software license. All license transactions include maintenance and support performance obligations, which are recognized as subscription revenue.
Services and Other Revenue
Services and other revenue consist primarily of fees from professional services provided to customers and partners to configure and optimize the use of the Company’s solutions as well as non-subscription training services. The Company’s professional services are structured on a time-and-materials or fixed priced basis and the related revenue is recognized as the services are rendered. For time-and-material contracts, as the invoiced amount corresponds directly with the value to the customer, the Company applied the practical expedient to recognize revenue in the amount for which it has the right to invoice. For fixed price contracts, the Company uses a cost-based input method as the measure of progress toward satisfying the performance obligation.
Contracts with Multiple Performance Obligations
The majority of the Company’s contracts with its customers include various combinations of licenses, subscriptions and professional services. The Company accounts for individual performance obligations separately if they are distinct from other promises in the contract. If not considered distinct, the promised goods or services are combined with other goods or services and accounted for as a combined performance obligation. The transaction price is allocated to the separate performance obligations on a relative standalone selling price (“SSP”) basis.
Judgement is required to determine the SSP for each distinct performance obligation. The Company typically determines SSP based on observable prices for performance obligations when sold separately. When such observable prices are not available, the Company estimates SSP based on pricing objectives, market conditions and other factors, including customer size and geography, and product and service specific factors.
91
Contract Balances
The timing of revenue recognition may differ from the timing of invoicing to customers. The Company records a receivable when revenue is recognized prior to invoicing and payment will become due solely based on the passage of time. A contract asset results when revenue is recognized prior to invoicing and payment is contingent upon transfer of control of another separate performance obligation. Deferred revenue is recorded when payment is received prior to the recognition of revenue. Contract assets and deferred revenue that will be realized during the succeeding 12-month period is recorded as current, and the remaining balance of deferred revenue is recorded as non-current.
Payment terms and conditions vary by contract type, although terms generally include a requirement of payment within 30 days from the date of invoice. In instances where the timing of revenue recognition differs from the timing of invoicing, the Company has determined its contracts generally do not include a significant financing component.
Contract Acquisition Costs
Sales commissions paid to the Company’s sales force and the related employer payroll taxes, collectively “contract acquisition costs,” are considered incremental and recoverable costs of obtaining a contract with a customer. The Company defers these costs and amortizes them over the expected period of benefit provided. The Company typically pays sales commissions for both initial and follow-on sales of perpetual licenses, inclusive of initial maintenance and support, term subscriptions and SaaS subscriptions. Initial commissions are allocated to each performance obligation within the contract. The portion allocated to the perpetual license element is expensed at the time the license is delivered. Commissions allocated to the remaining elements are deferred and amortized over the expected period of benefit which the Company has determined to be five years. Commissions for renewals of subscription offerings are amortized over each renewal’s expected period of benefit. The Company determines the period of benefit by taking into consideration customer contracts, customer turnover rates, the life of the Company’s technology and other factors. The Company does not pay sales commissions on renewals of maintenance and support agreements related to perpetual licenses. Beginning in the year ended January 31, 2024, we ceased paying sales commissions on perpetual licenses as we focused on selling subscriptions.
The portion of contract acquisition costs that the Company anticipates will be recognized within twelve months is recorded as current contract acquisition costs and the remaining portion is recorded as non-current contract acquisition costs in the consolidated balance sheets. Amortization of contract acquisition costs is included in sales and marketing expenses in the accompanying consolidated statements of operations.
Cost of Revenue
Cost of Subscription Revenue. Cost of subscription revenue consists primarily of employee-based costs (which consists of salaries, benefits, bonuses, and equity-based compensation and allocated overhead) of the customer support organization, contractor costs to supplement staff levels, amortization expense for developed technology acquired, amortization expense for capitalized software development costs, third party royalties, and third-party cloud-based hosting costs.
Cost of Perpetual License Revenue. Cost of perpetual license revenue consists of amortization expense for developed technology acquired, and third-party royalties.
Cost of Services and Other Revenue. Cost of services and other revenue consists primarily of employee-based costs of professional services and training organizations, travel-related costs and contractor costs to supplement staff levels.
Research and Development Expenses
Research and development expenses consist primarily of employee-based costs, software and hosting arrangement expenses, professional services expense, and amortization expense for acquired intangible assets.
Sales and Marketing Expenses
Sales and marketing expenses consist primarily of personnel costs and the related overhead costs to support the Company’s staff, costs for events and travel, costs of general marketing and promotional activities, payment processing fees, and allocated facilities and overhead costs.
General and Administrative Expenses
General and administrative expenses consist primarily of personnel costs and the related overhead costs to support the Company’s staff across the corporate functions of executive, finance, human resources, information technology, internal operations and legal, as well as third-party professional fees, bad debt expense, travel and facilities costs.
92
Advertising Expenses
Advertising costs are expensed as incurred and are included in sales and marketing expense. Advertising expenses were approximately $25.5 million, $22.3 million, $11.9 million, and $8.1 million for the years ended January 31, 2025 and 2024, and the Successor and Predecessor periods in 2023, respectively.
Redeemable Convertible Units
The Class A and Class B Units are classified as mezzanine equity and outside of Partners’ deficit because they include a redemption provision upon a sale or reorganization, which are deemed liquidation events that are considered outside of the Company’s control. The Class A and Class B Units were recorded at the original issue price. The Company adjusted the carrying values of the Class A and Class B Units to the redemption value that represents the fair value associated with such deemed liquidation events as the closing of the IPO was considered probable as of January 31, 2025. See Note 12 for additional information.
Certain of the Class A and Class B Units issued pursuant to individual equity agreements contain repurchase provisions allowing for the repurchase of such units, generally at fair value, at the Company’s option upon the unitholders’ termination of services to the Company. Subsequent adjustments to increase or decrease the carrying values to their respective redemption values are to be made only if and when the redemption event becomes probable. Increases to the carrying value of redeemable convertible units recognized are charged to retained earnings, or in the absence of retained earnings, to additional paid in capital, or in the absence of additional paid in capital, to accumulated deficit.
Equity-Based Compensation
Successor Period
In connection with the Merger, unvested stock options and restricted stock units on the Closing Date were converted to contingent rights to receive an amount in cash. The cost of the cash-settled awards is expensed straight-line over the vesting period.
    During the years ended January 31, 2025 and 2024, service-based and performance based incentive units were granted to employees, directors, and non-employees. Equity-based compensation costs for granted units are recognized as expense on a straight-line basis over the requisite service period, which is generally the vesting period for awards with only a service condition. For units subject to performance conditions, the Company records expense based on the accelerated attribution method when the performance condition becomes probable. The Company recognizes the effect of forfeitures in equity-based compensation expense based on actual forfeitures when they occur.
    
The fair value of the units underlying the incentive awards had been determined by the Board of Managers (the “Board”), with input from management and contemporaneous third-party valuations, as there was no public market for the Company’s units. Given the absence of a public trading market, and in accordance with the American Institute of Certified Public Accountants Practice Aid, Valuation of Privately Held Company Equity Securities Issued as Compensation, the Board exercised reasonable judgment and considered numerous objective and subjective factors to determine the best estimate of the fair value of the units at each option grant date using an option pricing method. The Company makes assumptions to determine the fair value of the units, including the value of the Company, expected time to liquidity, and expected volatility.

The Company adjusted the carrying value of the vested and unvested incentive units to the redemption value as the closing of the IPO was considered probable as of January 31, 2025. The redemption value is equal to the fair value of the Class B Units for the proportion of service provided for the award as of January 31, 2025. Increases to the carrying value of the incentive units are charged to retained earnings, or in the absence of retained earnings, to additional paid in capital, or in the absence of additional paid in capital, to accumulated deficit.
Predecessor Period
    The Company granted service-based stock options and restricted stock units to employees, directors, and nonemployees. The Company recognizes equity-based compensation expense for its awards on a straight-line basis over the requisite service period of the individual grants, which is generally the vesting period, based on the estimated grant date fair values.
    The Company estimated the fair value of stock options granted using the Black-Scholes option-pricing model, which required the Company to estimate the expected term, fair value of common stock, expected volatility, risk-free interest rate, and dividend yield. The fair value of restricted stock units were estimated on the date of grant based on the fair value of the Company’s common stock.    
93
Equity-based compensation expense associated with the Company’s Employee Stock Purchase Plan (“ESPP”) was measured at fair-value using a Black-Scholes option-pricing model at commencement of each offering period and recognized over that offering period.
Foreign Currency
The Company manages its foreign subsidiaries as integral direct components of its operations. The Company has determined that its functional currency is the U.S. dollar. The Company periodically assesses the applicability of the U.S. dollar as the Company’s functional currency by reviewing the salient indicators as indicated in the authoritative guidance for foreign currency matters. Assets and liabilities denominated in other currencies are remeasured into U.S. dollars at current exchange rates for monetary assets and liabilities and at historical exchange rates for non-monetary assets and liabilities. Revenue and expense incurred in other currencies are remeasured into U.S. dollars when incurred. Remeasurement losses in currencies other than the functional currency were $3.8 million, $2.9 million, $1.0 million, and $2.0 million for the years ended January 31, 2025 and 2024, and the Successor and Predecessor periods in 2023, respectively.
Income Taxes
The Successor is a limited partnership and is not taxable for federal and most state income tax purposes. As a result, the Successor’s earnings or losses, to the extent not included in a taxable subsidiary, for federal and most state purposes are included in the tax returns of the individual partners. Net earnings for financial statement purposes may differ significantly from taxable income reportable to unitholders as a result of differences between the tax basis and financial basis of assets and liabilities, differences between the tax accounting and financial accounting treatment of certain items, and due to allocation requirements related to taxable income under the Company’s partnership agreement.
The Successor conducts certain activities through corporate subsidiaries which are subject to federal, state, local and foreign income taxes. The Predecessor was a corporation subject to federal and state taxes. The Company and its subsidiaries account for income taxes under the asset and liability method. Under this method, deferred tax assets and liabilities are recognized for expected future tax consequences of temporary differences between the carrying amounts and the tax bases of assets and liabilities.
Deferred income tax assets are reduced by a valuation allowance when, considering all sources of taxable income, in the opinion of management, it is more likely than not that some portion or all of the deferred income tax assets will not be realized. Accordingly, the need to establish such allowance is assessed periodically by considering matters such as future reversals of existing taxable temporary differences, projected future taxable income, tax planning strategies, and results of recent operations. The evaluation of recoverability of the deferred tax assets requires the Company to weigh all positive and negative evidence to reach a conclusion that it is more likely than not that all or some portion of the deferred tax assets will not be realized. The weight given to the evidence is commensurate with the extent to which it can be objectively verified. Deferred income tax assets and liabilities are adjusted for the effects of changes in tax laws and rates on the date of enactment.
The Company accounts for uncertainty of income taxes based on a “more-likely-than-not” threshold for the recognition and de-recognition of tax positions, which includes the accounting for interest and penalties relating to tax positions. The Company recognizes the tax benefit of an uncertain tax position only if it is more likely than not that the position is sustainable upon examination by the taxing authority, solely based on its technical merits. The tax benefit recognized is measured as the largest amount of benefit which is greater than 50 percent likely to be realized upon settlement with the taxing authority.
Leases
The Company accounts for a contract as a lease when it has the right to control the asset for a period of time while obtaining substantially all of the assets’ economic benefits. The Company’s non-cancelable operating lease agreements are primarily for facilities.
Right-of-use (“ROU”) assets and lease liabilities are recognized upon lease commencement at the present value of future lease payments. ROU assets represent the right to use an underlying asset for the lease term, and lease liabilities represent the obligation to make lease payments arising from the lease. ROU assets include adjustments related to lease incentives, and upfront lease payments. ROU assets are subject to evaluation for impairment or disposal on a basis consistent with other long-lived assets.
The implicit rates within the operating leases are generally not determinable and therefore the Company uses the incremental borrowing rate at the lease commencement date to determine the present value of lease payments. The lease term includes the non-cancelable period of the lease plus any additional periods covered by an option to extend that the Company is
94
reasonably certain to exercise. Lease expense is recognized on a straight-line basis over the lease term. The Company does not recognize right-of-use assets and lease liabilities for leases with a term of twelve months or less.
The Company accounts for lease agreements with lease and non-lease components as a single lease component. The Company’s non-lease components are primarily related to property taxes, insurance and maintenance costs, which are typically variable in nature, and are expensed in the period incurred.
Net Loss Per Unit
Successor
The Company considers its redeemable convertible Class A Units to be preferred stock in the computation of basic net loss per unit because the Class A Units have dividend rights, preference upon liquidation, and do not share in the residual distributions with the Class B Units. Therefore, the Class B Units are subordinated to the Class A Units. The Class B Units are considered common stock (“common units”).
Basic net loss per unit attributable to common unitholders is computed by dividing the net loss attributable to common unitholders by the weighted-average number of common units outstanding during the period, without the consideration for potential dilutive common units. For the purpose of calculating basic net loss per unit, the Company calculated the net loss attributable to common unitholders by adjusting the net loss to include the yield earned during the applicable period on Class A Units. For the year ended January 31, 2025, the Class A yield included $644.2 million of yield earned during the period and a deemed dividend of $120.4 million. The deemed dividend primarily represents the difference between the proceeds received by the Company and the fair value of the units issued to Thoma Bravo in December 2024. Refer to Note 12 for further details regarding the Class A yield.
Dilutive net loss per unit is computed by giving effect to all of the Company’s potential common units outstanding of the Company’s Class B Units to the extent the potential shares are dilutive. Basic and diluted net loss per unit were the same as the inclusion of all potential units of the Company’s common units would have been anti-dilutive. As of January 31, 2025 and 2024, there were 3.9 million and 5.7 million, respectively, of unvested incentive units that could potentially dilute basic EPS in the future that were not included in the computation of diluted EPS because to do so would have been antidilutive. As of January 31, 2023, there were no antidilutive securities as the incentive units were not yet granted.
Predecessor
Net losses for the Predecessor period from February 1, 2022 to August 15, 2022 were entirely attributable to Predecessor shareholders. Additionally, due to the impact of the Merger, the Company’s capital structures for the Successor and Predecessor periods are not comparable. As a result, the presentation of loss per share for the periods prior to such transaction is not meaningful.
Recently Adopted Accounting Pronouncements
Accounting Standards Update 2023-07
In November 2023, the FASB issued ASU-2023-07, Improvements to Reportable Segment Disclosures, (“ASU 2023-07”), which requires public entities to disclose information about their reportable segments’ significant expenses on an interim and annual basis. Public entities with a single reportable segment are required to apply the disclosure requirements in ASU 2023-07, as well as all existing segment disclosures and reconciliation requirements in ASC 280 on an interim and annual basis. ASU 2023-07 is effective for fiscal years beginning after December 15, 2023, and for interim periods within fiscal years beginning after December 15, 2024 with early adoption permitted. Adoption of ASU 2023-07 should be applied retrospectively to all prior periods presented in the financial statements. The Company adopted this standard on a retrospective basis and did not have a material impact on its consolidated financial statements or disclosures. Refer to Note 16 for further details.
Recently Issued Accounting Standards Not Yet Adopted
Accounting Standards Update 2023-09
In December 2023, the FASB issued ASU 2023-09, Income Taxes (Topic 740): Improvements to Income Tax Disclosures, (“ASU 2023-09”), which requires public business entities on an annual basis to disclose specific categories in a tabular rate reconciliation and provide additional information for reconciling items that meet a five percent quantitative threshold. Additionally, the ASU requires all entities to disclose the amount of income taxes paid disaggregated by federal, state, and foreign taxes, as well as individual jurisdictions where income taxes paid are equal to or greater than five percent of total income taxes paid. ASU 2023-09 is effective for annual periods beginning after December 15, 2025. Early adoption is permitted and the updated guidance should be applied on a prospective basis, with a retrospective application permitted in the financial statements. The Company is currently evaluating the impact of the new standard on its consolidated financial statements and related disclosures.
95
Accounting Standards Update 2024-01
In March 2024, the FASB issued ASU 2024-01, Compensation-Stock Compensation (Topic 718): Scope Applications of Profits Interests and Similar Awards, (“ASU 2024-01”), which provides illustrative guidance on how to apply the scope guidance to determine whether profits interests and similar awards should be accounted for as share-based payment arrangements under Topic 718 or under other GAAP. ASU 2024-01 is effective for annual periods beginning after December 15, 2025. Early adoption is permitted and may be adopted prospectively or retrospectively. The Company is currently evaluating the impact of the new standard on its consolidated financial statements and related disclosures.
Accounting Standards Update 2024-03
In November 2024, the FASB issued ASU 2024-03, Income Statement - Reporting Comprehensive Income - Expense Disaggregation Disclosure (Subtopic 220-40): Disaggregation of Income Statement Expenses (“ASU 2024-03”), which requires disaggregated disclosures, in the notes to the financial statements, of certain categories of expenses that are included in expense line items on the face of the income statement. ASU 2024-03 is effective for annual periods beginning after December 15, 2026, and for interim periods within fiscal years beginning after December 15, 2027. Early adoption is permitted. ASU 2024-03 should be applied on a prospective basis, with a retrospective application permitted in the financial statements. The Company is currently evaluating the impact of the new standard on its consolidated financial statements and related disclosures.

96
2. Revenue Recognition
Disaggregation of Revenue
The following table presents the Company’s revenue disaggregated by subscription product categories (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Subscription
SaaS$444,595 $312,259 $105,451 $99,342 
Maintenance154,351 155,528 71,522 80,755 
Term subscriptions173,917 144,181 52,183 42,470 
Other subscription services21,056 10,862 3,891 4,831 
Total Subscription793,919 622,830 233,047 227,398 
Perpetual licenses400 5,842 10,806 13,841 
Services and other67,292 70,900 32,820 34,915 
Total revenue$861,611 $699,572 $276,673 $276,154 
The following table summarizes the revenue the Company recognizes at a point in time and over time (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Revenue recognized at a point in time$110,479 $106,450 $48,377 $43,020 
Revenue recognized over time751,132 593,122 228,296 233,134 
Total revenue$861,611 $699,572 $276,673 $276,154 
Contract Acquisition Costs
A summary of the activity impacting contract acquisition costs is presented below (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Beginning Balance$80,325 $30,128 $— $93,547 
Additional contract acquisition costs71,678 61,716 32,890 23,078 
Amortization of contract acquisition costs(24,899)(11,519)(2,762)(16,211)
Ending Balance$127,104 $80,325 $30,128 $100,414 
There were no material impairments of contract acquisition costs for the years ended January 31, 2025 and 2024, and the Successor and Predecessor periods in 2023.
Contract Balances
Deferred revenue consists primarily of payments received in advance of revenue recognition under the Company’s contracts with customers. Revenue recognized during the reporting periods that was previously deferred was $339.6 million, $272.3 million, $60.7 million, and $153.6 million, for the years ended January 31, 2025 and 2024, and the Successor and Predecessor periods in 2023, respectively.
97
Remaining Performance Obligations
The Company’s contracts with customers include amounts allocated to performance obligations that will be satisfied at a later date. These remaining performance obligations represent contract value that has not yet been recognized as revenue. Remaining performance obligations includes both invoices that have been issued to customers but have not been recognized as revenues and amounts that will be invoiced and recognized as revenue in future periods. As of January 31, 2025, remaining performance obligations were $1.39 billion, of which the Company expects to recognize $682.9 million as revenue over the next 12 months.
3. Allowance for Expected Credit Losses
The following tables present the changes in the allowance for expected credit losses for accounts receivable measured at amortized cost (in thousands):
SuccessorPredecessor
January 31, 2025January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Beginning Balance$1,185 $733 $— $563 
Provision for credit losses2,507 3,604 1,376 400 
Write-offs(3,500)(3,152)(643)(474)
Ending Balance$192 $1,185 $733 $489 
The following tables present the changes in the allowance for expected credit losses for contract assets measured at amortized cost (in thousands):
SuccessorPredecessor
January 31, 2025January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Beginning Balance$141 $1,453 $— $2,387 
Provision for (reduction in) credit losses27 (1,312)1,453 (10)
Ending Balance$168 $141 $1,453 $2,377 
4. Fair Value Measurements
Assets and Liabilities Measured at Fair Value on a Recurring Basis
The following tables present information about the Company’s financial assets that are measured at fair value on a recurring basis (in thousands):
January 31, 2025
Level 1Level 2Level 3Total
Assets:
Cash equivalents:
Money market funds$81,972 $— $— $81,972 
Total assets
$81,972 $— $— $81,972 
Liabilities:
Contingent consideration
$— $— $5,700 $— 
Total liabilities
$— $— $5,700 $— 
98
January 31, 2024
Level 1Level 2Level 3Total
Assets:
Cash equivalents:
Money market funds$181,202 $— $— $181,202 
Total assets$181,202 $— $— $181,202 
The Company’s carrying amounts of financial instruments, including cash, accounts receivable, accounts payable, and accrued expenses are considered Level 1 and approximate their fair values due to their short maturities as of January 31, 2025 and 2024 and are excluded from the fair value tables above. The carrying value of debt is considered Level 1 and approximates fair value.
As of January 31, 2025, the Company measured its contingent consideration associated with its Imprivata acquisition, on a recurring basis using significant unobservable inputs, classified as Level 3. The Company recorded the contingent consideration at its fair value on the acquisition date. The Company determined the fair value of contingent consideration using a probability weighted discounted cash flow method. Each reporting period thereafter, the obligation are revalued and changes in their fair values are recorded within sales and marketing expenses within the consolidated statements of operations. Changes in the fair value of the contingent consideration can result from changes in assumed discount periods and rates, and from changes pertaining to the estimated or actual achievement of the defined milestones. Significant judgment is employed in determining the appropriateness of these assumptions as of the acquisition date and for each subsequent period. Accordingly, future business and economic conditions, as well as changes in any of the assumptions described above, can materially impact the fair value and corresponding changes in fair value of the contingent consideration the Company records in any given period. As of January 31, 2025, there was not any material change in the fair value of the contingent consideration since the Imprivata acquisition date. See Note 5 for additional information on the Imprivata acquisition.
The estimated fair value of the contingent consideration was determined with the following key inputs as of the acquisition date and is consistent with those as of January 31, 2025:
Probability of achievement
84.2 %
Expected timing of payment
FY 2026
Discount rate
13.5 %
There were no transfers between fair value measurement levels during the year ended January 31, 2025 and 2024. The consolidated financial statements as of January 31, 2024 do not include any nonrecurring fair value measurements relating to assets or liabilities.
5. Business Combinations
Acquisition of SailPoint Technologies Holdings, Inc.
On August 16, 2022, pursuant to the Merger Agreement, Holdings completed the acquisition of the Predecessor in a transaction valued at approximately $6.3 billion. Upon the Closing Date, the separate existence of Merger Sub ceased and the Predecessor survived the Merger as a wholly owned subsidiary of Holdings.
Pursuant to the Merger Agreement, each share of common stock, par value $0.0001 per share, of the Predecessor (the “Common Stock”) outstanding immediately prior to the effective time of the Merger, was converted into the right to receive $65.25 per share in cash, subject to applicable withholding taxes (the “Merger Consideration”). Trading of the Predecessor’s Common Stock was suspended on the New York Stock Exchange and the Common Stock was subsequently delisted.
The Company accounted for this transaction as a business combination in accordance with the acquisition method of accounting, which generally requires, among other things, that assets acquired and liabilities assumed be recognized at their estimated fair values as of the Closing Date. Acquisition-related transaction costs incurred as part of the Merger, primarily included advisory, legal and accounting fees and were expensed as incurred.
99
The valuation of the assets acquired and liabilities assumed was based on estimated fair values at the Closing Date. The allocation of consideration to the net tangible and intangible assets acquired and liabilities assumed reflect various fair value estimates and analyses, including work performed by third-party valuation specialists.
The purchase price for the Predecessor consisted of the following (in thousands):
Cash consideration for SailPoint common stock$6,160,575 
Rollover equity26,100
Liability for vested options52,092
Fair value of restricted stock units and options exchanged30,654 
Total purchase price$6,269,421 
Reconciliation of cash contributions for the Predecessor (in thousands):
Capital contribution$5,950,502 
Rollover equity26,100
Total capital contribution5,976,602 
Thoma Bravo transaction costs(188,208)
Total net capital contribution5,788,394 
Non-cash contribution(26,100)
Net cash contribution5,762,294 
Debt proceeds (Note 9)398,281 
Total cash consideration for SailPoint common stock$6,160,575 
The purchase price has been allocated to the fair value of the individual assets acquired and liabilities assumed as follows (in thousands):
Cash and cash equivalents$394,140 
Accounts receivable233,490 
Contract assets, current39,817 
Prepayments and other current assets26,379 
Property and equipment21,805 
Contract assets, non-current16,388 
Other non-current assets31,567 
Goodwill5,086,091 
Intangible assets,2,122,500 
Accounts payable(13,410)
Accrued expenses and other liabilities(130,125)
Convertible senior notes(903,942)
Deferred revenue(218,599)
Deferred tax liabilities, non-current(384,694)
Other long-term liabilities(23,883)
Deferred revenue, non-current(28,103)
Total fair value of assets acquired and liabilities assumed$6,269,421 
The Company recorded definite-lived intangible assets related to the customer relationships, developed technology, and trade name. Fair value was determined using the multi-period excess earnings method and relief from royalty method, under the income approach. The Company applied judgment which involved the use of significant assumptions with respect to
100
revenue growth rates, customer attrition rate, discount rate, and terminal growth rate in relation to the customer relationships and developed technology.
The fair values of the identifiable intangible assets acquired on the Closing Date were as follows:
AmountEstimated Useful Life
(In thousands)(In years)
Customer relationships$1,061,000 10-16
Developed technology697,000 7
Trade name243,000 18
Other121,500 2
Total identifiable intangible assets$2,122,500 
Transaction costs were expensed as incurred and recorded to general and administrative expenses on the consolidated statements of operations. The Company incurred transaction costs associated with the Merger Agreement of $1.0 million and $72.2 million in the Successor and Predecessor periods in 2023, respectively. Transaction costs of $71.3 million that were paid on the Merger Date were recorded in the Predecessor period and included as an assumed liability. Transaction-related bonuses of $4.8 million were also recorded to general and administrative expenses on the consolidated statements of operations in the Predecessor period and were paid after the Closing Date.
2025 Acquisitions
Imprivata
On December 13, 2024, the Company acquired the Identity Governance and Administration business of Imprivata, a digital identity company for life- and mission-critical industries that is majority owned by Thoma Bravo, for a cash payment at closing of $10.7 million and up to an additional cash amount of $7.4 million related to contingent consideration subject to the achievement of certain customer contract assignments or migrations. The contingent consideration is recorded in the consolidated balance sheets in accrued expenses and other liabilities at a fair value of $5.7 million and as a non-cash investing activity in the consolidated statement of cash flows. The remaining contingent consideration is payable eight months after the closing date. See Note 4 for additional information on the fair value of the contingent consideration.
The following table summarizes the preliminary purchase price allocation as of the date of acquisition (in thousands):
Accounts receivable$1,572 
Goodwill9,247 
Intangible assets9,800 
Deferred revenue(4,236)
Total fair value of assets acquired and liabilities assumed$16,383 
The preliminary fair value estimates and assumptions regarding certain tangible assets acquired and liabilities assumed, and the valuation of intangible assets acquired are subject to change as additional information is obtained during the measurement period. The goodwill arising from the acquisition is deductible for tax purposes.

The fair value of the developed technology was estimated using a market approach. The fair value of customer relationships was estimated using the excess earnings method. The following table presents the fair values and useful lives of the identifiable intangible assets acquired:
AmountEstimated Useful Life
(In thousands)(In years)
Developed technology$1,600 3
Customer relationships8,200 4
Total identifiable intangible assets$9,800 
101

Double Zero
On April 9, 2024 (“Acquisition Date”), the Company acquired all of the outstanding stock of Double Zero Security, Inc. (“Double Zero”), a third-party provider of digital-identity threat detection and response for secure enterprise access. The aggregate consideration transferred in connection with this acquisition was $5.4 million, net of cash acquired, and $0.8 million was related to certain indemnities ("Holdback Consideration"). The Holdback Consideration is recorded in the consolidated balance sheets in accrued expenses and other liabilities. The Company paid $0.1 million of the Holdback Consideration 60 days after the Acquisition Date and the remaining Holdback Consideration is payable on the one-year anniversary of the Acquisition Date.
The following table summarizes the preliminary purchase price allocation as of the date of acquisition (in thousands):
Cash and cash equivalents$
Accounts receivable25 
Prepayments and other current assets18 
Deferred tax assets, non-current860 
Goodwill3,566 
Intangible assets1,360 
Accounts payable(41)
Accrued expenses and other liabilities(108)
Deferred revenue(311)
Total fair value of assets acquired and liabilities assumed$5,378 
The fair value of the developed technology was estimated using a market approach. The following table presents the estimated fair values and useful lives of the identifiable intangible assets acquired:
AmountEstimated Useful Life
(In thousands)(In years)
Developed technology$1,360 6
2024 Acquisitions
Osirium
On October 30, 2023, the Company acquired all of the outstanding stock of Osirium Technologies PLC (“Osirium”), a SaaS company delivering privileged access management, privileged endpoint management, and IT process automation solutions. The aggregate consideration paid in connection with this acquisition was $8.2 million, net of cash acquired.
102
The following table summarizes the preliminary purchase price allocation as of the date of acquisition (in thousands):
Cash and cash equivalents$534 
Accounts receivable562 
Prepayments and other current assets304 
Goodwill8,276 
Intangible assets2,361 
Accounts payable(250)
Accrued expenses and other liabilities(813)
Deferred tax liabilities, non-current(590)
Deferred revenue(1,632)
Total fair value of assets acquired and liabilities assumed$8,752 
The fair value of the developed technology was estimated using a market approach.
The following table presents the fair values and useful lives of the identifiable intangible assets acquired:
AmountEstimated Useful Life
(In thousands)(In years)
Developed technology$2,361 6
Other 2023 Acquisitions
SecZetta
On January 12, 2023, the Company acquired all of the outstanding stock of SecZetta Inc. (“SecZetta”), a leading provider of third-party identity risk solutions. The aggregate consideration paid in connection with this acquisition was $58.2 million, net of cash acquired.
The following table summarizes the final purchase price allocation as of the date of acquisition (in thousands):
Cash and cash equivalents$6,712 
Accounts receivable1,306 
Prepayments and other current assets643 
Goodwill35,180 
Intangible assets25,830 
Accounts payable(221)
Accrued expenses and other liabilities(723)
Deferred tax assets, non-current1,582 
Deferred revenue(5,400)
Total fair value of assets acquired and liabilities assumed$64,909 
The following table presents the fair values and useful lives of the identifiable intangible assets acquired:
AmountEstimated Useful Life
(In thousands)(In years)
Developed technology$19,750 6
Customer relationships5,900 4
Trade name180 2
Total identifiable intangible assets$25,830 
103
The fair value of developed technology and trade names were estimated using the relief from royalty method utilizing assumptions for annual obsolescence, royalty rates, tax rate, and discount rate. The fair value of customer relationships was estimated using the replacement cost method, which utilized assumptions for the cost to recreate the relationships, such as the timing and resources required, distributor’s profit mark-up and opportunity cost.
Additional Acquisition Related Information
The operating results of the acquired companies are included in the Company’s consolidated statements of operations from the respective dates of acquisition. Pro forma results of operations have not been presented because the effects of these acquisitions excluding the Merger, individually and in the aggregate, were not material to the Company’s consolidated statements of operations.
The Company believes that for each acquisition, the acquired companies will provide opportunities for growth through investing in additional products and capabilities, among other factors. This contributed to a purchase price in excess of the estimated fair value of each acquired company’s net identifiable assets acquired and, as a result, goodwill was recorded in connection with each acquisition. The excess of the purchase price over the tangible assets, identifiable intangible assets and assumed liabilities was recorded as goodwill. Unless otherwise noted above, goodwill arising from these acquisitions are not deductible for tax purposes.
6. Goodwill and Intangible Assets
The changes in the carrying amounts of goodwill for the year ended January 31, 2025 and 2024 were as follows (in thousands):
Balance at January 31, 2023$5,129,967 
Goodwill acquired8,276 
Measurement period adjustments612 
Balance at January 31, 20245,138,855 
Goodwill acquired12,813 
Measurement period adjustments— 
Balance at January 31, 2025$5,151,668 

The measurement period adjustments for the years ended January 31, 2025 and 2024 were not significant. There were no impairments of goodwill during any of the periods presented.
Intangible Assets
Total cost and amortization of intangible assets comprised of the following:
January 31, 2025Weighted Average
Useful Life		January 31, 2024Weighted Average
Useful Life
Intangible assets, net(In thousands)(In years)(In thousands)(In years)
Customer relationships$1,075,100 14.7$1,066,900 14.7
Developed technology722,071 6.9719,111 7.0
Trade names243,180 18243,180 18
Other123,400 2.1123,400 2.1
Total intangible assets2,163,751 2,152,591 
Less: accumulated amortization(603,028)(372,716)
Total intangible assets, net$1,560,723 $1,779,875 

104
Total accumulated amortization of intangible assets is comprised of the following (in thousands):
Accumulated amortizationJanuary 31, 2025January 31, 2024
Customer relationships$(195,197)$(115,538)
Developed technology(252,548)(148,771)
Trade names(33,368)(19,782)
Other(121,915)(88,625)
Total accumulated amortization$(603,028)$(372,716)
There were no impairments for intangible assets during the years ended January 31, 2025 or 2024.
Amortization expense for the periods presented was as follows (in thousands):
SuccessorPredecessor
January 31, 2025January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Cost of revenue
Subscription$103,329 $100,820 $42,422 $4,603 
Perpetual licenses154 2,147 3,383 562 
Operating expenses
Research and development380 32 — 367 
Sales and marketing126,445 154,030 69,882 3,526 
Total amortization expense$230,308 $257,029 $115,687 $9,058 
The total estimated future amortization expense of intangible assets as of January 31, 2025 is as follows (in thousands):
Year Ending January 31,
2026$199,579 
2027199,503 
2028198,032 
2029197,095 
2030146,115 
Thereafter620,399 
Total remaining amortization expense$1,560,723 
7. Leases
As of January 31, 2025, the Company’s leases, primarily relating to office leases, have remaining lease terms of less than 1 year to 5 years. Certain leases include early termination and/or extension options; however, exercises of these options are at the Company’s sole discretion. As of January 31, 2025, the Company determined it is not reasonably certain it will exercise the options to extend its leases or terminate them early. The Company’s lease agreements do not contain any material residual value guarantees or material restrictive covenants. As of January 31, 2025 and 2024, the Company had no financing leases.
The Company measures its lease liabilities at the net present value of the remaining lease payments. The Company’s incremental borrowing rate is estimated to approximate the interest rate on similar terms and payments and in economic environments where the leased asset is located.
As of January 31, 2025 and 2024, the Company’s weighted-average discount rate was 9.26%, and 9.40%, respectively.
As of January 31, 2025 and 2024, the Company’s weighted-average remaining lease term was 4.14 years and 5.04 years, respectively.
105
Operating lease costs for the periods presented were as follows (in thousands):
SuccessorPredecessor
January 31, 2025January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Lease cost
Operating lease cost$6,383 $6,492 $3,072 $2,925 
Variable lease cost2,003 2,514 1,216 1,322 
Short-term lease cost1,161 932 332 460 
Total lease cost$9,547 $9,938 $4,620 $4,707 
The undiscounted annual future minimum lease payments are summarized by year in the table below (in thousands):
Year Ending January 31,
2026$6,374 
20276,646 
20285,937 
20296,128 
20301,731 
Total minimum lease payments26,816 
Less: interest(4,398)
Total present value of operating lease liabilities$22,418 
8. Commitments and Contingencies
As of January 31, 2025, the Company had in aggregate $243.6 million in contractual purchase commitments associated with agreements that are enforceable and legally binding, of which $103.2 million are due within the next 12 months. Such amounts do not include obligations under contracts that the Company can cancel without significant penalty or purchase orders as the purchase orders represent authorizations to purchase rather than binding agreements.
Included in the aggregate contractual purchase commitments as of January 31, 2025 is the remaining commitment with a cloud storage provider that has a term of July 2023 through June 2028. Under the terms of the contract, the Company committed to spend $54.0 million, $59.0 million, $62.0 million, $65.0 million, and $67.5 million in contract years one, two, three, four, and five, respectively, for a total of $307.5 million. If the Company does not meet the minimum purchase obligation during any of those years, it will be required to pay the difference. As of January 31, 2025, the Company had spent $54.0 million of the first year commitment and $44.3 million of the second year commitment.
Indemnification Arrangements
In the ordinary course of business, the Company enters into contractual arrangements under which it agrees to provide indemnification of varying scope and terms to customers, business partners and other parties with respect to certain matters, including, losses arising out of the breach of such agreements, intellectual property infringement claims made by third parties, and other liabilities with respect to the Company’s products and services and business. In these circumstances, payment may be conditional on the other party making a claim pursuant to the procedures specified in a particular contract. The Company includes service level commitments to the Company’s cloud customers warranting certain levels of uptime reliability and performance and permitting those customers to receive credits in the event that the Company fails to meet those levels.
To date, the Company has not incurred any material costs as a result of these commitments, and the Company expects the time between any potential claims and issuance of the credits to be short. As a result, the Company has not accrued any liabilities related to these commitments in the Company’s consolidated financial statements.
Litigation Claims and Assessments
The Company is subject to claims and suits that may arise from time to time in the ordinary course of business. In addition, some legal actions, claims and governmental inquiries may be instituted or asserted in the future against the Company and its subsidiaries. Although the outcome of these legal proceedings cannot be predicted with certainty and no assurances can
106
be provided, based upon current information, the Company does not believe the liabilities, if any, which may ultimately result from the outcome of such matters, individually or in the aggregate, will have a material adverse impact on the Company’s consolidated financial statements.
9. Credit Agreement and Debt
Credit Agreement
In connection with the Merger Agreement, on the Closing Date, Merger Sub entered into a new Credit Agreement (the "Credit Agreement"). The Credit Agreement provides for (i) a six-year $125.0 million senior secured revolving credit facility, including a letter of credit sub-facility of up to $5.0 million (the “Revolving Credit Facility”) and (ii) a seven-year $1.59 billion term loan facility (the “Term Loans”). The Revolving Credit Facility matures in August 2028 and the Term Loans mature in August 2029. The proceeds from the Term Loans were used to finance a portion of the purchase consideration and fees and expenses relating to the acquisition of the Company and the establishment of the Credit Agreement, and for working capital and general corporate purposes. Borrowings under the Revolving Credit Facility may be used to provide ongoing working capital as well as for other general corporate purposes of the Company. On the Closing Date, the Company became the borrower under the Credit Agreement.
The Company (i) incurred deferred financing costs of $21.6 million related to the issuance of the Term Loans that were recorded as a reduction to the outstanding debt balances as of the Merger Date and (ii) incurred deferred financing costs of $2.6 million related to the issuance of the Revolving Credit Facility. The remaining unamortized balance of $1.5 million, and $2.0 million are included in other non-current assets on the accompanying consolidated balance sheets as of January 31, 2025 and 2024. These costs are being amortized to interest expense over the life of the Term Loans and the life of the Revolving Credit Facility using the effective interest method and on a ratable basis, respectively. Amortization of debt issuance costs were $4.4 million, $4.2 million and $1.7 million in the year ended January 31, 2025, 2024 and Successor period in 2023, respectively.
The Credit Agreement contains covenants that, among other things and subject to certain exceptions and qualifications, restrict the ability of the Company and the ability of certain of its subsidiaries to incur or guarantee additional indebtedness or issue disqualified stock or certain preferred stock; pay dividends and make other distributions or repurchase stock; make certain investments; create or incur liens; sell assets; create restrictions affecting the ability of restricted subsidiaries to make distributions, loans or advances or transfer assets to the Company or the restricted subsidiaries; enter into certain transactions with the Company’s affiliates; designate restricted subsidiaries as unrestricted subsidiaries; and merge, consolidate or transfer or sell all or substantially all of the Company’s assets. The Company is subject to quarterly financial covenants relating to maintaining a minimum liquidity and annual recurring revenue ratio as defined in the Credit Agreement.
All obligations under the Term Loans and Revolving Credit Facility are unconditionally guaranteed by Holdings and each of the existing and future direct and indirect material, wholly-owned domestic subsidiaries of the Company, subject to certain exceptions. Obligations outstanding under the Credit Agreement are secured by perfected first priority pledges of and security interests in (i) the equity interests of the Company held by its direct parent and (ii) substantially all of the assets of the Company and each subsidiary guarantor (subject to customary exceptions as more fully described in the Credit Agreement), including equity interests of each subsidiary guarantor under the Credit Agreement.
Borrowings under the Term Loans will bear interest, initially, at a rate equal to, at the Company’s option, either:
a base rate determined by reference to the highest of (i) the Federal Funds Rate (determined for any day as the rate per annum equal to the weighted average of the rates on overnight federal funds transactions with members of the Federal Reserve System of the United States arranged by federal funds brokers on such day, as published by the Federal Reserve Bank of New York on the business day next succeeding such day) plus 0.50%, (ii) the rate of interest in effect for such day as published by The Wall Street Journal as its “prime rate”, (iii) to the extent ascertainable, one month Adjusted Term SOFR (determined as set forth below) plus 1.00%, and (iv) 1.75% plus, in any such case, 5.25%; or
Adjusted Term SOFR determined by reference to the forward-looking term rate based on the secured overnight financing rate as administered by the Federal Reserve Bank of New York, plus a credit spread adjustment for interest periods of one month, three months, and six months, respectively, plus, in each case, 6.25%.
From and after the delivery by the Company to the administrative agent for the Credit Agreement of financial statements for the first fiscal quarter ended after the effective date of the Credit Agreement, the applicable margin over the base rate or Adjusted Term SOFR for the Term Loans will be in the range of 6.00% and 6.25% (for SOFR loans) and 5.00% and
107
5.25% (for base rate loans) based on a pricing grid as determined by reference to the applicable Annual Recurring Revenue Net Leverage Ratio (as defined in the Credit Agreement) for the most recent four fiscal quarter period for which financial statements have been delivered.
As of January 31, 2025, the Term Loans bear interest at a rate of 10.52% based on the Adjusted Term SOFR for a three month interest period.
In addition, the Company will be required to pay a commitment fee on any unused portion of the Revolving Credit Facility at a rate of 0.50% per annum. The Company will also pay customary letter of credit fees, including a fronting fee equal to 0.25% per annum of the dollar equivalent of the maximum amount available to be drawn under all outstanding letters of credit, as well as customary issuance and administration fees. These fees are recorded as interest expense on the consolidated statement of operations.
On November 8, 2024, the Company drew $25.0 million on the Revolving Credit Facility in preparation for a business acquisition. On December 23, 2024, the Company entered into a purchase agreement with Thoma Bravo, pursuant to which Thoma Bravo purchased 36,548,286.44 Class A Units and 7,984,676.29 Class B Units for an aggregate purchase price of $600.0 million. In connection with Thoma Bravo’s purchase, certain of the Company's directors and other equityholders exercised their preemptive rights under the Company's partnership agreement and purchased a total of 19,567.57 Class A Units and 4,274.91 Class B Units for an aggregate purchase price of approximately $0.3 million. The Company used $575.0 million of the proceeds from such to repay $550.0 million and $25.0 million of the Term Loan and Revolving Credit Facility, respectively. The Company recorded an $8.3 million loss from extinguishment of debt related to debt issuance costs for the Term Loan and is recorded within interest expense on the consolidated statement of operations.
The Company fully repaid its outstanding balance on its Term loan and recorded a loss from extinguishment of debt related to the remaining balance of debt issuance costs for the Term Loan during the first quarter of fiscal 2026. See Note 19 for additional information.
The Company may voluntarily repay and reborrow outstanding loans under the Revolving Credit Facility at any time without a premium or a penalty. The Company had no outstanding Revolving Credit Facility balance as of January 31, 2025. The Company was in compliance with all applicable covenants as of January 31, 2025.
The net carrying amount of the Term Loans for the Successor periods presented is as follows (in thousands):
January 31, 2025January 31, 2024
Principal$1,040,000 $1,590,000 
Unamortized issuance costs(15,533)(27,785)
Net carrying amount$1,024,467 $1,562,215 
Total interest expense recognized related to the Term Loans for the year ended January 31, 2025, 2024 and the Successor period in 2023 was $186.2 million, $186.6 million and $74.6 million, respectively, consisting of contractual interest expense of $174.0 million, amortization of debt issuance costs of $3.9 million and $8.3 million loss from the extinguishment of debt for the year ended January 31, 2025, contractual interest expense of $182.9 million and amortization of debt issuance costs of $3.7 million for the year ended January 31, 2024, and contractual interest expense of $73.1 million and amortization of debt issuance costs of $1.5 million for the Successor period in 2023.
Prior Credit Agreement
On March 11, 2019, SailPoint Technologies, Inc., as borrower (the “Borrower”), and certain other wholly owned subsidiaries entered into a credit agreement (as amended, restated, amended and restated, supplemented or otherwise modified from time to time through the date hereof, the “Prior Credit Agreement”). The Prior Credit Agreement was guaranteed by SailPoint Technologies Intermediate Holdings, LLC, a wholly owned subsidiary, and the Borrower’s material domestic subsidiaries (the “Guarantors” and, together with the Borrower, (the “Loan Parties”) and was supported by a security interest in substantially all of the Loan Parties’ personal property and assets.
The Company incurred total debt issuance costs of $0.8 million in connection with the Credit Agreement. These costs are being amortized to interest expense over the life of the Credit Agreement using the effective interest method. Amortization of debt issuance costs were $0.1 million for the Predecessor period in 2023, and were recorded in interest expense on the accompanying consolidated statements of operations.
108
In connection with the Merger Agreement, on the Closing Date, the Company terminated the existing Prior Credit Agreement. Unamortized debt issuance costs of $0.3 million were determined to not have a fair value under ASC 805 as of the Merger Date and were therefore not recognized by the Company in the Successor period.
10. Convertible Senior Notes and Capped Call Transactions
In September 2019, the Company issued $400.0 million aggregate principal amount of 0.125% Convertible Senior Notes due in 2024 (the “Notes”) in a private offering (the “Offering”) to qualified institutional buyers pursuant to Rule 144A under the Securities Act of 1933, as amended (the “Securities Act”). The Notes were issued pursuant to an indenture (the “Indenture”), by and between the Company and U.S. Bank National Association, as trustee.
The net proceeds from the Offering were approximately $391.2 million, after deducting discounts and commissions and other fees and expenses payable by the Company in connection with the Offering. The Company used $37.1 million of the net proceeds from the Offering to pay the cost of the privately negotiated capped call transactions (the “Capped Call Transactions”) it entered into with the initial purchasers of the Notes or their respective affiliates and another financial institution. The Notes were senior unsecured obligations of the Company and interest was payable semiannually on March 15 and September 15, in arrears at a fixed rate of 0.125% per year.
Pursuant to the terms of the Indenture, a supplemental indenture was required to be entered into in connection with the consummation of the Merger.
In connection with the Merger Agreement, on the Closing Date, SailPoint Technologies Holdings, Inc. and U.S. Bank Trust Company, National Association (previously known as “U.S. Bank National Association”), as trustee (the “Trustee”), entered into the First Supplemental Indenture (the “Supplemental Indenture”) to the Indenture between the Company and the Trustee, relating to the Notes.
The Supplemental Indenture provides that, from and after the effective time of the Merger, for all conversions of the Notes, (i) the consideration due upon conversion of each $1,000 principal amount of Notes will be solely cash in an amount equal to the conversion rate then in effect on the conversion date (as may be increased pursuant to the terms of the Indenture), multiplied by $65.25 and (ii) the Company will satisfy its conversion obligation by paying cash to converting holders of the Notes on the second business day immediately following the relevant conversion date.
During the Successor period in 2023, the Company settled the conversion of the remaining $903.9 million in aggregate principal amount of the Notes with cash.
Transaction costs related to the issuance of the Notes were $8.8 million and were being amortized to interest expense using the effective interest method. Unamortized debt issuance costs of $3.6 million were determined to not have a fair value under ASC 805 as of the Merger Date and were therefore not recognized by the Company in the Successor period.
Interest expense related to the amortization of debt issuance costs was $0.9 million for the Predecessor period in 2023. Contractual interest expense was $0.1 for the Predecessor period in 2023.
Capped Call Transactions
In connection with the Merger, SailPoint Technologies Holdings, Inc. entered into a termination agreement with each Capped Call Counterparty pursuant to which the Capped Call Transactions with such Capped Call Counterparty terminated upon the Closing Date in exchange for an agreed cash payment from such Capped Call Counterparty payable on the Closing Date. The Company received cash payments during the Successor period in 2023 of $111.4 million for settlement of the Capped Call Transactions.
11. Related Party Transactions
The Company is an affiliate of Thoma Bravo. The Company engaged in ordinary sales transactions of $0.8 million, $1.0 million and $0.4 million and ordinary purchase transactions of $2.1 million, $2.1 million and $0.7 million for the years ended January 31, 2025, 2024 and the Successor period of 2023, respectively, with entities affiliated with Thoma Bravo. In conjunction with the Merger, the Company entered into an advisory services agreement with an affiliate of Thoma Bravo for consultation and advice related to corporate strategy, budgeting of future corporate investments, acquisition and divestiture strategies, and debt and equity financings. Under this agreement the Company shall pay an annual amount of $15.0 million, payable quarterly in advance. Thoma Bravo may elect to receive a lesser amount or elect to make such amount contingent on
109
the occurrence of certain events. The Company made payments of $7.5 million, $11.3 million and $9.4 million under this agreement in the years ended January 31, 2025, 2024 and the Successor period in 2023, respectively. The Company expensed $15.0 million, $15.0 million and $6.9 million in the years ended January 31, 2025, 2024 and the Successor period in 2023, respectively, which is included in general and administrative expenses in the Companys consolidated statements of operations. The Company has $8.8 million and $1.2 million included in accrued expenses and other liabilities in the consolidated balance sheets as of January 31, 2025 and January 31, 2024, respectively. In conjunction with the closing of the IPO, the Company settled all outstanding fees payable to Thoma Bravo and its advisory services agreement was terminated.
On December 13, 2024, the Company acquired Imprivata, which is majority owned by Thoma Bravo, See Note 5 for additional information.
On December 23, 2024, the Company entered into a purchase agreement with Thoma Bravo, pursuant to which Thoma Bravo purchased 36,548,286.44 Class A Units and 7,984,676.29 Class B Units for an aggregate purchase price of $600.0 million. In connection with Thoma Bravo’s purchase, certain of the Company's directors and other equityholders exercised their preemptive rights under the Company's partnership agreement and purchased a total of 19,567.57 Class A Units and 4,274.91 Class B Units for an aggregate purchase price of approximately $0.3 million.
Under the terms of the Credit Agreement, an entity affiliated with Thoma Bravo provided $50.0 million of the Term Loans as part of the syndicate of lenders on August 16, 2022. As a result, the Company made interest payments of $4.8 million, $5.7 million and $2.1 million and incurred interest expense of $5.9 million, $5.9 million and $2.4 million to the affiliate of Thoma Bravo for the year ended January 31, 2025, 2024 and Successor period of 2023, respectively. As of January 31, 2025 and 2024, the total principal balance owed to the affiliate of Thoma Bravo was $32.7 million and $50.0 million, respectively, and the total accrued interest was $0.9 million and $0.3 million as of January 31, 2025 and 2024, respectively. The outstanding principal balance owed to the affiliate of Thoma Bravo was fully repaid upon the repayment of the Company's term loan.
The Company did not have any related party balances or incur any material related party transactions as of and during the Predecessor period of 2023.
12. Partners’ Deficit
The Company operates under the terms and conditions of the amended and restated SailPoint Parent, LP Limited Partnership Agreement (the “Partnership Agreement”) dated August 16, 2022. The partnership interests are represented by Class A and Class B Units. Under the Partnership Agreement, there is an unlimited number of Class A and Class B Units that may be issued. The Company’s Board has the sole authority and right to manage the business and affairs of the Company and to make all decisions and take all actions for the Company, except for certain exceptions defined within the Partnership Agreement.
On August 16, 2022, the Company issued 362.5 million Class A Units and 79.2 million Class B Units for an aggregate net proceeds of $5.8 billion, and the proceeds from such issuance was used to fund the Merger. On August 16, 2022, in connection with the Merger, a former shareholder of the Predecessor rolled over their equity interest into the Company in the amount of $26.1 million for 1.6 million Class A Units and 0.3 million Class B Units.
In August 2022, as part of the Merger, the Board approved the SailPoint Parent, LP Co-Invest Agreement (the “Co-Invest Agreement”) to incentivize employees and to align the employees and management with the owners of the business. The Co-Invest Agreement offers employees the one-time opportunity to invest in the Company by purchasing units directly from the Company for cash. Under the Co-Invest Agreement, the purchase price was $16.42 for one Class A Unit and a number of Class B Units, based on a ratio of one Class A Unit to 0.2185 Class B Units. The Company determined the Co-Invest Agreement was not compensatory as the units were issued at fair value. In March 2023, the Company issued 3.2 million Class A Units and 0.7 million Class B Units for an aggregate purchase price of $51.7 million pursuant to Co-Invest Agreements.
On December 23, 2024, SailPoint Parent, LP (the “Company” or “SailPoint”) entered into a purchase agreement with Thoma Bravo, pursuant to which Thoma Bravo purchased Class A Units and Class B Units for an aggregate purchase price of $600.0 million. In addition, on January 7, 2025, in connection with Thoma Bravo’s purchase, certain of the Company’s directors and other equityholders exercised their preemptive rights under our partnership agreement and purchased Class A Units and Class B Units for an aggregate purchase price of approximately $0.3 million. The Company used $575.0 million of the proceeds from such transaction to repay $550.0 million and $25.0 million of the Term Loan and Revolving Credit Facility (which was drawn down by the Company on November 8, 2024), respectively, and plans to use the remainder for general corporate purposes.
Redeemable Convertible Units
Redeemable convertible units consisted of the following as of the following dates:
110

January 31, 2025
Units issued and outstandingAggregate liquidation preferenceNet carrying value
(In thousands)
Class A Units403,400 $8,100,352 $8,100,352 
Class B Units (1)
91,761 — 3,095,789 
Total redeemable convertible units495,161 $8,100,352 $11,196,141 
(1) The net carrying value includes the redemption value of unvested incentive units that will convert to Class B units.
January 31, 2024
Units issued and outstandingAggregate liquidation preferenceNet carrying value
(In thousands)
Class A Units367,132 $6,861,381 $3,960,241 
Class B Units
81,808 — 1,878,623 
Total redeemable convertible units448,940 $6,861,381 $5,838,864 
The cumulative unpaid Class A yield earned was $1,477.9 million and $834.3 million as of January 31, 2025 and 2024 respectively. The cumulative unpaid Class A yield earned per unit was $3.66 and $2.27 as of January 31, 2025 and 2024, respectively.
The issued and outstanding units disclosed on the consolidated balance sheet includes all legally outstanding units, which are different from the number of units considered outstanding in the table above due to the timing of incentive units vesting.
The following are the relevant terms related to the Class A and Class B Units:
Class A Yield
The Class A unitholders are entitled to a cumulative preferred return at the per annum rate of 9% (“Class A Yield”), compounded on a quarterly basis, on the sum of unpaid yield (“Unpaid Yield”) plus unreturned capital (“Unreturned Capital”). Unpaid Yield represents the amount equal to the excess of the aggregate Class A Yield accrued on such Class A Units for all prior periods, over the aggregate amount of prior distributions made by the Company related to such Class A Yield. Unreturned Capital is the aggregate contributions made in exchange for Class A Units reduced by distributions made by the Company to such unitholders for all prior periods.
At each reporting date, the Company evaluates whether the Class A Units are considered currently redeemable or probable of becoming redeemable upon a deemed liquidation event. The Company does not record the cumulative yield in the consolidated financial statements until the Company determines that such units are probable of becoming redeemable. As of January 31, 2025, the Class A and Class B Units are currently redeemable as the deemed liquidation events that would give rise to the redemption of the units were considered probable. As of January 31, 2024, the Class A and Class B Units were not currently redeemable as the deemed liquidation events that would give rise to the redemption of the units were not probable. The Board may in its discretion make distributions at any time or from time to time.
Class B Yield
The Class B unitholders are not entitled to any yield or dividend.
Liquidation Rights
The Class A unitholders are entitled to liquidation preference over Class B unitholders. The distribution will first be made to settle Unpaid Yield, and then to settle Unreturned Capital. Any remaining amounts shall be distributed pro rata among holders of Class B Units based on the outstanding Class B Units held at the time of such distribution. Therefore, all Class A
111
unitholders have first priority with regard to any distributions made by the Company to its unitholders. The Class B unitholders then have the residual interests in the Company.
Redemption Rights
In accordance with the terms and conditions of the Partnership Agreement, the Class A and Class B Units are contingently redeemable upon occurrence of a sale or reorganization, which are deemed liquidation events that are considered outside of the Company’s control. Upon redemption, each Class A and Class B unitholder shall receive in exchange for each unit, the same cash value of consideration and the same portion of the aggregate consideration as if a liquidation event occurred and a distribution was made pursuant to the liquidation rights. As of January 31, 2025, the Class A Units and Class B Units were considered redeemable as the closing of the IPO was considered probable. The Company recognized the increase to the redemption value of both Class A and Class B units as a charge to its additional paid in capital and accumulated deficit.
Repurchase Rights
In accordance with the terms and conditions of certain investor agreements, Co-Invest Agreements, or other incentive unit agreements entered into between the Company and its unitholders, the Class A and Class B Units are subject to repurchase at the election of the Company, Thoma Bravo, or another related party upon the unitholder’s termination or in connection with a sale of the Company. The repurchase price for each Class A Unit is the fair market value of such unit as of the date of repurchase; provided, however, that if the unitholder is terminated for cause, the repurchase price shall be the lesser of the unitholder’s original cost for such unit and the fair market value of such unit. The repurchase price for each Class B Unit is the fair market value of such unit as of the date of repurchase.
Conversion Rights
The Class A and Class B Units are contingently convertible upon occurrence of a reorganization in anticipation of a public offering. In connection with such event, the Board will determine what securities or other property the units will be converted to or exchanged for.
Voting Rights
The majority of the Class A and Class B Units are owned by funds managed by Thoma Bravo (“TB Funds”). TB Funds have control of the Board through their election rights, and the TB Funds also have certain approval rights as defined within Partnership Agreement including, but not limited to authorizing any distributions upon any securities of the Company and authorizing the issuance of any notes or debt securities.
13. Equity-Based Compensation
Successor Period
In August 2022, as part of the Merger, the Board approved the SailPoint Parent, LP Incentive Equity Plan (the “Plan”) and the SailPoint Parent, LP Co-Invest Agreement (the “Co-Invest Agreement”) to incentivize employees and to align the employees and management with the owners of the business.
The Plan provides for the grant of options, profits interest, equity appreciation rights and other forms of awards to employees and non-employees granted or denominated in units of Parent. Under the Plan, 10,972 million Class B Units (“Incentive Units”) were reserved for issuance. The Plan allows for awards to generally vest over four years based on continued service to the Company and/or its affiliates. Equity-based compensation costs for granted units are recognized as expense on a straight-line basis over the requisite service period as the services performed.
The Co-Invest Agreement offers employees the one-time opportunity to co-invest in the Company by purchasing units directly from the Company for cash. Under the Co-Invest Agreement, the purchase price was $16.42 for one Class A Unit and a number of Class B Units, based on a ratio of one Class A Unit to 0.2185 Class B Units. The Company determined the Co-Invest Agreement was not compensatory in nature as the terms are no more favorable than those available to all holders of the same class of equity, therefore it does not give rise to recognizable compensation cost.
112
Incentive Units
The following table summarizes incentive equity unit activity for the periods presented:
Number
Weighted
Average
Grant Date
Fair Value
(In thousands)(Per unit)
Non-vested at January 31, 2024
5,678 $17.25 
Granted
1,007 19.68 
Vested(2,293)17.66 
Forfeited(501)17.06 
Non-vested at January 31, 2025
3,891 $17.93 

The total fair value of the Incentive Units vested during the year ended January 31, 2025 was $39.1 million. Total unrecognized equity-based compensation expense for service based awards as of January 31, 2025 is $66.3 million which will be recognized over the remaining weighted average vesting period of 2.2 years.
Included in the table above are performance-based Incentive Units that include certain service conditions in the award agreement. The Company did not issue any performance-based Incentive Units during the year ended January 31, 2025. During the year ended January 31, 2024, the Company granted 1.8 million performance-based Incentive Units to certain executives. The service condition for these awards is satisfied by providing service to the Company based on the defined service period under the award agreement. The executive will vest in the performance-based Incentive Unit upon the achievement of certain target financial performance metrics as defined in the award agreement. The Board will determine the target financial performance metric each fiscal year. During the years ended January 31, 2025 and 2024, the Company recognized $6.1 million and $11.1 million, respectively, of expense as achievement of the performance condition was met.

As of January 31, 2025, the Incentive Units were considered redeemable as the closing of the IPO was considered probable.
During the years ended January 31, 2025 and 2024, the Company also granted equity appreciation rights awards under the Plan that are required to be settled in cash. The awards are classified as liabilities and are remeasured each reporting period. The liability is included in other long-term liabilities on the consolidated balance sheets and is included in the consolidated statement of operations as equity-based compensation expense.
Cash-Settled Awards
Immediately prior to the Closing Date all vested stock options and restricted stock units were converted into a right to receive an amount in cash, without interest, equal to the excess, if any, of the Merger Consideration of $65.25 less any per-share exercise price (not applicable to restricted stock units) multiplied by the total number of shares of Common Stock underlying the vested stock option or restricted stock unit.
In connection with the Merger, $1.0 million of expense related to the restricted stock units was accelerated upon the Closing Date and recorded in the Predecessor period in 2023.
Immediately prior to the Closing Date unvested equity awards were converted into the contingent right to receive an amount in cash, without interest, equal to the excess, if any, of the Merger Consideration of $65.25 less any per-share exercise price (not applicable to restricted stock units) multiplied by the total number of shares of Common Stock underlying the unvested stock option or restricted stock unit. The cash-settled awards generally remain subject to the same terms and conditions as were applicable to such awards immediately prior to the Closing Date and generally will vest and become payable at the same time as the unvested stock option or unvested restricted stock unit would have vested.
As of January 31, 2025, the total unrecognized compensation expense related to non-vested cash-settled awards granted is $41.7 million and is expected to be recognized over a weighted average period of 1.1 years.
Predecessor Period
Prior to the Merger Date, the Company granted stock options and restricted stock units to employees, directors, officers and consultants of the Company and its subsidiaries under the 2015 Stock Option Plans (defined below) and the 2017
113
Long Term Incentive Plan (defined below). Prior to the Merger Date, the Company also had an Employee Stock Purchase Plan (defined below) that permitted eligible employees to purchase common shares as discount.
In connection with the Merger, the 2015 Stock Option Plans, the 2017 Long-Term Incentive Plan, and the Employee Stock Purchase Plan were terminated as of the Closing Date.
2015 Stock Option Plans
In 2015, the Company adopted (i) the Amended and Restated 2015 Stock Option and Grant Plan and (ii) the 2015 Stock Incentive Plan (together the “2015 Stock Option Plans”) under which it may grant incentive stock options (“ISOs”), nonqualified stock options for the right to purchase shares of common stock and restricted stock units (“RSUs”). Under the 2015 Stock Option Plan, ISOs may not be granted at less than fair market value on the date of the grant and generally vest over a four-year period based on continued service.
2017 Long Term Incentive Plan
In November 2017, the Company’s Board of Directors adopted the 2017 Long Term Incentive Plan (the “2017 Plan”) under which it may grant stock options to purchase shares of common stock and RSUs. Options and RSUs granted under the 2017 Plan generally vest over terms of one to four years based on continued service.
The fair value for the Company’s stock options granted and the ESPP purchase rights, as discussed further below, during the periods presented were estimated at grant date using a Black-Scholes option-pricing model using the following weighted average assumptions:
Predecessor
February 1, 2022 to
August 15, 2022
Stock Options
Expected dividend rate—%
Expected volatility50.8%
Risk-free interest rate2%
Expected term (in years)6.25
ESPP
Expected dividend rate—%
Expected volatility47.9%
Risk-free interest rate0.1%
Expected term (in years)0.50
Stock Options
The total fair value of stock options vested was $4.8 million for the Predecessor period in 2023.
The weighted average grant date fair value of stock options granted was $20.15 for the Predecessor period in 2023.
Restricted Stock Units
The total fair value of restricted stock units vested was $29.5 million for the Predecessor period in 2023.
The weighted-average grant date fair value of restricted stock units granted was $44.38 for the Predecessor period in 2023.
Employee Stock Purchase Plan
In November 2017, the Company’s Board of Directors adopted the ESPP. The ESPP became effective November of 2017, after the date the Company’s registration statement was declared effective by the SEC. The first offering period opened July 1, 2018 and permitted eligible employees to purchase shares by authorizing payroll deductions from 1% to 15% of employee’s eligible compensation during the offering period, which is generally six-months, with an annual cap of $25,000.0 in fair market value, determined at the grant date. Unless an employee has previously withdrawn from the offering, his or her accumulated payroll deductions will be used to purchase shares after the closing of the offering period at a price equal to 85% of the closing price of the shares at the opening or closing of the offering period, whichever is lower. Expense associated with ESPP purchase rights is recognized on a straight-line basis over the offering period.
114
During the Predecessor period in 2023, approximately 0.1 million shares of common stock have been purchased or distributed pursuant to the ESPP.
Equity-based Compensation Expense
A summary of the Company’s equity-based compensation expense, which includes stock options, incentive units, RSUs, the ESPP and cash-settled awards, is presented below (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Incentive equity units$31,714 $37,469 $— $— 
Equity appreciation rights10,253 3,982 — — 
Stock options— — — 3,822 
RSUs— — — 34,495 
ESPP— — — 1,237 
Cash-settled awards57,602 93,368 59,033 — 
Total equity-based compensation expense$99,569 $134,819 $59,033 $39,554 
A summary of the Company’s equity-based compensation expense as recognized in the consolidated statements of operations is presented below (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Cost of revenue - subscription$7,119 $6,675 $3,276 $2,246 
Cost of revenue - services and other6,652 5,772 2,744 1,921 
Research and development23,139 30,373 14,775 11,222 
Sales and marketing38,387 52,292 21,480 14,393 
General and administrative24,272 39,707 16,758 9,772 
Total equity-based compensation expense$99,569 $134,819 $59,033 $39,554 

On January 31, 2025, the Board of Managers of the Company approved modifications to accelerate vesting of certain Incentive Units, Equity Appreciation Rights, and cash settled awards subject to the pricing and closing of the IPO and immediately prior to the corporate conversion. The Company did not recognize any additional expense as January 31, 2025 and expects to record an estimated equity-based compensation expense of $113.8 million upon the close of the IPO. The equity awards that will be accelerated or modified, as applicable, are held by our directors, executive officers, and employees.

14. Balance Sheet Related Items
Property and Equipment
The cost and accumulated depreciation of property and equipment are as follows (in thousands):
115
January 31, 2025January 31, 2024
Computer equipment$12,845 $8,961 
Capitalized software development costs8,219 — 
Furniture and fixtures3,629 3,517 
Leasehold improvements12,759 11,770 
Other1,229 1,207 
Total property and equipment38,681 25,455 
Less: accumulated depreciation and amortization(15,802)(9,123)
Total property and equipment, net$22,879 $16,332 
Depreciation and amortization expense was $6.6 million, $6.6 million, $3.2 million, and $3.3 million for the years ended January 31, 2025 and 2024, and the Successor and Predecessor periods in 2023, respectively.
Prepayments and Other Current Assets and Other Non-Current Assets
Prepayments and other current assets consisted of the following (in thousands):
January 31, 2025January 31, 2024
Prepaid expenses$23,966 $23,794 
Restricted cash3,097 6,821 
Income tax receivables2,348 597 
Deferred offering costs9,710 — 
Other6,749 4,540 
Total prepayments and other current assets$45,870 $35,752 
Other non-current assets consisted of the following (in thousands):
January 31, 2025January 31, 2024
Prepaid expenses$4,691 $797 
Deferred tax assets, non-current8,199 6,066 
Right-of-use assets, net21,627 24,223 
Other1,689 2,133 
Total other non-current assets$36,206 $33,219 
 
116
Accrued Expenses and Other Liabilities
Accrued expenses and other liabilities consisted of the following (in thousands):
January 31, 2025January 31, 2024
Commissions$31,365 $26,771 
Bonus31,647 35,300 
Operating lease liabilities - current4,586 3,921 
Payroll and related benefits 10,250 9,494 
Cash-settled awards6,416 8,567 
Interest payable29,829 8,054 
Income taxes payable333 2,896 
Thoma Bravo advisory fees8,750 1,250 
Other34,959 21,317 
Total accrued expenses and other liabilities$158,135 $117,570 
Other Long-Term Liabilities
Other long-term liabilities consisted of the following (in thousands):
January 31, 2025January 31, 2024
Long-term operating lease liabilities$17,832 $20,800 
Equity appreciation rights14,296 4,154 
Total other long-term liabilities$32,128 $24,954 
15. Income Taxes
Provision for income taxes consists of U.S. and state income taxes and income taxes in certain foreign jurisdictions in which the Company and its taxable subsidiaries conduct business.
The following table presents consolidated loss before income taxes (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Domestic$(384,171)$(519,395)$(250,574)$(147,142)
Foreign7,542 7,046 4,791 (434)
Total loss before income taxes$(376,629)$(512,349)$(245,783)$(147,576)
117
The provision (benefit) expense for income taxes consisted of the following (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Current
Federal$353 $1,711 $(36)$— 
State935 301 70 88 
Foreign8,430 5,895 2,320 2,551 
Total current9,718 7,907 2,354 2,639 
Deferred
Federal(56,759)(106,764)(55,978)(207)
State(12,718)(17,448)(10,683)(602)
Foreign(1,040)(677)1,783 (167)
Total deferred(70,517)(124,889)(64,878)(976)
Provision (benefit) expense for income taxes$(60,799)$(116,982)$(62,524)$1,663 
The significant components of the Company’s taxable subsidiaries' deferred taxes are as follows (in thousands):
January 31, 2025January 31, 2024
Deferred tax assets:
Research and development and other credits$30,173 $28,669 
Capitalized research expenditures75,425 62,384 
Net operating loss carryforward36,359 55,904 
Disallowed interest carryforward97,827 66,025 
Deferred revenue39,543 40,526 
Stock compensation3,252 2,297 
Operating lease liabilities5,488 6,127 
Accrued expenses9,292 8,255 
Other8,363 123 
Total deferred tax assets305,722 270,310 
Less valuation allowance for deferred tax assets(32,265)(8,330)
Net deferred tax asset273,457 261,980 
Deferred tax liabilities:
Fixed assets(1,922)(2,485)
Operating lease ROU assets(5,291)(6,000)
Capitalized commissions(17,217)(19,692)
Intangible assets(377,356)(434,201)
Total deferred tax liabilities(401,786)(462,378)
Net deferred tax (liabilities) assets$(128,329)$(200,398)
As of January 31, 2025, the Company’s taxable subsidiaries have federal, state and foreign net operating loss carryforwards of $80.8 million, $188.3 million and $36.1 million, respectively. Approximately $0.2 million of the federal net operating loss carryforwards will begin to expire in 2037 and $80.6 million do not expire. The state net operating loss carryforwards will begin to expire in 2027, if not utilized. The foreign net operating losses do not expire.
As of January 31, 2025, the Company’s taxable subsidiaries have federal and state research and development credit carryforwards of $24.8 million and $7.0 million, respectively. The federal and state research and development credits will begin to expire in 2026 and 2034, respectively, if not utilized.
118
The Partnership’s tax basis of net assets and liabilities exceeds the book basis by $825.3 million and $541.2 million as of January 31, 2025 and 2024, respectively. The primary difference between financial reporting basis and tax basis is related to the deficit in retained earnings.

The Company assessed all available positive and negative evidence to determine whether it expects that sufficient future taxable income will be generated to allow it to realize its existing deferred tax assets. The Company determined that it is not more likely than not to realize a portion of the benefits of its U.S. federal and state interest expense carryforward. The Company’s taxable subsidiaries have increased the valuation allowance to $32.3 million from $8.3 million as of January 31, 2025 and 2024, respectively.
The following table reconciles the Company’s effective tax rate to the federal statutory tax rate:
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
U.S. federal taxes at statutory rate21.0 %21.0 %21.0 %21.0 %
State taxes, net of federal benefit3.3 3.1 4.0 3.7 
Foreign tax rate differentials(0.3)(0.1)(0.2)(0.1)
Foreign tax on earnings(1.0)(0.5)(0.4)(0.8)
Research and development credits1.6 2.2 2.2 2.3 
Nondeductible officer compensation— — — (0.5)
Equity-based compensation(1.8)(1.6)— 1.0 
Change in valuation allowance(6.3)— (0.2)(27.3)
Change in unrecognized tax benefits(0.3)(0.9)(0.2)(0.2)
Other(0.1)(0.4)(0.6)(0.1)
Total16.1 %22.8 %25.6 %(1.0)%
Judgment is required in evaluating the Company’s uncertain tax positions and determining the Company’s provision for income taxes. The reconciliation of unrecognized tax benefits is as follows (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
Beginning Balance$50,386 $40,402 $2,988 $2,620 
Additions based on tax positions related to prior year— 6,635 — — 
Reductions based on tax positions related to prior year— — — — 
Additions based on tax positions related to current year1,708 3,349 37,671 368 
Settlements
(1,597)— (257)— 
Ending Balance$50,497 $50,386 $40,402 $2,988 
Included in the balance of unrecognized tax benefits as of January 31, 2025, 2024 and 2023 is $48.7 million, $48.6 million and $38.8 million, respectively, of tax benefits that, if recognized, would affect the Company’s effective tax rate.

The Company does not have any significant uncertain tax positions as of January 31, 2025 for which it is reasonably possible that the positions will increase or decrease within the next twelve months.
The Company’s policy is to recognize interest and/or penalties related to income tax matters in income tax expense. During the years ended January 31, 2025 and 2024, and the Successor and Predecessor periods in 2023, the Company did not record any material interest or penalties.
119
The Company files income tax returns in U.S. federal, state, and foreign jurisdictions. The Company has net operating loss carryforwards and tax credits for the U.S. federal and certain state jurisdictions allowing the statute of limitations to remain open for all years. The foreign jurisdictions statute of limitations is closed for tax years before 2018.
Deferred income taxes have not been recognized on the excess of the amount for financial reporting over the tax basis of investments in foreign subsidiaries that are indefinitely reinvested outside the U.S. Determination of the unrecognized deferred tax liability related to the outside basis difference in investments in the foreign subsidiaries is not practicable. If the Company repatriated its foreign earnings, any deferred income taxes for the estimated U.S. income tax, foreign income tax, and applicable withholding taxes is not material.
16. Segments and Geographic Information
Operating segments are defined as components of an entity for which separate financial information is available and that is regularly reviewed by the Chief Operating Decision Maker, or CODM. The CODM is comprised of the Company's Chief Executive Officer, Chief Financial Officer and President. The Company's CODM reviews financial information presented on a consolidated basis for the purposes of making operating decisions, allocating resources, and evaluating financial performance. Accordingly, the Company determined that it operates in one reportable segment. The Predecessor also determined that it operates in one reportable segment. The measure used by our CODM for evaluating the Company's overall performance and inform resource allocation to support strategic priorities is net loss. Significant expense categories regularly provided to the CODM are those disclosed in the consolidated statements of operations.

The following is a summary of consolidated revenues within geographic areas determined by the billing address of the customer for the periods presented (in thousands):
SuccessorPredecessor
Year Ended January 31, 2025Year Ended January 31, 2024August 16, 2022 to
January 31, 2023		February 1, 2022 to
August 15, 2022
United States$586,466 $472,830 $188,716 $183,714 
EMEA 166,691 143,023 56,846 58,243 
Rest of the World108,454 83,719 31,111 34,197 
Total revenue$861,611 $699,572 $276,673 $276,154 
No single country other than the United States represented more than 10% of the Company's revenue or total long-lived assets.
Substantially all of the Company’s long-lived assets were held in the United States as of January 31, 2025 and 2024.
17. Employee Benefit Plans
The Company has established a defined contribution savings plan under Section 401(k) of the Internal Revenue Code (the “401(k) Plan”). The 401(k) Plan covers substantially all employees who meet minimum age and service requirements and allows participants to defer a percentage of their annual compensation as defined in the 401(k) Plan. The Company matches portions of employees’ voluntary contributions. Additional employer contributions may also be made at the Company’s discretion. The Company recorded expense of $7.1 million, $6.4 million, $2.7 million, and $3.3 million, for the years ended January 31, 2025 and 2024, and the Successor and Predecessor periods in 2023, respectively, for matching contributions to the 401(k) Plan.

120
18. Condensed Financial Information of Registrant (Parent Company Only)
SAILPOINT PARENT, LP
Parent Company Only
Condensed Balance Sheets
(in thousands, excepts units)
January 31, 2025January 31, 2024
Assets
Current assets
Cash and cash equivalents$— $— 
Total current assets— — 
Investment in subsidiary5,607,701 5,297,669 
Total assets$5,607,701 $5,297,669 
Liabilities, redeemable convertible units and partners' deficit
Current liabilities
Total current liabilities$— $— 
Total liabilities— — 
Redeemable convertible units, no par value, unlimited units authorized, 499,052,847 and 454,618,712 units issued and outstanding as of January 31, 2025 and 2024, respectively; aggregate liquidation preference of $8,100,352 and $6,861,381 as of January 31, 2025 and 2024, respectively11,196,141 5,838,864 
Partners' deficit
Additional paid in capital— 37,431 
Accumulated deficit(5,588,440)(578,626)
Total partners' deficit(5,588,440)(541,195)
Total liabilities, redeemable convertible units and partners' deficit$5,607,701 $5,297,669 



121
SAILPOINT PARENT, LP
Parent Company Only
Condensed Statements of Operations
(in thousands)
Year Ended January 31, 2025 Year Ended January 31, 2024 August 16, 2022 to January 31, 2023
Revenue
Total revenue$— $— $— 
Cost of revenue:
Total cost of revenue— — — 
Gross profit— — — 
Operating expenses:
Total operating expenses— — — 
Income from operations— — — 
Other expense:
Total other expense— — — 
Equity in net loss of subsidiary(315,830)(395,367)(183,259)
Net loss$(315,830)$(395,367)$(183,259)

Description of Business and Basis of Presentation
Organization
SailPoint Parent, LP, which is controlled by the TB Funds, became the ultimate parent of Technologies Holdings in August 2022 and is referred to as the “Parent” herein. The Parent has no operations or significant assets or liabilities other than its investment in Technology Holdings through its subsidiaries. Accordingly, the Parent is primarily dependent upon distributions from its subsidiary for funding. However, Holdings and Technologies Holdings’ ability to pay dividends or lend to the Parent is limited under the Credit Agreement. All obligations under the Credit Agreement are guaranteed by Holdings.
The Credit Agreement contains certain affirmative, negative, and financial covenants, including limitations on dividends and distributions, sales of assets, and other similar activities. Because of these qualitative restrictions, substantially all of the assets of the Parent’s subsidiaries are restricted. See Note 9 for additional information.
Basis of Presentation
These condensed financial statements have been presented on a “parent-only” basis. Under a parent-only presentation, the Parent’s investment in subsidiary is presented under the equity method of accounting. Certain information and footnote disclosures normally included in financial statements prepared in accordance with GAAP have been condensed or omitted. As such, these parent-only financial statements should be read in conjunction with the accompanying notes to the consolidated financial statements of the Parent.
During the year ended January 31, 2025, the Parent generated cash from financing activities of $600.3 million related to related to proceeds for the issuance of Class A and B units. The cash received of $600.3 million was used to invest in Technologies Holdings.
During the year ended January 31, 2024, the Parent generated cash from financing activities of $51.7 million related to proceeds for the issuance of Class A and B units. The cash received of $51.7 million was used to invest in Technologies Holdings.
During the Successor period in 2023, the Parent generated net cash from financing activities of $5.8 billion related to proceeds for the issuance of Class A and B Units. The Parent invested the cash of $5.8 billion for the acquisition of Technologies Holdings.
122
A condensed statement of cash flows was not presented because the Parent has no other material operating, investing, or financing cash flow activities for the year ended January 31, 2025, 2024 and the successor period in 2023.
During the year ended January 31, 2025, the Parent recorded additional paid in capital of $31.7 million related to the Incentive Units issued under the Plan. On behalf of the Parent, Technology Holdings repurchased Class A and Class B Units of the Parent for $6.2 million, which resulted in a reduction of investment in subsidiary.

During the year ended January 31, 2024, the Parent recorded additional paid in capital of $37.5 million related to the Incentive Units issued under the Plan. On behalf of the Parent, Technology Holdings repurchased Class A and Class B Units of the Parent for $1.3 million, which resulted in a reduction of investment in subsidiary.
19. Subsequent Events
The Company evaluated subsequent events through March 27, 2025. These events, other than those discussed in Note 1, are as follows:
On February 19, 2025, the Company repaid $690.0 million of its Term Loan from the proceeds of its IPO. On March 3, 2025, the Company repaid the remaining balance of $350.0 million of its Term loan and will record an estimated $15.3 million loss from extinguishment of debt related to debt issuance costs.
During February 2025, the Company issued 16,483,859 restricted stock units primarily in connection with our IPO under a new SailPoint, Inc. Omnibus Incentive Plan (the "Omnibus Incentive Plan") to certain of its employees, including our executive officers, and certain members of the board in connection with the closing of the IPO. Stock-based compensation expense is estimated to be $388.4 million and will be recognized subsequent to the date of the closing of the IPO over the vesting terms, which are predominately two or four year terms.
123
Item 9. Changes in and Disagreements with Accountants on Accounting and Financial Disclosure
None.
Item 9A. Controls and Procedures
Evaluation of Disclosure Controls and Procedures
Our disclosure controls and procedures (as defined in Rules 13a-15(e) and 15d-15(e) under the Exchange Act) are designed to ensure that information required to be disclosed in the reports that we file or submit under the Exchange Act is recorded, processed, summarized, and reported within the time periods specified in the rules and forms of the SEC and to ensure that information required to be disclosed is accumulated and communicated to management, including our principal executive officer (“PEO”) and principal financial officer (“PFO”), to allow timely decisions regarding disclosure. Our management, with the participation of our PEO and PFO, has evaluated the effectiveness of our disclosure controls and procedures as of January 31, 2025 and, based on such evaluation, our PEO and PFO have concluded that our disclosure controls and procedures were effective as of such date.
Management’s Report on Internal Control over Financial Reporting
This Annual Report does not include a report of management’s assessment regarding internal controls over financial reporting or an attestation report of our independent public accounting firm due to a transition period established by the rules of the SEC for newly public companies.
Changes in Internal Control over Financial Reporting
There were no changes in the Company’s internal control over financial reporting as defined in Exchange Act Rule 13a-15(d) and 15d-15(d) during the quarter ended January 31, 2025 that materially affected, or are reasonably likely to materially affect, our internal control over financial reporting.
Item 9B. Other Information
None.
Item 9C. Disclosure Regarding Foreign Jurisdictions that Prevent Inspections
Not applicable.
124
PART III
Item 10. Directors, Executive Officers and Corporate Governance

Executive Officers and Directors
Below is a list of the names, ages as of March 27, 2025, positions, and a brief account of the business experience of the individuals who serve as our executive officers or directors.
NameAgePosition
Mark McClain
62
Chief Executive Officer and Director
Matt Mills
67
President
Brian Carolan
54
Chief Financial Officer
Chris Schmitt
52
Executive Vice President, General Counsel, and Secretary
Chandrasekar (Chandra) Gnanasambandam
52
Executive Vice President of Product and Chief Technology Officer
Abby Payne
48
Chief People Officer
Kristin Weston
51
Chair of the Board of Directors
Andrew Almeida
37
Director
William Bock
74
Director
Seth Boro
49
Director
Ronald Green
56
Director
James (Jim) Hagan
52
Director
Sacha May
31
Director
Tracey Newell
58
Director
Mark McClain co-founded STHI in December 2005 and has served as our Chief Executive Officer and on our Board since August 2022, and previously served in such capacities at STHI until the Take-Private Transaction in August 2022. Mr. McClain has more than 20 years of experience developing and leading innovative technology companies that have operated in the identity management market. In 2000, he founded Waveset Technologies (“Waveset”), a pioneer in the identity management market. Following the acquisition of Waveset by Sun Microsystems (“Sun”) in 2003, Mr. McClain served as Vice President of Software Marketing for Sun. Mr. McClain’s career also includes experience in international sales and marketing with HP (NYSE: HPQ) and IBM Tivoli Systems. Mr. McClain holds a B.A. in Economics from Point Loma Nazarene University and an M.B.A. from the University of California, Los Angeles.
Matt Mills has served as our President since June 2024 and served as our President, Worldwide Field Operations from August 2022 until June 2024, and previously served in such capacity at STHI from February 2021 until the Take-Private Transaction in August 2022. Mr. Mills initially joined STHI as its Chief Revenue Officer in August 2019, serving in that capacity until becoming President, Worldwide Field Operations in February 2021. Mr. Mills brings more than 30 years of experience to this role. Before joining STHI, Mr. Mills was the chief executive officer of MapR Technologies, an enterprise software company, from October 2015 until February 2018. Immediately prior to that, he spent 20 years at Oracle Corporation (NYSE: ORCL), most recently as Senior Vice President North America Sales, where he oversaw more than 8,000 employees and was responsible for $4.5 billion in annual revenue. Since September 2018, Mr. Mills has served as board member and advisor to various early-stage SaaS companies. Additionally, Mr. Mills currently serves as a managing partner of Tappan Hill Venture Partners II, LLC, a venture capital fund. Mr. Mills holds a B.S. in Business from Ferris State University in Michigan.
Brian Carolan has served as our Chief Financial Officer since December 2022. Prior to his role at SailPoint, Mr. Carolan worked at Commvault Systems, Inc. (NASDAQ: CVLT) (“Commvault”), a data protection and cyber resilience company, for over twenty years, serving as Chief Financial Officer from October 2012 until June 2022, Vice President, Finance and Chief Accounting Officer from July 2006 until September 2012, and Controller from February 2001 until June 2006. Prior to joining Commvault, Mr. Carolan worked in the Technology, Communications, and Entertainment audit practice of Ernst & Young LLP from 1993 until January 2001. Mr. Carolan holds a B.S. in Accounting from Villanova University and an M.B.A. from New York University. Mr. Carolan is a certified public accountant in the State of New Jersey.
Chris Schmitt has served as our Executive Vice President, General Counsel and Secretary since August 2022 and as an Executive Vice President since July 2020, and previously served as General Counsel and Secretary for STHI from March 2017 and as an Executive Vice President for STHI from July 2020 until the Take-Private Transaction in August 2022. Mr.
125
Schmitt has nearly 25 years of corporate legal experience. Prior to joining STHI, Mr. Schmitt was a Partner at the law firm Vinson & Elkins L.L.P. from January 2010 until March 2017, practicing in the firm’s Capital Markets and Mergers & Acquisitions group. His practice focused on mergers and acquisitions, public and private securities offerings, technology transactions, and compliance and corporate governance. Prior to that, Mr. Schmitt was an Associate attorney at Vinson & Elkins and, before that, at the law firm Baker Botts L.L.P. Mr. Schmitt holds a B.S. in Political Science and Economics and a J.D., both from the University of Michigan.
Chandrasekar (Chandra) Gnanasambandam has served as our Executive Vice President of Product and Chief Technology Officer since February 2025. Mr. Gnanasambandam joins SailPoint after a two decades-long career at McKinsey & Company, where he most recently co-led the firm's global high-tech practice. His expertise spans both product management and engineering, with a proven track record of driving large-scale transformations for some of the world’s largest and fastest-growing cloud companies. Prior to his work in McKinsey’s high-tech practice, Mr. Gnanasambandam co-founded and led Fuel, McKinsey’s investor and start-up arm, and was a founding partner of McKinsey's Bangalore office in India. He started his career as a Java architect in the early days of Java at Sun Microsystems where he contributed to the programming language’s development and implementation for large customers. Mr. Gnanasambandam holds a M.S. in Engineering from the University of Saskatchewan and an M.S. in Engineering from Georgia Institute of Technology.
Abby Payne has served as our Chief People Officer since August 2022, and previously served in such capacity at STHI from December 2019 until the Take-Private Transaction in August 2022. Ms. Payne previously served as the Vice President of Human Resources at STHI starting in October 2011. Ms. Payne has nearly 25 years of experience serving in various human resources capacities for technology companies. Prior to joining STHI, Ms. Payne worked at BMC Software, an IT services and IT consulting company, as a Senior Human Resources Business Partner from July 2009 to October 2011, and at Trilogy, a software development company, as a Human Resources Manager from December 1999 to June 2009. Ms. Payne holds a B.B.A. in Business Management from the University of Texas at Austin.
Kristin Weston has served on our Board since August 2022. Ms. Weston has served as an Operating Partner of Thoma Bravo since November 2020. Ms. Weston was the Interim Chief Executive Officer of Talend, a data integration and data management company, from October 2022 to May 2023. Ms. Weston previously served as Senior Advisor, Private Equity to Vista Equity Partners, a private equity firm, from April 2020 to November 2020. Ms. Weston also previously served Social Solutions Global, a software provider, as the Chief Executive Officer from October 2016 to April 2020, and MicroEdge, LLC (“MicroEdge”), a software and services company, as the Chief Executive Officer from November 2013 until its acquisition in October 2014 by Blackbaud, Inc. and thereafter, she continued leading the MicroEdge business until April 2016. Prior to joining MicroEdge, Ms. Weston served as General Manager of the litigation software division of Thomson Reuters Corporation (NYSE: TRI), a news and information-based tools provider, from February 2012 to November 2013, and as President of Kroll Ontrack, Inc., an information services provider, where she held a variety of roles from 2001 to 2011. Ms. Weston currently serves on the board of directors of several software and technology service companies in which certain private equity funds advised by Thoma Bravo hold an investment. Ms. Weston also previously served on the board of directors of other software and technology companies, including N-able, Inc. (NYSE: NABL) from July 2021 to November 2022. Ms. Weston received a B.A. in English from the University of Minnesota and a J.D. from William Mitchell College of Law. Ms. Weston also received a Certificate in Management and Leadership from the MIT Sloan School of Management.
Andrew Almeida has served on our Board since August 2022. Mr. Almeida is a Partner at Thoma Bravo. Mr. Almeida joined Thoma Bravo in 2012 as an Associate, was promoted to Senior Associate in 2014, to Vice President in 2016, to Principal in 2019, and to Partner in 2022. Mr. Almeida previously worked in investment banking at Bank of America Merrill Lynch. Mr. Almeida currently serves on the board of directors of several software and technology service companies in which certain private equity funds advised by Thoma Bravo hold an investment. Mr. Almeida received a B.B.A. in Finance, Investment, and Banking and a B.A. in Economics from The University of Wisconsin—Madison and an M.S. from Vanderbilt University.
William Bock has served on our Board since August 2022 and previously served on the board of directors of STHI since 2011. Mr. Bock has served on the board of directors of Silicon Laboratories Inc. (NASDAQ: SLAB) (“Silicon Labs”), a provider of silicon, software, and solutions for the IoT, internet infrastructure, industrial, consumer, and automotive markets, since 2011. In addition, Mr. Bock has served as Chairman of the board of directors of N-able, Inc. (NYSE: NABL), an IT enablement company, since July 2021 and as a member of the board of directors of SolarWinds Corporation (NYSE: SWI) (“SolarWinds”), a software company, since October 2018, being appointed as Chairman of SolarWinds’ board in August 2020. From 2013 to his retirement in 2016, Mr. Bock served as the President of Silicon Labs. Mr. Bock also served Silicon Labs as Senior Vice President of Finance and Administration and Chief Financial Officer from 2006 to 2011. Prior to joining Silicon Labs, Mr. Bock participated in the venture capital industry, principally as a partner with CenterPoint Ventures, a venture capital firm, and previously held senior executive positions with various venture-backed companies. Mr. Bock began his career with Texas Instruments (NASDAQ: TXN), a semiconductor company. Mr. Bock holds a B.S. in Computer Science from Iowa State University and an M.S. in Industrial Administration from Carnegie Mellon University.
126
Seth Boro has served on our Board since August 2022 and previously served on the board of directors of STHI from September 2014 until November 2018. Mr. Boro has served as a Managing Partner at Thoma Bravo since 2013. Mr. Boro joined Thoma Bravo in 2005 and became a Partner in 2010, serving in that capacity until becoming a Managing Partner in 2013. Mr. Boro was previously an associate with the private equity firm Summit Partners and an analyst with Credit Suisse. Mr. Boro currently serves on the board of directors of several software and technology service companies in which certain private equity funds advised by Thoma Bravo hold an investment. Mr. Boro also previously served on the board of directors of other cybersecurity companies, including Dynatrace (NYSE: DT) from January 2015 to February 2024 and SolarWinds (NYSE: SWI) from February 2016 to October 2022. Mr. Boro is a graduate of Queen’s University School of Business (Canada), where he received a Bachelor of Commerce degree, and he received an M.B.A. from the Stanford Graduate School of Business.
Ronald Green has served on our Board since August 2022 and previously served on the board of directors of STHI since July 2021. Mr. Green is an experienced security leader and has served as Cybersecurity Fellow at Mastercard Inc. (NYSE: MA) (“Mastercard”), a payment services company, since November 2023. Prior to that, Mr. Green served as Mastercard’s Executive Vice President, Chief Security Officer beginning in January 2014, leading a global team that ensures the safety and security of Mastercard’s network, products, and services, and serving on Mastercard’s Management Committee. Prior to joining Mastercard, Mr. Green served as Deputy CISO at Fidelity Information Services, a fintech software company, from December 2012 to January 2014. Prior to this position, Mr. Green was Director, Investigation, and Protections Operations at BlackBerry Limited (NYSE: BB), a cybersecurity software company, and before that he served as a senior vice president across several areas at Bank of America (NYSE: BAC), a financial services company. He also has extensive experience working with international and federal law enforcement agencies, both as a special agent in the United States Secret Service, where among other things he worked on fraud investigations, and as an officer in the United States Army. Mr. Green currently serves as Chair of the Financial Services Sector Coordinating Council and as a member of the United States Secret Service Cyber Investigations Advisory Board. Mr. Green holds a B.S. in mechanical engineering from the United States Military Academy at West Point, is a graduate of the FBI’s Domestic Security Executive Academy, and holds a graduate certification in Information Assurance from The George Washington University.
James (Jim) Hagan has served on our Board since August 2022. Mr. Hagan has served as an Operating Partner of Thoma Bravo since September 2019. Mr. Hagan previously served as the Chief Financial Officer of MedeAnalytics, Inc. (“MedeAnalytics”), a healthcare analytics company, from September 2016 to October 2020. Prior to MedeAnalytics, Mr. Hagan served in various management roles at Forcepoint LLC (“Forcepoint”), a cybersecurity company, including Chief Operating Officer and Interim Chief Executive Officer, from March 2016 to August 2016. Before joining Forcepoint, Mr. Hagan served in various financial roles at Websense, Inc. (formerly NASDAQ: WBSN), a cybersecurity company, including Chief Financial Officer, from May 2007 to March 2016. Mr. Hagan also served as the Director of Finance of Fair Isaac (NYSE: FICO), an analytics company, and as an associate in both the Industrial and Global Financial Sponsors groups at Lehman Brothers from June 2003 to March 2005. Mr. Hagan currently serves on the board of directors of several software and technology service companies in which certain private equity funds advised by Thoma Bravo hold an investment. Mr. Hagan received a B.S. in Management Science from University of California, San Diego and an M.B.A. from UCLA Anderson School of Management.
Sacha May has served on our Board since August 2022. Mr. May has served as a Vice President at Thoma Bravo since August 2021. Mr. May previously was with TA Associates as a Senior Associate from July 2018 to July 2021 where he focused on software investments and worked in investment banking at Moelis & Company from July 2015 to June 2018. Mr. May currently serves on the board of directors of software and technology service companies in which certain private equity funds advised by Thoma Bravo hold an investment. Mr. May received his B.S. in Business from NYU Stern School of Business.
Tracey Newell has served on our Board since August 2022 and previously served on the board of directors of STHI since March 2019. Ms. Newell served as President of Global Field Operations at Informatica LLC (“Informatica”), an enterprise cloud data management company, from July 2018 until her retirement in January 2021, during which time she was responsible for worldwide field sales, alliances, channels and sales operations, and customer success. From December 2020 until May 2023, Ms. Newell served on the board of directors of Sumo Logic, Inc. (NASDAQ: SUMO), a SaaS log analytics platform, and she also currently serves on the board of directors of several private technology companies. Ms. Newell previously served as a member of the Informatica board of directors from June 2016 to June 2018, and prior to joining Informatica, Ms. Newell was Executive Vice President of global field operations at Proofpoint, Inc. (“Proofpoint”), an enterprise security software and solutions company, from August 2013 until June 2018. Before Proofpoint, from July 2011 to August 2013, Ms. Newell was Executive Vice President, Global Sales at Poly Inc., formerly Polycom, a communications company. Ms. Newell has also held sales leadership positions at Juniper Networks, a networking products company, and at Cisco WebEx, a collaboration platform company. Ms. Newell holds a B.A. in Business Economics from the University of California, Santa Barbara.

127
Family Relationships
There are no family relationships between any of our executive officers or directors.
Audit Committee
We have a separately-designated standing audit committee established in accordance with Section 3(a)(58)(A) of the Exchange Act and the applicable listing standards of Nasdaq. The members of the Audit Committee of the Board (the “Audit Committee”) are Messrs. Bock, Green, and Hagan, with Mr. Hagan serving as chair of the committee. Each member of the Audit Committee is financially literate. The Board has determined that Messrs. Bock, Green, and Hagan meet the independence requirements of Rule 10A-3 under the Exchange Act and the applicable listing standards of Nasdaq. Our Board determined that each of Messrs. Bock and Hagan is an “audit committee financial expert” within the meaning of SEC regulations and applicable listing standards of Nasdaq.
Code of Business Conduct and Ethics
We have adopted a code of business conduct and ethics that applies to all of our employees, officers, and directors, including those officers responsible for financial reporting. A copy of our code of business conduct and ethics is available free of charge on the “Investor relations” section of our website at https://investor.sailpoint.com. We intend satisfy the disclosure requirement under Item 5.05 of Form 8-K regarding an amendment to the code, or any waivers of its requirements, by posting such information on the “Investor relations” section of our website at https://investor.sailpoint.com.
Insider Trading Policy
We have adopted an insider trading policy that governs the purchase, sale, and other dispositions of the Company’s securities by its directors, officers and employees, a copy of which is filed as Exhibit 19.1 to this Annual Report and which the Company believes is reasonably designed to promote compliance with insider trading laws, rules, and regulations as well as the applicable rules and regulations of the Nasdaq. In addition, with regard to the Company’s trading in its own securities, it is the Company’s policy to comply with the federal securities laws as well as the applicable rules and regulations of Nasdaq.
Item 11. Executive Compensation

Compensation Discussion and Analysis
The purpose of this Compensation Discussion and Analysis section is to provide information about the material elements of compensation that are paid, awarded to, or earned by, our “Named Executive Officers,” who consist of our PEO, our PFO, and the three other most highly compensated executive officers (other than our PEO and PFO). For fiscal 2025 (i.e., our fiscal year ended January 31, 2025), our Named Executive Officers and their positions were:
Mark McClain, Chief Executive Officer;
Brian Carolan, Chief Financial Officer;
Matt Mills, President;
Chris Schmitt, Executive Vice President, General Counsel, and Secretary; and
Abby Payne, Chief People Officer.
Historical Compensation Decisions
Our compensation approach reflects our current stage in our development as a business and also our ownership structure. For more than two years prior to our IPO, we and our operating subsidiaries were privately held and controlled by Thoma Bravo, one of the largest software-focused investors in the world. Our prior compensation policies and determinations, including those made for fiscal 2025, have been the determinations of, and approved by, the Compensation and Nominating Committee (which we refer to as the “Compensation Committee” in this Compensation Discussion and Analysis) and were informed by various factors, including our compensation philosophy, company and individual performance, the scope and responsibilities of each executive’s role relative to market benchmarks, and the compensation levels of our other executive officers.
Compensation Philosophy and Objectives
128
We have strived to create an executive compensation program that balances short-term versus long-term payments and awards, cash payments versus equity awards, and fixed versus contingent payments and awards in ways that we believe are most appropriate to motivate our executive officers. Our executive compensation program is designed to:
attract and retain talented and experienced executives in our industry;
reward executives whose knowledge, skills, and performance are critical to our success;
align the interests of our executive officers and shareholders by motivating executive officers to increase shareholder value and rewarding executive officers when shareholder value increases;
foster a shared commitment among executives by aligning their individual goals with the goals of the executive management team and our company; and
compensate our executives in a manner that incentivizes them to manage our business to meet our long-range objectives.
To achieve these objectives, the Compensation Committee expects to maintain our current compensation plans and consider implementing new compensation plans in order to tie a substantial portion of the executives’ overall compensation to key strategic financial goals.
Our executive compensation program rewards team accomplishments while promoting individual accountability and depends on Company results as well as individual impact. A portion of total compensation is placed at risk through annual performance bonuses and long-term incentives. The combination of incentives is designed to balance annual operating objectives and Company earnings performance with longer-term shareholder value creation.
We seek to provide competitive compensation that is commensurate with performance and to promote a long-term commitment to the Company by our executives. Our team-focused culture and management processes are designed to foster this commitment.
Risk Assessment
The Company’s compensation programs and policies mitigate risk by combining performance-based, long- term compensation elements with payouts that are highly correlated to the value delivered to shareholders. The combination of performance measures for annual bonuses and the equity compensation programs, as well as the multiyear vesting schedules for equity awards, encourages employees to maintain both a short and a long-term view with respect to Company performance.
Elements of Compensation
Our current executive compensation program, which is set by our Compensation Committee, consists of the following components:
base salary;
annual cash incentive awards linked to our overall performance;
grants of long-term equity-based compensation; and
other employee benefits.
We combine these elements in order to formulate compensation packages that provide competitive pay, reward the achievement of financial, operational, and strategic objectives, and align the interests of our executive officers and other senior personnel with those of our stockholders.
Pay Mix
We utilize the particular elements of compensation described above because we believe that it provides a well-proportioned mix of secure compensation, retention value, and at-risk compensation, which produces short-term and long-term performance incentives and rewards. By following this approach, we provide the executive a measure of security in the minimum expected level of compensation, while motivating the executive to focus on business metrics that will produce a high level of short-term and long-term performance for the Company and long-term wealth creation for the executive, as well as reducing the risk of recruitment of top executive talent by competitors.
Base Salary
We pay base salaries to retain the individual executive’s services and to reward and motivate individual performance. The Board makes adjustments to the base salary rates of the Named Executive Officers upon consideration of any factors that it
129
deems relevant, including but not limited to: (i) any increase or decrease in the executive’s responsibilities, (ii) the executive’s job performance, and (iii) the level of compensation paid to executives of other companies with which we compete for executive talent, as estimated based on publicly available information and the experience of members of the Board and our Chief Executive Officer.
Base salaries were reviewed by our Compensation Committee in fiscal 2024 (i.e., our fiscal year ended January 31, 2024) with changes effective July 1 of that year. In setting base salaries, the Compensation Committee considers peer group comparisons and assesses the individual skills, performance, experience, responsibilities, and time in position of each Named Executive Officer. Below are the annual base salaries for our Named Executive Officers for fiscal 2024 (i.e., our fiscal year ended January 31, 2024) and fiscal 2025, reported as of January 31 of each year.

Annual Base Salary
NameFY 2024FY 2025
Mark McClain
$525,000$600,000
Brian Carolan
$425,000$450,000
Matt Mills
$465,000$525,000
Chris Schmitt
$365,000$400,000
Abby Payne
$345,000$375,000
The base salaries paid to our Named Executive Officers in fiscal 2025 are set forth in the Summary Compensation Table below.
Annual Incentive Compensation
Historically, our Compensation Committee has awarded annual cash bonuses to our Named Executive Officers under our corporate bonus plan on an annual basis, or at the commencement of an executive officer’s employment with us, by setting a target level of bonus compensation that is structured as a percentage of such executive officer’s annual base salary. In 2024, we changed our fiscal year from a calendar year to the 12-month period ending January 31. Our Compensation Committee is in the process of determining how bonuses will be measured in future years in light of this change. As such, in fiscal 2025 our Compensation Committee elected to award discretionary annual cash bonuses to our Named Executive Officers in the amounts set forth in the table below. The bonuses were paid following a year-end review by the Compensation Committee of the Named Executive Officer’s performance but were not measured against pre-established performance objectives. The following table shows fiscal year 2025 discretionary bonus payouts and calendar year 2023 bonus payouts under the Company’s bonus plan.

NameFiscal Year 2025 Discretionary Bonus PayoutCalendar Year 2023 Bonus Plan Payout
Mark McClain
$548,637$656,250
Brian Carolan
$289,063$318,750
Matt Mills
$482,785$581,250
Chris Schmitt
$223,818$273,750
Abby Payne
$185,558
Long-Term Equity-Based Awards
We believe that equity-based compensation is an important component of our executive compensation program and that providing a significant portion of our executive officers’ total compensation package in equity- based compensation aligns the incentives of our executives with the interests of our stockholders and with our long-term corporate success. Additionally, we believe that equity-based compensation awards enable us to attract, motivate, retain, and adequately compensate executive talent. To that end, on June 30, 2023, we awarded equity-based compensation to our executive officers in the form of profits interests (“Incentive Units”) under the SailPoint Parent, LP Incentive Equity Plan. We believe such Incentive Unit awards, of which 50% were subject to time-vesting and 50% were subject to performance-vesting, provided executive with a significant long-term interest in our success by rewarding the creation of stockholder value over time. We did not grant any additional Incentive Units to our Named Executive Officers in fiscal 2025.
130
The time-vesting Incentive Units vested 25% on August 16, 2023 (December 12, 2023 for Mr. Carolan), and the Incentive Unit grant agreements (the “Profits Interest Grant Agreements”) provided that the remaining unvested time-vesting Incentive Units would vest ratably in a series of 36 equal monthly installments, subject to the Named Executive Officer’s continued employment. The performance vesting Incentive Units were subject to vesting in five yearly installments through December 31, 2026, upon the achievement of target financial performance metrics which were to be determined yearly by the Board, beginning with calendar year 2023. For calendar year 2024, the Compensation Committee approved the vesting of the applicable installment of Incentive Units at its discretion without measuring against the pre-established performance objective.
The Profits Interest Grant Agreements provided that upon confirmation by the Board that financial performance measures for any given fiscal year did not equal or exceed the applicable target financial performance (an “Unvested Year”), then all performance-vesting Incentive Units for such Unvested Year that would have otherwise vested had the financial performance for such fiscal year equaled or exceeded the applicable target financial performance would remain unvested (the “Unvested Performance Incentive Units”). To the extent that the Board confirmed for the fiscal year immediately subsequent to such Unvested Year that financial performance for such subsequent fiscal year equaled or exceeded the target financial performance for such subsequent fiscal year (and the Named Executive Officer had been in continuous service with the Company through the end of such subsequent fiscal year) then all Unvested Performance Incentive Units from such immediately preceding Unvested Year outstanding as of such date that would have otherwise vested had the financial performance for such previous Unvested Year equaled or exceeded the applicable target financial performance for such Unvested Year would become immediately vested upon the date of such determination by the Board.
In connection with our IPO, the Named Executive Officer’s Incentive Units were converted into fully vested shares of our common stock. Please see “Actions Taken in Fiscal 2026” below for more information.
Other Executive Benefits and Perquisites
We provide benefits to our executive officers on the same basis as other eligible employees including:
health insurance;
vacation, personal holidays, and sick days; and
a 401(k) plan with matching contributions.
Stock Ownership Guidelines and Holding Requirements
We plan to establish stock ownership guidelines pursuant to which covered persons (including our Named Executive Officers) will be prohibited from selling or disposing of any shares of our common stock unless and until the covered person holds an aggregate value of our common stock (or equivalents recognized under our policy) equal to a to-be-determined multiple of their annual base salary.
Policies and Practices Related to the Grant of Certain Equity Awards Close in Time to the Release of Material Nonpublic Information
We do not currently grant new awards of stock options, stock appreciation rights, or similar option-like instruments. Accordingly, we do not have a specific policy or practice on the timing of such awards in relation to the disclosure of material nonpublic information by the Company. In the event we determine to grant such awards in the future, the Board and the Compensation Committee will evaluate the appropriate steps to take in relation to the foregoing.
Actions Taken in Fiscal 2026
Treatment of Incentive Units
In connection with our IPO, all unvested Incentive Units held by our Named Executive Officers and non-employee directors were accelerated and vested. Thereafter, any vested outstanding Incentive Units were converted into fully vested shares of our common stock. Following the IPO, there is no further liability with respect to the Incentive Units and long-term incentive compensation will be awarded to our Named Executive Officers pursuant to the Omnibus Plan.
Omnibus Incentive Plan
We adopted the Omnibus Plan to promote the success of the Company’s business for the benefit of its stockholders by enabling the Company to offer eligible individuals cash and stock-based incentives, including stock options, stock appreciation rights, restricted stock, restricted stock units, performance awards and other stock-based awards. The Compensation
131
Committee’s decision to grant awards under the Omnibus Plan is discretionary, we strive to maintain an appropriate balance between the aggregate number of shares used for equity grants and shareholder interests.
IPO Grants
In connection with our IPO, we granted 15,900,040 restricted stock units under the Omnibus Plan to certain employees, including our Named Executive Officers, and certain of our non-employee directors as follows: (i) 3,346,744 restricted stock units to Mr. McClain, (ii) 834,393 restricted stock units to Mr. Carolan, (iii) 1,169,068 restricted stock units to Mr. Mills, (iv) 652,175 restricted stock units to Mr. Schmitt, (v) 600,580 restricted stock units to Ms. Payne, and (vi) 23,188 restricted stock units to each of Messrs. Bock, Green, and Hagan and Mses. Newell and Weston. The restricted stock units granted to our Named Executive Officers will vest over a period of [two years], subject to such executive’s continued service through the applicable vesting dates and the restricted stock units granted to our non-employee directors will vest on the date of our annual shareholder meeting in 2026, subject to the non-employee director’s continued service through such vesting date.
Employee Stock Purchase Plan
In order to incentivize employees of the Company, its designated affiliates, and subsidiaries, we adopted the SailPoint, Inc. Employee Stock Purchase Plan (the “ESPP”). The ESPP is comprised of two distinct components in order to provide increased flexibility to grant rights to purchase shares under the ESPP to U.S. and to non-U.S. employees. Specifically, the ESPP authorizes (i) the grant of rights to purchase shares to U.S. employees that are intended to qualify for favorable U.S. federal tax treatment under Section 423 of the Code, and (ii) the grant of rights to purchase shares that are not intended to be tax-qualified under Section 423 of the Code.
Clawback Policy
We also adopted a clawback policy that complies with Nasdaq’s clawback listing standards, Section 10D of the Exchange Act and the rules promulgated thereunder (the “Clawback Policy”). In the event that we are required to prepare an accounting restatement of our financial statements due to our material noncompliance with any financial reporting requirement under the securities laws, the Clawback Policy requires that covered executives must reimburse us, or forfeit, any excess incentive-based compensation “received” (as defined in Section 10D of the Exchange Act) by such covered executive during the three completed fiscal years immediately preceding the date on which we are required to prepare the restatement. Executives covered by the Clawback Policy include our current and former executive officers, as determined by the Compensation Committee in accordance with Section 10D of the Exchange Act and the Nasdaq listing standards, and such other senior executives or employees who may from time to time be deemed subject to the Clawback Policy by the Compensation Committee.
Compensation Committee Report
The following report of the Compensation and Nominating Committee of the Board does not constitute soliciting material and should not be deemed filed or incorporated by reference into any future filings under the Securities Act or the Exchange Act, except to the extent we specifically incorporate this report by reference.
The Compensation and Nominating Committee has reviewed and discussed with management this Compensation Discussion and Analysis required by Item 402(b) of Regulation S-K. Based on the review and discussions, the Compensation and Nominating Committee recommended to the Board that this Compensation Discussion and Analysis be included in this Annual Report.
The Compensation and Nominating Committee
Tracey Newell, Chair
Andrew Almeida
William Bock
2025 Summary Compensation Table
The following table sets forth certain information with respect to compensation for fiscal 2025, fiscal 2024 (i.e., our fiscal year ended January 31, 2024), and fiscal 2023 (i.e., our fiscal year ended January 31, 2023) earned by, awarded to, or paid to our Named Executive Officers.
132
Name and Principal PositionFiscal Year
Salary
($)
Bonus
($)
Stock Awards
($)(1)(2)
Option Awards
 ($)(1)(2)
Non-Equity Incentive Plan Compensation
($)
All Other Compensation
($)(3)
Total
($)
Mark McClain
2025568,750548,63710,5381,127,925
Chief Executive Officer2024525,00022,162,963656,2509,18823,353,401
2023514,5834,377,1112,389,5085,2627,286,464
Brian Carolan
2025439,583289,06310,412739,058
Chief Financial Officer2024425,0005,194,441318,7509,9005,948,091
202359,5641,06360,627
Matt Mills
2025500,000482,785982,785
President
2024465,0007,757,034581,2508,803,284

2023458,750300,002,501,1891,365,4244,625,363
Chris Schmitt
2025385,417223,81810,438619,673
EVP, General Counsel
2024365,0003,989,327273,7509,9004,637,977
and Secretary
2023358,750500,0001,094,278597,3675,0502,555,445
Abby Payne
2025362,500185,558548,058
Chief People Officer2024
2023
_______________
(1) The amounts reported in this column represent the grant date fair value of awards granted to the Named Executive Officers during the applicable fiscal year, computed in accordance with FASB Accounting Standards Codification Topic 718. The assumptions used in calculating the grant date fair value of the awards reported in this column are set forth in Note 13 to the consolidated financial statements included elsewhere in this annual report. The amounts reported in this column reflect the accounting cost for these awards and do not correspond to the actual economic value that may be ultimately realized by the Named Executive Officers for the awards.
(2) In fiscal 2024, the Named Executive Officers were awarded Incentive Units that were intended to constitute profits interests for U.S. federal income tax purposes. Despite the fact that the Incentive Units did not require the payment of an exercise price, they were most similar economically to stock options. Accordingly, they are classified as “options” under the definition provided in Item 402(a)(6)(i) of Regulation S-K as an instrument with an “option-like feature.”
The target financial performance metrics applicable to the performance-vesting Incentive Units were determined yearly by the Board, so for accounting purposes, the tranches of performance-vesting Incentive Units eligible for vesting as of December 31, 2025 and 2026 were not considered granted. Accordingly, in addition to the grant date fair value of the time-vesting Incentive Units, only the grant date fair value of the performance-vesting Incentive Units eligible for vesting as of December 31, 2022, 2023, and 2024 for which the target financial performance metrics had been established (December 31, 2023 and 2024 for Mr. Carolan) are reported in this column.
For additional details on the Incentive Units, see the section titled “—Pay Mix—Long-Term Equity-Based Awards” above.
(3) The amounts reported in this column reflect matching contributions by the Company under its 401(k) plan.
2025 Grants of Plan-Based Awards
In fiscal 2025, the Company did not grant any plan-based awards to our Named Executive Officers.
Narrative Description to the Summary Compensation Table and the Grant of Plan-Based Awards Table for Fiscal 2025
Employment Agreements
We have not entered into Employment Agreements with any of our Named Executive Officers.
Outstanding Equity Awards at Fiscal 2025 Year End
The following table sets forth certain information with respect to outstanding equity awards of our Named Executive Officers as of January 31, 2025.
133

Option Awards(1)
NameNumber of Securities Underlying Unexercised Options (#) Exercisable
Number of Securities Underlying Unexercised Options
(#) Unexercisable
Equity Incentive Plan Awards: Number of Securities Underlying Unexercised Unearned Options
(#)(2)
Option Exercise Price
($)(3)
Option Expiration Date(3)
Mark McClain
1,007,721.42331,258.09N/AN/A
Brian Carolan
213,573.74100,249.38N/AN/A
Matt Mills
352,701.91115,940.90N/AN/A
Chris Schmitt
181,389.0259,627.13N/AN/A
Abby Payne
181,389.0259,627.13N/AN/A
_______________
(1) The time-vesting Incentive Units vested 25% on August 16, 2023 (December 12, 2023 for Mr. Carolan), and the Profits Interest Grant Agreements provided that the remaining unvested time-vesting Incentive Units would vest ratably in a series of 36 equal monthly installments. The performance vesting Incentive Units were subject to vesting in five yearly installments through December 31, 2026, upon the achievement of target financial performance metrics which were to be determined yearly by the Board, beginning with calendar year 2023.
(2) This column does not include the performance-vesting Incentive Units with respect to the performance periods ending December 2025 and December 2026 for which the applicable target financial performance metrics had not been set such that for accounting purposes such Incentive Units were not considered granted. See “—Potential Payments Upon Termination or a Change in Control” below for more information on these Incentive Units.
(3) The Incentive Units are not traditional options, and therefore, there is no exercise price or expiration date, but rather the Incentive Units participate in distributions attributable to the appreciation in the fair market value of SailPoint Parent, LP, or profits of SailPoint Parent, LP, after their respective dates of grant.
Options Exercised and Stock Vested in Fiscal 2025
In fiscal 2025, our Named Executive Officers did not vest in any stock awards or exercise any option awards.
Potential Payments Upon Termination or a Change in Control
Outstanding Equity
Sale of the Partnership
Under the terms of the Profits Interest Grant Agreements, upon the occurrence of a sale of SailPoint Parent, LP (which we refer to as the “Partnership” in this Compensation Discussion and Analysis), 100% of unvested Incentive Units would vest, provided that the Named Executive Officer remained in continuous service with the Company until immediately prior to the Sale of the Partnership. Notwithstanding the foregoing, unvested performance-vesting Incentive Units from any Unvested Year(s) and/or forfeited year(s) would vest if (i) the Thoma Bravo Funds (as defined below) achieved an IRR of at least 20% and (ii) the Thoma Bravo Funds achieved a cash-on-cash return of at least 2.0. Any unvested performance-vesting Incentive Units which remained unvested and did not accelerate or vest pursuant to the preceding sentence in connection with a Sale of the Partnership would automatically terminate and be cancelled for no payment of any kind.
As defined in the Amended and Restated Limited Partnership Agreement of the Partnership, “Sale of the Partnership” meant any transaction or series of transactions pursuant to which any person or group of related persons (other than the investors and their controlled affiliates) in the aggregate acquired (i) a majority of the Class A Units and Class B Units or a majority of the outstanding equity securities of the Partnership by vote or by value (in each case whether by merger, consolidation, reorganization, combination, asset sale, or transfer of equity securities, securityholder or voting agreement, proxy, power of attorney, or otherwise) or (ii) all or substantially all of the Partnership’s and its subsidiaries’ assets determined on a consolidated basis. Also, as used above, the “Thoma Bravo Funds” refers to Thoma Bravo Executive Fund XIII, L.P., Thoma Bravo Fund XIII, L.P., Thoma Bravo Fund XIII-A, L.P., Thoma Bravo Executive Fund XV, L.P., Thoma Bravo Fund
134
XV, L.P., Thoma Bravo Fund XV-A, L.P., Thoma Bravo Employee Fund, L.P., Project Hotel California Co-Invest Fund, L.P., Thoma Bravo Co-Invest Opportunities XV-1, L.P., Thoma Bravo Co-Invest Opportunities XV-3, L.P., and Project Quail Opportunities, L.P.
Although the value of the unvested Incentive Units that would have accelerated and vested as of a Sale of the Partnership cannot be quantified, the number of such awards held by each Named Executive Officer as of January 31, 2025 was as follows: (i) for Mr. McClain approximately 666,003.08 Incentive Units, (ii) for Mr. Carolan approximately 204,857.39 Incentive Units, (iii) for Mr. Mills approximately 233,101.94 Incentive Units, (iv) for Mr. Schmitt approximately 119,881.51 Incentive Units, and (v) for Ms. Payne approximately 119,881.51 Incentive Units. The foregoing amounts include performance-vesting Incentive Units with respect to the performance periods ending December 2025 and December 2026 for which the applicable target financial performance metrics have not been set, such that for accounting purposes such Incentive Units were not considered granted, in the following amounts: (i) for McClain approximately 334,744.99 Incentive Units, (ii) for Mr. Carolan approximately 104,608.01 Incentive Units, (iii) for Mr. Mills approximately 117,161.49 Incentive Units, (iv) for Mr. Schmitt approximately 60,254.83 Incentive Units, and (v) for Ms. Payne approximately 60,254.83 Incentive Units.
Termination of Employment Due to Death
At the closing of the Take-Private Transaction, outstanding restricted stock units were converted into the right to receive cash in the amount of the number of restricted stock units held by each grantee multiplied by the merger consideration (such awards, “Converted RSU Awards”) and such awards retained the original vesting schedule of the restricted stock units. Upon a termination of employment due to a Named Executive Officer’s death, such Named Executive Officer’s unvested Converted RSU Awards will accelerate and vest, in an amount up to $1,000,000. The value of the unvested Converted RSU Awards that would accelerate and vest upon a termination of employment due to a Named Executive Officer’s death as of January 31, 2025 is as follows: (i) for Mr. McClain, $1,000,000, (ii) for Mr. Carolan, $0, (iii) for Mr. Mills, $1,000,000, (iv) for Mr. Schmitt, $629,988.75, and (v) for Ms. Payne, $629,988.75.
As of January 31, 2025, the Named Executive Officers were not entitled to receive any additional potential payments upon a termination of employment or a change in control.
Director Compensation
The following table presents the total compensation for each person who served as a non-employee member of our Board during fiscal 2025. Other than as set forth in the table, we did not pay any compensation, reimburse any expense of, make any equity awards or non-equity awards to, or pay any other compensation to, any of the other non-employee members of the Board in fiscal 2025.
2025 Director Compensation Table
Name
Fees Earned or Paid in Cash
($)
Option Awards
($)(1)
Total
($)
William Bock
70,00070,000
Ronald Green
45,00045,000
James (Jim) Hagan
125,000125,000
Tracey Newell
45,00045,000
Kristin Weston
150,000150,000
_______________
(1) At the end of fiscal 2025, (i) Mr. Bock held approximately 11,297.64 outstanding Incentive Units, (ii) Mr. Green held approximately 11,297.64 outstanding Incentive Units, (iii) Mr. Hagan held approximately 31,633.39 outstanding Incentive Units, (iv) Ms. Newell held approximately 11,297.64 outstanding Incentive Units, and (v) Ms. Weston held approximately 61,007.25 outstanding Incentive Units.
Compensation Committee Interlocks and Insider Participation
None of our executive officers currently serves, or in the past fiscal year has served, as a member of the board of directors or compensation committee of any entity that has one or more executive officers serving on our Board or Compensation and Nominating Committee.
135
Item 12. Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters
Securities Authorized for Issuance under Equity Compensation Plans
As of January 31, 2025, we had no equity compensation plans or individual compensation arrangements under which our equity securities were authorized for issuance.
Security Ownership of Certain Beneficial Owners and Management
The following table sets forth information about the beneficial ownership of our common stock as of March 21, 2025, for:
each person or group known to us who beneficially owns more than 5% of our common stock;
each of our directors;
each of our Named Executive Officers; and
all of our directors and executive officers as a group.
Each stockholder’s percentage ownership is based on 556,575,093 shares of our common stock outstanding on March 21, 2025.
Beneficial ownership for the purposes of the following table is determined in accordance with the rules and regulations of the SEC. These rules generally provide that a person is the beneficial owner of securities if such person has or shares the power to vote or direct the voting thereof, or to dispose or direct the disposition thereof or has the right to acquire such powers within 60 days. Common stock subject to options that are currently exercisable or exercisable and restricted stock units that have vested or will vest within 60 days of March 21, 2025, are deemed to be outstanding and beneficially owned by the person holding the options or restricted stock units. These shares, however, are not deemed outstanding for the purposes of computing the percentage ownership of any other person. Except as disclosed in the footnotes to this table and subject to applicable community property laws, we believe that each stockholder identified in the table possesses sole voting and investment power over all common stock shown as beneficially owned by the stockholder.
Unless otherwise noted below, the address of each beneficial owner listed on the table is 11120 Four Points Drive, Suite 100, Austin, TX 78726.
Name of Beneficial OwnerNumber of SharesPercentage
5% Stockholders:
Thoma Bravo (1)
479,842,51486.2
Directors and Named Executive Officers:
Mark McClain4,443,393*
Matt Mills898,840*
Brian Carolan659,998*
Chris Schmitt508,983*
Abby Payne508,983*
Kristin Weston103,709*
Andrew Almeida
William Bock89,215*
Seth Boro
Ronald Green20,473*
James (Jim) Hagan60,918*
Sacha May
Tracey Newell31,255*
Directors and executive officers as a group (14 individuals)7,325,7671.3
______________
* Represents beneficial ownership of less than one percent of the outstanding shares of our common stock.
136
(1) Consists of (i) 531,953 shares held directly by Thoma Bravo Executive Fund XIII, L.P. ("TB Exec Fund XIII"), (ii) 28,061,154 shares held directly by Thoma Bravo Fund XIII, L.P. ("TB Fund XIII"), (iii) 31,904,250 shares held directly by Thoma Bravo Fund XIII-A, L.P. ("TB Fund XIII-A"), (iv) 889,980 shares held directly by Thoma Bravo Executive Fund XV, L.P. ("TB Exec Fund XV"), (v) 92,324,736 shares held directly by Thoma Bravo Fund XV, L.P. ("TB Fund XV"), (vi) 162,435,149 shares held directly by Thoma Bravo Fund XV-A, L.P. ("TB Fund XV-A"), (vii) 34,286 shares held directly by Thoma Bravo Employee Fund, L.P. ("TB Employee Fund"), (viii) 152,088,871 shares held directly by Project Hotel California Co-Invest Fund, L.P. ("TB Co-Invest Fund"), (ix) 2,103,391 shares held directly by Thoma Bravo Co-Invest Opportunities XV-1, L.P. ("TB Co-Invest XV-1 Fund"), (x) 1,117,008 shares held directly by Thoma Bravo Co-Invest Opportunities XV-3, L.P. ("TB Co-Invest XV-3 Fund"), and (xi) 8,333,736 shares held directly by Project Quail Opportunities, L.P. ("TB Quail Fund" and, together with TB Exec Fund XIII, TB Fund XIII, TB Fund XIII-A, TB Exec Fund XV, TB Fund XV, TB Fund XV-A, TB Employee Fund, TB Co-Invest Fund, TB Co-Invest XV-1 Fund and TB Co-Invest XV-3 Fund, the "Thoma Bravo Funds").
Thoma Bravo Partners XIII, L.P. (“TB Partners XIII”) is the general partner of each of TB Exec Fund XIII, TB Fund XIII, and TB Fund XIII-A. Thoma Bravo Partners XV, L.P. (“TB Partners XV”) is the general partner of each of TB Exec Fund XV, TB Fund XV, TB Fund XV-A, TB Employee Fund, TB Co-Invest Fund, TB Co-Invest XV-1 Fund, TB Co-Invest XV-3 Fund, and TB Quail Fund.
Thoma Bravo UGP XIII, LLC (“TB UGP XIII”) is the general partner of TB Partners XIII, and Thoma Bravo UGP XV, LLC (“TB UGP XV”) is the general partner of TB Partners XV.
Thoma Bravo UGP, LLC is the managing member of TB UGP XIII and TB UGP XV. Thoma Bravo UGP, LLC’s voting and investment decisions are made by an investment committee comprised of Seth Boro, Orlando Bravo, S. Scott Crabill, Lee Mitchell, Holden Spaht, and Carl Thoma. By virtue of the relationships described in this footnote, Thoma Bravo UGP, LLC may be deemed to exercise voting and dispositive power with respect to the shares held directly by TB Exec Fund XIII, TB Fund XIII, TB Fund XIII-A, TB Exec Fund XV, TB Fund XV, TB Fund XV-A, TB Employee Fund, TB Co-Invest Fund, TB Co-Invest XV-1 Fund, TB Co-Invest XV-3 Fund, or TB Quail Fund. Messrs. Boro, Bravo, Crabill, Mitchell, Spaht, and Thoma disclaim beneficial ownership of the shares held directly by TB Exec Fund XIII, TB Fund XIII, TB Fund XIII-A, TB Exec Fund XV, TB Fund XV, TB Fund XV-A, TB Employee Fund, TB Co-Invest Fund, TB Co-Invest XV-1 Fund, TB Co-Invest XV-3 Fund, or TB Quail Fund.
The principal business address of the entities identified in this footnote is c/o Thoma Bravo, L.P., 110 North Wacker Drive, 32nd Floor, Chicago, Illinois 60606.
Item 13. Certain Relationships and Related Transactions, and Director Independence

Policies for Approval of Related Party Transactions
We have adopted a policy with respect to the review, approval, and ratification of related party transactions. Under the policy, our Audit Committee is responsible for reviewing and approving related person transactions. In the course of its review and approval of related party transactions, our Audit Committee will consider the relevant facts and circumstances to decide whether to approve such transactions. In particular, our policy requires our Audit Committee to consider, among other factors it deems appropriate:
the related person’s relationship to us and interest in the transaction;
the material facts of the proposed transaction, including the proposed aggregate value of the transaction;
the impact on a director’s independence in the event the related person is a director or an immediate family member of the director;
the benefits to us of the proposed transaction;
if applicable, the availability of other sources of comparable products or services; and
an assessment of whether the proposed transaction is on terms that are comparable to the terms available to an unrelated third party or to employees generally.
The Audit Committee may only approve those transactions that are in, or are not inconsistent with, our best interests and those of our stockholders, as the Audit Committee determines in good faith.
In addition, under our code of business conduct and ethics, our employees and directors have an affirmative responsibility to disclose any transaction or relationship that reasonably could be expected to give rise to a conflict of interest.
All of the transactions described below were entered into prior to the adoption of the Company’s written related party transactions policy, but all were approved by our Board considering similar factors to those described above.

137
Related Party Transactions
Other than compensation arrangements for our directors and Named Executive Officers, which are described in Item 11 of this Annual Report, below we describe transactions since February 1, 2024 to which we were a participant or will be a participant, in which:
the amounts involved exceeded or will exceed $120,000; and
any of our directors, executive officers, or holders of more than 5% of our capital stock, or any member of the immediate family of, or person sharing the household with, the foregoing persons, had or will have a direct or indirect material interest.
Agreements and Transactions Related to the Take-Private Transaction
As a result of the completion of our Take-Private Transaction on August 16, 2022, we are controlled by Thoma Bravo. Upon the close of our Take-Private Transaction, Andrew Almeida, Seth Boro, and Sacha May, each of whom are employed by Thoma Bravo, became members of our Board and have dual responsibilities with Thoma Bravo.

On August 16, 2022, we entered into an advisory services agreement with Thoma Bravo (the “Advisory Services Agreement”), pursuant to which we engaged Thoma Bravo as a financial, transactional, and management consultant for consultation and advice related to corporate strategy, budgeting of future corporate investments, acquisition and divestiture strategies, and debt and equity financings. Under the Advisory Services Agreement, and to the extent permitted under the Credit Agreement, we were required to reimburse the travel expenses and out-of-pocket fees and expenses in performing the ongoing services. We paid approximately $70,000 pursuant to the reimbursement provision in fiscal 2024. We were also required to pay an annual monitoring fee as part of the Advisory Services Agreement equal to $15.0 million. The Advisory Services Agreement was terminated in connection with the IPO, and we used approximately $9.3 million of our net proceeds from the IPO to pay all outstanding fees under the Advisory Services Agreement. There is no expectation that such an arrangement will be entered into again in the future, and we do not expect to receive similar services in the future.
Sales of Class A Units and Class B Units
On December 23, 2024, we entered into a purchase agreement with Thoma Bravo, pursuant to which Thoma Bravo purchased approximately 36,548,286.44 Class A Units and approximately 7,984,676.29 Class B Units for an aggregate purchase price of $600 million. We have used $550 million and $25 million of the proceeds from such sales to Thoma Bravo to repay borrowings outstanding under our Term Loan and Revolving Credit Facility, respectively, and plan to use the remainder for general corporate purposes. In addition, on January 7, 2025, in connection with Thoma Bravo’s purchase, certain of our directors and other equityholders exercised their preemptive rights under our partnership agreement and purchased a total of approximately 19,567.57 Class A Units and approximately 4,274.91 Class B Units for an aggregate purchase price of approximately $0.3 million. In particular, the following directors or entities controlled by them made the following purchases: (i) Ronald Green purchased approximately 3,041.60 Class A Units and approximately 664.50 Class B Units for an aggregate purchase price of $49,932.83, (ii) Mr. Hagan purchased approximately 8,516.60 Class A Units and approximately 1,860.62 Class B Units for an aggregate purchase price of $139,813.98, (iii) an entity owned by Ms. Newell purchased approximately 3,041.60 Class A Units and approximately 664.50 Class B Units for an aggregate purchase price of $49,932.83, and (v) Ms. Weston purchased approximately 4,568.54 Class A Units and approximately 998.08 Class B Units for an aggregate purchase price of $75,000. We plan to use those proceeds for general corporate purposes.
Director Designation Agreement
On February 12, 2025, we entered into a Director Designation Agreement with Thoma Bravo that provides Thoma Bravo the right to designate nominees for election to our Board for so long as Thoma Bravo beneficially owns 40% or more of the total number of shares of our common stock that it owned as of the completion of the IPO. Thoma Bravo may also assign its designation rights under the Director Designation Agreement to an affiliate.
The Director Designation Agreement provides Thoma Bravo the right to designate: (i) all of the nominees for election to our Board for so long as Thoma Bravo beneficially owns 40% or more of the Original Amount; (ii) a number of nominees for election to our Board (rounded up to the nearest whole number) equal to 40% of the total directors for so long as Thoma Bravo beneficially owns at least 30% and less than 40% of the Original Amount; (iii) a number of nominees for election to our Board (rounded up to the nearest whole number) equal to 30% of the total directors for so long as Thoma Bravo beneficially owns at least 20% and less than 30% of the Original Amount; (iv) a number of nominees for election to our Board (rounded up to the nearest whole number) equal to 20% of the total directors for so long as Thoma Bravo beneficially owns at least 10% and less than 20% of the Original Amount; and (v) one nominee for election to our Board for so long as Thoma Bravo beneficially owns at least 5% of the Original Amount. In each case, Thoma Bravo’s nominees must comply with applicable law and stock
138
exchange rules. In addition, Thoma Bravo is entitled to designate the replacement for any of its board designees whose board service terminates prior to the end of the director’s term regardless of Thoma Bravo’s beneficial ownership at such time. Thoma Bravo also has the right to have its designees participate on committees of our Board proportionate to its stock ownership, subject to compliance with applicable law and stock exchange rules. This agreement will terminate at such time as Thoma Bravo owns less than 5% of the Original Amount.
Registration Rights Agreement
We are party to a registration rights agreement with Thoma Bravo. Thoma Bravo is entitled to request that we register Thoma Bravo’s shares on a long-form or short-form registration statement on one or more occasions in the future, which registrations may be “shelf registrations.” Thoma Bravo is also entitled to participate in certain of our registered offerings, subject to the restrictions in the registration rights agreement. Certain of our pre-IPO equityholders, including, among others, Mark McClain, our Chief Executive Officer and a member of our Board, five of our other directors (William Bock, Ronald Green, James (Jim) Hagan, Tracey Newell, and Kristin Weston), and our other executive officers (Matt Mills, Brian Carolan, Chris Schmitt, and Abby Payne), are entitled to piggyback on registered offerings initiated by us or by Thoma Bravo (such individuals entitled to piggyback rights, the “Piggyback Holders”). We will pay Thoma Bravo’s and the Piggyback Holders’ expenses in connection with such parties’ exercise of these rights. The registration rights described in this paragraph will apply to (i) shares of our common stock held by Thoma Bravo and its affiliates, (ii) shares of our common stock held by the Piggyback Holders, and (iii) any of our capital stock (or that of our subsidiaries) issued or issuable with respect to the common stock described in clause (i) by way of dividend, distribution, split, or combination of securities, or any recapitalization, merger, consolidation, or other reorganization (“Registrable Securities”). These registration rights will also be for the benefit of any subsequent holder of Registrable Securities; provided that any particular securities will cease to be Registrable Securities when they have been sold in a registered public offering, sold in compliance with Rule 144 of the Securities Act, repurchased by us or our subsidiaries, or distributed to the partners of Thoma Bravo, unless Thoma Bravo determines otherwise.
Indemnification of Officers and Directors
We have entered into indemnification agreements with each of our executive officers and directors that provide the executive officers and directors with contractual rights to indemnification, expense advancement, and reimbursement, to the fullest extent permitted under the DGCL. Additionally, we may enter into indemnification agreements with any new directors or officers that may be broader in scope than the specific indemnification provisions contained in Delaware law.
Term Loan
In connection with our entry into the Credit Agreement on August 16, 2022, Thoma Bravo acquired $50.0 million of our Term Loan, and as of January 31, 2025, Thoma Bravo collectively held $32.7 million of our Term Loan. During fiscal 2025, the largest principal amount of debt under the Term Loan held by Thoma Bravo was $50.0 million. During fiscal 2025, Thoma Bravo was paid $17.3 million in principal. During fiscal 2025, Thoma Bravo was paid $4.8 million in interest on the portion of the Term Loan held by them.
We used approximately $1,040.0 million of our net proceeds from the IPO to repay our Term Loan. As a result, Thoma Bravo received $32.7 million of our net proceeds from the IPO in connection with such repayment.
Imprivata Acquisition
On December 13, 2024, we acquired the Identity Governance and Administration business of Imprivata, a digital identity company for life- and mission-critical industries that is majority owned by Thoma Bravo, for a cash payment at closing of $10.7 million and up to an additional cash amount of $7.4 million payable eight months after the closing subject to the achievement of certain customer contract assignments or migrations.
Director Independence
The Board determined that, with the exception of Mark McClain, all other members of the Board meet the Nasdaq requirements to be independent directors. In making this determination, our Board considered the relationships that each such non-employee director has with the Company and all other facts and circumstances that our Board deemed relevant in determining their independence, including beneficial ownership of our common stock.

Item 14. Principal Accountant Fees and Services
139
On March 18, 2024, we engaged Ernst & Young LLP as our independent registered public accounting firm to complete our audit for the fiscal year ended January 31, 2024 and to serve as our independent auditor going forward. The following table sets forth the aggregate fees billed for various professional services rendered by Ernst & Young LLP for fiscal 2025 and fiscal 2024 (in thousands).
2025
2024
Audit Fees (1)
$4,010 $1,538 
Audit-Related Fees (2)
764 — 
Tax Fees (3)
335 152 
All Other Fees— — 
Total Fees$5,109 $1,691 
(1) Represents the aggregate fees billed for the audit of the Company’s consolidated financial statements, review of the condensed consolidated financial statements included in the Company’s quarterly reports and services in connection with the statutory and regulatory filings or engagements for those years. Fees for our fiscal year ended January 31, 2025 also consists of professional services rendered in connection with our Registration Statement on Form S-1 related to the initial public offering of our common stock completed in February 2025.
(2) Represents the aggregate fees billed for assurance and related services that are reasonably related to the performance of the audit or review of the Company’s consolidated financial statements and are not reported under “audit fees.”
(3) Represents the aggregate fees billed for tax compliance, advice and planning.
Pre-Approval Policy
All of the services listed in the above table were approved by the Board prior to the adoption of the charter of the Audit Committee, which occurred in connection with the completion of our IPO. The charter of the Audit Committee requires that the Audit Committee review the estimated fees of its independent registered public accounting firm’s audit, audit-related, tax, and other permitted non-audit services and requires that the Audit Committee, or a member thereof with designated authority, pre-approve any services provided to the Company by its independent registered public accounting firm.
140
PART IV
Item 15. Exhibits and Financial Statement Schedules
(a) The following documents are filed as part of this Annual Report:
1. Financial Statements
Our consolidated financial statements are listed in the “Index to Consolidated Financial Statements” under Part II, Item 8 of this Annual Report.
2. Financial Statement Schedules
All schedules have been omitted as the required information is either included in the consolidated financial statements or notes thereto, or not required, or not applicable.
3. See Item 15(b)
(b) Exhibits:
Exhibit
Number		Description
2.1
3.1
Certificate of Incorporation of SailPoint, Inc. (incorporated by reference to Exhibit 3.1 to the Current Report on Form 8-K filed by the Company on February 19, 2025).
3.2
4.1
4.2*
10.1***
10.2***
First Amendment to Credit Agreement, dated March 4, 2024, by and between SailPoint Technologies Holdings, Inc., Golub Capital Markets LLC, as administrative agent, and the lenders party thereto (incorporated by reference to Exhibit 10.2 to Amendment No. 3 to the Company’s Registration Statement on Form S-1, filed with the SEC on February 12, 2025).
10.3
10.4***
First Amendment to Lease, dated March 27, 2019, by and between BDN Four Points Land LP and SailPoint Technologies, Inc. (incorporated by reference to Exhibit 10.4 to Amendment No. 3 to the Company’s Registration Statement on Form S-1, filed with the SEC on February 12, 2025).
10.5
Director Designation Agreement, dated as of February 12, 2025, by and among SailPoint, Inc. and the stockholders party thereto (incorporated by reference to Exhibit 10.1 to the Current Report on Form 8-K filed by the Company on February 19, 2025).
141
Exhibit
Number		Description
10.6+
SailPoint, Inc. Omnibus Incentive Plan (incorporated by reference to Exhibit 10.3 to the Current Report on Form 8-K filed by the Company on February 19, 2025).
10.7+
Form of Restricted Stock Unit Grant Notice and Award Agreement (Executive Officers) under the SailPoint, Inc. Omnibus Incentive Plan (incorporated by reference to Exhibit 10.7 to Amendment No. 3 to the Company’s Registration Statement on Form S-1, filed with the SEC on February 12, 2025).
10.8+
Form of Restricted Stock Unit Grant Notice and Award Agreement (Non-employee Directors) under the SailPoint, Inc. Omnibus Incentive Plan (incorporated by reference to Exhibit 10.8 to Amendment No. 3 to the Company’s Registration Statement on Form S-1, filed with the SEC on February 12, 2025).
10.9+
SailPoint, Inc. Employee Stock Purchase Plan (incorporated by reference to Exhibit 10.4 to the Current Report on Form 8-K filed by the Company on February 19, 2025).
10.10+
Form of Indemnification Agreement between SailPoint, Inc. and each of its directors and executive officers (incorporated by reference to Exhibit 10.10 to Amendment No. 3 to the Company’s Registration Statement on Form S-1, filed with the SEC on February 12, 2025).
10.11+
10.12+
10.13+
10.14+
Offer Letter, dated December 2, 2022, by and between SailPoint Technologies, Inc. and Brian Carolan (incorporated by reference to Exhibit 10.14 to Amendment No. 3 to the Company’s Registration Statement on Form S-1, filed with the SEC on February 12, 2025).
10.15+
10.16+
Offer Letter, dated October 7, 2011, by and between SailPoint Technologies, Inc. and Abby Payne (incorporated by reference to Exhibit 10.4 to Amendment No. 3 to the Company’s Registration Statement on Form S-1, filed with the SEC on February 12, 2025).
10.17*+
19.1*
21.1*
23.1*
23.2*
31.1*
31.2*
32.1**
32.2**
142
*    Filed herewith.
**    Furnished herewith (such certification shall not be deemed “filed” for purposes of Section 18 of the Exchange Act, except to the extent that the Company specifically incorporates it by reference).
***    Certain schedules and exhibits have been omitted in accordance with Item 601(a)(5) of Regulation S-K. A copy of any omitted schedule and/or exhibit will be furnished to the SEC on request.
+    Management contract or compensatory plan or arrangement.
Item 16. Form 10-K Summary
None.
143
SIGNATURES
Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized.
SailPoint , Inc.,
Date: March 27, 2025By:/s/ Mark McClain
Mark McClain
Chief Executive Officer and Director
Date: March 27, 2025By:
/s/ Brian Carolan
Brian Carolan
Chief Financial Officer
Pursuant to the requirements of the Securities Exchange Act of 1934, this report has been signed below by the following persons on behalf of the registrant and in the capacities and on the dates indicated.
144
NameTitleDate
/s/ Mark McClainChief Executive Officer and Director
(Principal Executive Officer)		March 27, 2025
Mark McClain
/s/ Brian Carolan
Chief Financial Officer
(Principal Financial Officer)
March 27, 2025
Brian Carolan
/s/ Mitra Rezvan
Chief Accounting Officer
Principal Accounting Officer
March 27, 2025
Mitra Rezvan
/s/ Andrew Almeida
DirectorMarch 27, 2025
Andrew Almeida
/s/ William Bock
DirectorMarch 27, 2025
William Bock
/s/ Seth Boro
DirectorMarch 27, 2025
Seth Boro
/s/ Ronald Green
DirectorMarch 27, 2025
Ronald Green
/s/ James (Jim) Hagan
DirectorMarch 27, 2025
James (Jim)Hagan
/s/ Sacha May
DirectorMarch 27, 2025
Sacha May
/s/ Tracey Newell
DirectorMarch 27, 2025
Tracey Newell
/s/ Kristin Weston
DirectorMarch 27, 2025
Kristin Weston
145