Qualys (QLYS) Q4 2025: Channel Revenue Climbs 17% as Partner-Led Model Drives Strategic Upsell

2026-02-05 | By EarningsIQ Research

Qualys advanced its transition to a partner-first, AI-driven risk management platform, with channel sales outpacing direct and innovative agentic AI solutions gaining early traction. Strategic investments in automation, patch management, and risk quantification are differentiating Qualys from legacy exposure management peers. 2026 guidance reflects disciplined optimism, with upside tied to ETM adoption and partner execution.

Summary

  • Channel Expansion Outpaces Direct: Partner-led sales now drive over half of revenue, accelerating global reach.
  • AI-Driven Risk Fabric Gains Early Adoption: ETM and agentic AI solutions reshape pre-breach security workflows.
  • Execution Focused on Upsell and Partner Leverage: Growth hinges on cross-sell to installed base and broader partner enablement.

Business Overview

Qualys provides cloud-based cybersecurity solutions focused on vulnerability management, risk quantification, and automated remediation. The company monetizes through subscriptions to its platform, with major segments including vulnerability management (VMDR), endpoint threat management (ETM), patch management, asset management, and cloud security. Revenue is generated from both direct enterprise sales and a growing channel partner ecosystem, serving global enterprises, government agencies, and managed security providers.

Performance Analysis

Qualys posted double-digit revenue growth for Q4 and full-year 2025, with annual sales reaching $669.1 million and a robust adjusted EBITDA margin of 47%. Free cash flow conversion remained strong at 45% of revenue, reflecting disciplined cost management despite increased investments in sales and marketing, which rose 18% in the quarter.

Channel partners accounted for 51% of total revenue, growing 17% year-over-year and outpacing the direct sales channel’s 4% growth. International revenue also accelerated, up 15% versus 6% for the U.S., underscoring the importance of global partner leverage. Gross dollar retention remained above 90%, though net dollar expansion slipped slightly to 103%, signaling steady but unspectacular upsell activity. New product bookings—driven by asset management, patch management, and cloud—showed incremental mix gains, together representing over 20% of total bookings.

  • Channel Mix Shift: Channel revenue now exceeds half the business, reflecting a deliberate pivot to partner-led growth.
  • Product Mix Diversification: Asset management and patch management bookings are rising, but still represent a minority of total sales.
  • Operating Leverage Maintained: EBITDA margin held at 47% despite stepped-up go-to-market and R&D spend.

Share repurchases continued, with $44.7 million deployed in Q4 and a new $200 million authorization, underscoring capital return discipline. Guidance for 2026 points to mid-single-digit growth and margin stability, with upside tied to ETM and partner execution.

Executive Commentary

"Reducing cyber risk isn't about detecting more exposures. It's about operationalizing a cyber risk management program that aligns spend with risk tolerance. In doing so, CISOs are increasingly prioritizing the unification of fragmented security stack into a centralized risk fabric, one that serves as a credible alternative to single vendor platforms."

Smith Dakar, President and CEO

"The channel continued to increase its contribution making up 51% of total revenues compared to 48% a year ago. Revenues from channel partners grew 17%, outpacing direct, which grew 4%. As a result of our strategic emphasis on leveraging our partner ecosystem to drive growth, we expect this trend to continue."

Jumi Kim, Chief Financial Officer

Strategic Positioning

1. Agentic AI and ETM Platform Differentiation

Qualys is pivoting from legacy vulnerability scanning to an agentic AI-powered risk fabric, enabling autonomous risk quantification, exploit confirmation, and remediation. The ETM (Endpoint Threat Management) platform now integrates both Qualys and third-party data, supporting a vendor-neutral, AI-native workflow that validates and remediates risk in real time.

2. Channel-Led Growth and Partner Ecosystem

Channel partners are central to Qualys’ go-to-market motion, now driving the majority of revenue. The company is investing in certifying more MROC (Managed Risk Operation Center) partners, who are incentivized to deliver higher-value, business-oriented cyber risk services and drive upsell into the ETM platform.

3. Upsell and Cross-Sell to Installed Base

Growth levers center on expanding wallet share within the existing VMDR customer base, using QFlex (flexible consumption/pricing model) and new agentic AI features to encourage adoption of advanced modules like patch management and cloud security. Early wins in federal and global enterprise accounts validate the cross-sell thesis, though broad-based inflection is still emerging.

4. Automation and Patch Management as Core Differentiators

Patch management and “patchless patching” (mitigating vulnerabilities without downtime) are highlighted as key differentiators, with 140 million patches deployed in the past year. This operational focus is intended to move beyond dashboard visibility to actual risk reduction—addressing a pain point for both IT and security teams.

5. Federal and International Expansion

Federal sector momentum is building, with multi-agency ETM rollouts and high-profile agency wins. International growth outpaced domestic, aided by channel leverage and partner-led services tailored to regional compliance and risk requirements.

Key Considerations

This quarter underscores Qualys’ ongoing transition from legacy vulnerability management to an AI-native, platform-centric security model, with execution risk centered on partner enablement, upsell velocity, and competitive differentiation.

Key Considerations:

  • Partner-Led Model Brings Margin and Reach: Channel expansion supports global scale but may elongate sales cycles and dilute direct customer intimacy.
  • AI-Driven Automation Is a Clear Differentiator: Agentic AI and exploit confirmation are resonating with early adopters, but broad market education is still required.
  • Product Mix Evolution Remains Gradual: Asset management, patch management, and cloud are growing, yet core VMDR still dominates revenue.
  • Federal Upside Is Real but Lumpy: Large government contracts provide visibility and validation, but timing and ramp remain unpredictable.
  • Net Expansion Rate Stagnation Flags Upsell Execution Risk: 103% NDR signals incremental, not breakout, cross-sell despite innovation pipeline.

Risks

Qualys faces execution risk in scaling its partner ecosystem and accelerating ETM adoption, with net expansion rates showing modest improvement despite product innovation. Competitive pressure from platform consolidators and new AI-driven entrants is intensifying, while macro headwinds could slow security budget growth. Partner-led sales may create channel conflict or dilute product control, and federal contract ramps are inherently unpredictable.

Forward Outlook

For Q1 2026, Qualys guided to:

  • Revenue of $172.5 to $174.5 million (8–9% growth)
  • EPS of $1.76 to $1.83

For full-year 2026, management maintained:

  • Revenue of $717 to $725 million (7–8% growth)
  • EBITDA margin in the mid-40s
  • EPS of $7.17 to $7.45
  • Free cash flow margin in the low 40s

Management highlighted:

  • Continued investment in sales and marketing to drive pipeline and partner expansion
  • Federal and international verticals as key growth areas

Takeaways

Qualys is executing a deliberate shift to platform-centric, AI-powered risk management, with early adoption of ETM and automation modules. Channel partners are now the primary growth engine, driving both global reach and higher-value solution sales. Revenue and margin guidance reflect disciplined optimism, but net expansion and broad-based upsell remain watchpoints for 2026.

  • Channel and Product Mix Are Shifting: Partner-led sales and new modules are diversifying the revenue base, but core vulnerability management still dominates.
  • AI and Automation Lead Differentiation: Agentic AI, exploit confirmation, and patch management are drawing customer attention and industry validation.
  • Upsell and Partner Execution Will Define Future Growth: Investors should watch for acceleration in ETM adoption, NDR improvement, and federal contract ramp as signals of inflection.

Conclusion

Qualys’ Q4 2025 results reinforce its strategic pivot toward AI-driven, platform-centric risk management, with channel partners and automation as core growth levers. Execution on ETM upsell and partner enablement will be critical for outperformance in 2026.

Industry Read-Through

The shift from legacy vulnerability scanning to AI-native risk platforms is accelerating across cybersecurity, with automation, exploit validation, and risk quantification now table stakes for enterprise buyers. Channel-centric go-to-market models are reshaping software sales, especially in international and public sector verticals. Vendors focused solely on exposure visibility face growing obsolescence risk, as customers demand integrated remediation and business-aligned risk metrics. Platform consolidation and agentic AI will drive competitive realignment, with winners defined by their ability to orchestrate end-to-end security outcomes, not just deliver dashboards.

QLYS Technology Cybersecurity AI Automation Channel Sales Risk Management Patch Management Federal