CyberArk, the leader in Privileged Access Management (PAM), delivered a stellar Q1 2024. The headlines focused on the soaring subscription ARR, a 54% year-on-year jump, and the dominance of their SaaS-first strategy. But there's a more nuanced story, hidden beneath the buzzwords of "cloud" and "zero standing privilege", that many analysts are missing.

It's not just the transition to SaaS that's fueling CyberArk's momentum; it's the _shadow_ it casts on the future of their on-premise (on-prem) business. While everyone's focused on the cloud's growth, an intriguing shift is occurring within the very customers who _haven't_ fully embraced the SaaS revolution.

In a seemingly offhand remark during the Q1 earnings call, CyberArk's management revealed that the expansion rate for customers still on maintenance – those clinging to perpetual licenses – is "not that much different" than those on the subscription train. This is not just a curious tidbit; it's a potential goldmine for the company and a blind spot for those evaluating their future prospects.

The typical assumption is that those legacy customers are laggards, slow to adopt, and therefore, less likely to expand their spending. The focus, understandably, becomes pushing them towards SaaS, where the immediate upsell potential is greater. But CyberArk's data paints a different picture. These on-prem stalwarts are _already_ expanding, investing in new solutions, and demonstrating that their commitment to CyberArk's platform extends beyond their initial PAM deployment.

This raises fascinating questions. What's driving this behavior? Are these customers, perhaps in highly regulated industries where on-prem is deeply entrenched, signaling a different kind of evolution? One where the future isn't _just_ SaaS, but a hybrid model, where on-prem solutions remain vital, yet integrated into the broader Identity Security Platform that CyberArk is building?

Consider the numbers. While SaaS is grabbing the spotlight, on-prem _still_ accounts for 23% of CyberArk's total ARR. And if these customers are expanding at rates comparable to their SaaS counterparts, this represents a substantial, and largely overlooked, growth engine.

The Dual-Pronged Growth Strategy

The chart below illustrates this dual-pronged growth strategy, where both SaaS and on-prem contribute to CyberArk's continued success.

Imagine this: as CyberArk continues to innovate, rolling out new solutions like the identity-centric Secure Browser, designed as a gateway to their _entire_ platform, the lines between SaaS and on-prem begin to blur. These on-prem customers, already demonstrating a willingness to adopt new technologies, find themselves perfectly positioned to leverage these innovations, integrating them into their existing deployments and expanding their spend _without_ needing a wholesale migration to the cloud.

This creates a powerful dynamic. On one hand, the SaaS transition continues, attracting new customers and driving immediate upsell. On the other, a parallel evolution occurs within the on-prem base, fueled by a steady adoption of new solutions and a seamless integration into the broader CyberArk ecosystem.

The result? A dual-pronged growth strategy that leverages the strengths of both models. SaaS captures the headlines, while the on-prem evolution, occurring quietly beneath the surface, delivers a sustainable, and potentially explosive, long-term growth trajectory.

It's a testament to CyberArk's strategic vision. They're not just riding the SaaS wave; they're shaping the future of identity security, crafting a platform that transcends deployment models and embraces the complex needs of their diverse customer base. And in the process, they're quietly unlocking a growth engine that most analysts seem to be missing, a testament to the enduring power of on-prem, even in a cloud-obsessed world.

"Hypotheses: * **On-prem expansion rate:** If this holds steady at levels comparable to SaaS, this segment could contribute significantly to CyberArk's growth, potentially exceeding analyst expectations focused solely on the SaaS transition. * **Impact of new releases:** The Secure Browser could become a key driver of on-prem expansion, allowing these customers to leverage new functionalities and integrate them into their existing deployments without a full SaaS migration. * **Hybrid future:** This sustained on-prem expansion could signal a shift towards a hybrid identity security model, where both SaaS and on-prem solutions coexist and integrate, creating a larger and more diversified long-term market for CyberArk."

"**Fun Fact:** Did you know CyberArk's roots go back to 1999? They were founded in Israel, a country known for its cutting-edge cybersecurity expertise, and have been securing the world's most critical assets for over two decades. Talk about a company with a deep understanding of digital threats!"