CyberArk Software
Annual Report 2016

Download report
Get a demo

More annual reports from CyberArk Software:

2023 Report
2022 Report
2021 Report
2020 Report
2019 Report

Peers and competitors of CyberArk Software:

RM plc
Amdocs
Digital Turbine
ServiceSource International
CSG Systems International

Plain-text annual report

UNITED STATESSECURITIES AND EXCHANGE COMMISSIONWASHINGTON, D.C. 20549FORM 20-F ☐REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934 OR ☒ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the fiscal year ended December 31, 2016 OR ☐TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 OR ☐SHELL COMPANY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 Commission file number 001-36625 CYBERARK SOFTWARE LTD.(Exact name of Registrant as specified in its charter) ISRAEL(Jurisdiction of incorporation or organization) 94 Em-Ha'moshavot RoadPark Ofer, P.O. Box 3143Petach Tikva 4970602, Israel(Address of principal executive offices) Donna Rahav, Adv.General Counsel & Corporate SecretaryTelephone: +972 (3) 918-0000CyberArk Software Ltd.94 Em-Ha'moshavot RoadPark Ofer, P.O. Box 3143Petach Tikva 4970602, Israel(Name, telephone, e-mail and/or facsimile number and address of company contact person) Securities registered or to be registered pursuant to Section 12(b) of the Act:Title of each class Name of each exchange on which registeredOrdinary shares, par value NIS 0.01 per share The NASDAQ Stock Market LLC Securities registered or to be registered pursuant to Section 12(g) of the Act: None. Securities for which there is a reporting obligation pursuant to Section 15(d) of the Act: None. Indicate the number of outstanding shares of each of the issuer's classes of capital or common stock as of the close of the period covered by the annual report:As of December 31, 2016, the registrant had outstanding 34,250,590 ordinary shares, par value NIS 0.01 per share. Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes x No ☐ If this report is an annual or transition report, indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of theSecurities Exchange Act of 1934. Yes o No ☒ Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filingrequirements for the past 90 days. Yes x No ☐ Indicate by check mark whether the registrant has submitted electronically and posted on its corporate website, if any, every Interactive Data File required tobe submitted and posted pursuant to Rule 405 of Regulation S-T (§229.405 of this chapter) during the preceding 12 months (or for such shorter period thatthe registrant was required to submit and post such files). Yes x No ☐ Indicate by check mark whether the registrant is a large accelerated filer, an accelerated file, or a non-accelerated filer. See the definitions of "accelerated filer"and "large accelerated filer" in Rule 12b-2 of the Exchange Act (Check one): Large accelerated filer ☒Accelerated filer ☐Non-accelerated filer ☐ Indicate by check mark which basis for accounting the registrant has used to prepare the financing statements included in this filing: U.S. GAAP ☒International Financial Reporting Standards as issuedOther ☐ by the International Accounting Standards Board ☐ If "Other" has been checked in response to the previous question, indicate by check mark which financial statement item the registrant has elected to follow. ☐ Item 17 ☐ Item 18 If this is an annual report, indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ☐ No ☒ CYBERARK SOFTWARE LTD. FORM 20-FANNUAL REPORT FOR THE FISCAL YEAR ENDED DECEMBER 31, 2016 TABLE OF CONTENTS Introduction 1Special Note Regarding Forward-Looking Statements 1 PART I Item 1.Identity of Directors, Senior Management and Advisers 2Item 2.Offer Statistics and Expected Timetable 2Item 3.Key Information 2Item 4.Information on the Company 26Item 4A.Unresolved Staff Comments 35Item 5.Operating and Financial Review and Prospects 35Item 6.Directors, Senior Management and Employees 59Item 7.Major Shareholders and Related Party Transactions 76Item 8.Financial Information 79Item 9.The Offer and Listing 79Item 10.Additional Information 80Item 11.Quantitative and Qualitative Disclosures About Market Risk 92Item 12.Description of Securities Other Than Equity Securities 93 PART II Item 13.Defaults, Dividend Arrearages and Delinquencies 94Item 14.Material Modifications to the Rights of Security Holders and Use of Proceeds 94Item 15.Controls and Procedures 94Item 16.[Reserved] 95Item 16A.Audit Committee Financial Expert 95Item 16B.Code of Ethics 95Item 16C.Principal Accountant Fees and Services 95Item 16D.Exemptions from the Listing Standards for Audit Committees 96Item 16E.Purchases of Equity Securities by the Issuer and Affiliated Purchasers 96Item 16F.Change in Registrant's Certifying Accountant 96Item 16G.Corporate Governance 96Item 16H.Mine Safety Disclosure 96 PART III Item 17.Financial Statements 97Item 18.Financial Statements 97Item 19.Exhibits 97 INTRODUCTION In this annual report, the terms "CyberArk," "we," "us," "our" and "the company" refer to CyberArk Software Ltd. and its subsidiaries. This annual report includes statistical, market and industry data and forecasts, which we obtained from publicly available information and independentindustry publications and reports that we believe to be reliable sources. These publicly available industry publications and reports generally state that theyobtain their information from sources that they believe to be reliable, but they do not guarantee the accuracy or completeness of the information. Althoughwe believe that these sources are reliable, we have not independently verified the information contained in such publications. Certain estimates and forecastsinvolve uncertainties and risks and are subject to change based on various factors, including those discussed under the headings "Special Note RegardingForward-Looking Statements" and "Item 3.D Risk Factors" in this annual report. Throughout this annual report, we refer to various trademarks, service marks and trade names that we use in our business. The "CyberArk" design logo is theproperty of CyberArk Software Ltd. CyberArk® is our registered trademark in the United States. We have several other trademarks, service marks and pendingapplications relating to our products. In particular, although we have omitted the "®" and "™" trademark designations in this annual report from eachreference to our Privileged Account Security Solution, Enterprise Password Vault, SSH Key Manager, Privileged Session Manager, Privileged ThreatAnalytics, Application Identity Manager, Endpoint Privilege Manager, On-Demand Privileges Manager, secure Digital Vault, Web Management Interface,Master Policy Engine and Discovery Engine and DNA, all rights to such names and trademarks are nevertheless reserved. Other trademarks and service marksappearing in this annual report are the property of their respective holders. SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS In addition to historical facts, this annual report contains forward-looking statements within the meaning of Section 27A of the U.S. Securities Act of 1933, asamended, or the Securities Act, Section 21E of the U.S. Securities Exchange Act of 1934, as amended, or the Exchange Act, and the safe harbor provisions ofthe U.S. Private Securities Litigation Reform Act of 1995. These forward-looking statements are subject to risks and uncertainties, and include informationabout possible or assumed future results of our business, financial condition, results of operations, liquidity, plans and objectives. In some cases, you canidentify forward-looking statements by terminology such as "believe," "may," "estimate," "continue," "anticipate," "intend," "should," "plan," "expect,""predict," "potential," or the negative of these terms or other similar expressions. The statements we make regarding the following matters are forward-lookingby their nature: ·our expectations regarding revenues generated by our hybrid sales model; ·our expectations regarding our operating and net profit margins; ·our expectations regarding significant drivers of our future growth; ·our plans to continue to invest in research and development to develop on-premise and cloud-based products and services for both existing and newproducts; ·our plans to invest in sales and marketing efforts and expand our channel partnerships across existing and new geographies; ·our plans to hire additional new employees; ·our plans to leverage our global footprint in existing and new industry verticals to further expand our market share; ·our plans to pursue additional strategic acquisitions; ·our plans to pursue incremental sales by further expanding our customer success team; and ·our expectations regarding our tax classifications. The preceding list is not intended to be an exhaustive list of all of our forward-looking statements. The forward-looking statements are based on our beliefs,assumptions and expectations of future performance, taking into account the information currently available to us. These statements are only predictionsbased upon our current expectations and projections about future events. There are important factors that could cause our actual results, levels of activity,performance or achievements to differ materially from the results, levels of activity, performance or achievements expressed or implied by the forward-looking statements. In particular, you should consider the risks provided under "Item 3.D Risk Factors" in this annual report. You should not rely upon forward-looking statements as predictions of future events. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee that future results, levels of activity, performance and events and circumstances reflected in theforward-looking statements will be achieved or will occur. Except as required by law, we undertake no obligation to update publicly any forward-lookingstatements for any reason after the date of this annual report, to conform these statements to actual results or to changes in our expectations. 1 PART I ITEM 1. IDENTITY OF DIRECTORS, SENIOR MANAGEMENT AND ADVISERS Not applicable. ITEM 2. OFFER STATISTICS AND EXPECTED TIMETABLE Not applicable. ITEM 3. KEY INFORMATION A. Selected Financial Data The following tables set forth our selected consolidated financial data. You should read the following selected consolidated financial data in conjunctionwith "Item 5. Operating and Financial Review and Prospects" and our consolidated financial statements and related notes included elsewhere in this annualreport. Historical results are not necessarily indicative of the results that may be expected in the future. Our financial statements have been prepared inaccordance with U.S. Generally Accepted Accounting Principles, or U.S. GAAP. The selected consolidated statements of operations data for each of the years in the three-year period ended December 31, 2016 and the consolidated balancesheet data as of December 31, 2015 and 2016 are derived from our audited consolidated financial statements appearing elsewhere in this annual report. Theconsolidated statements of operations data for the years ended December 31, 2012 and 2013 and the consolidated balance sheet data as of December 31,2012, 2013 and 2014 are derived from our audited consolidated financial statements that are not included in this annual report. Year ended December 31, 2012 2013 2014 2015 2016 (in thousands except share and per share data) Consolidated Statements of Operations: Revenues: License $27,029 $38,907 $61,320 $100,113 $131,530 Maintenance and professional services 20,179 27,250 41,679 60,699 85,083 Total revenues 47,208 66,157 102,999 160,812 216,613 Cost of revenues: License 1,002 1,216 2,654 5,088 4,726 Maintenance and professional services 5,922 7,860 12,053 17,572 25,425 Total cost of revenues(1) 6,924 9,076 14,707 22,660 30,151 Gross profit 40,284 57,081 88,292 138,152 186,462 Operating expenses: Research and development(1) 7,273 10,404 14,400 21,734 34,614 Sales and marketing(1) 22,081 32,840 44,943 66,206 93,775 General and administrative(1) 3,297 4,758 8,495 16,990 22,117 Total operating expenses 32,651 48,002 67,838 104,930 150,506 Operating income 7,633 9,079 20,454 33,222 35,956 Financial income (expenses), net 4 (1,124) (5,988) (1,479) 245 Income before taxes on income 7,637 7,955 14,466 31,743 36,201 Tax benefit (taxes on income) 225 (1,320) (4,512) (5,949) (8,077)Net income $7,862 $6,635 $9,954 $25,794 $28,124 Basic net income per ordinary share(2) $0.51 $0.25 $0.46 $0.80 $0.83 Diluted net income per ordinary share(2) $0.31 $0.14 $0.34 $0.73 $0.78 Weighted average number of ordinary shares used incomputing basic net income per ordinary share(2) 6,592,997 6,900,433 13,335,059 32,124,772 33,741,359 Weighted average number of ordinary shares used incomputing diluted net income per ordinary share(2) 25,245,790 10,765,914 29,704,730 35,322,716 35,838,863 2 As of December 31, 2012 2013 2014 2015 2016 (in thousands) Consolidated Balance Sheet Data: Cash, cash equivalents, marketable securities and short-termbank deposits $45,995 $65,368 $177,181 $238,252 $295,475 Deferred revenue, current and long term 15,068 24,478 32,160 54,389 73,506 Working capital(3) 38,908 48,900 156,829 197,095 235,010 Total assets 64,379 89,632 210,552 334,424 403,031 Preferred share warrant liability 688 2,134 — — — Total shareholders' equity 38,494 45,846 155,008 246,670 296,216 (1)Includes share-based compensation expense as follows: Year ended December 31, 2012 2013 2014 2015 2016 (in thousands) Cost of revenues $32 $39 $137 $499 $1,386 Research and development 58 73 172 1,507 4,660 Sales and marketing 81 126 347 2,214 5,765 General and administrative 113 165 917 2,829 5,724 Total share-based compensation expenses $284 $403 $1,573 $7,049 $17,535 (2)Basic and diluted net income per ordinary share is computed based on the weighted average number of ordinary shares outstanding during each period.For additional information, see note 13 to our consolidated financial statements included elsewhere in this annual report. (3)We define working capital as total current assets minus total current liabilities. In 2015, we adopted Accounting Standard Update No. 2015-17, IncomeTaxes (Topic 740): Balance Sheet Classification of Deferred Taxes (ASU 2015-17) retrospectively and reclassified all of our current deferred tax assets tononcurrent deferred tax assets on our consolidated balance sheets data for all periods presented. As a result of such reclassifications, certain noncurrentdeferred tax liabilities as of December 31, 2012, 2013 and 2014 were netted with noncurrent deferred tax assets.3 Non-GAAP operating income and non-GAAP net income are non-GAAP financial measures. We define non-GAAP operating income and non-GAAP netincome as operating income and net income, respectively, which each exclude (i) share-based compensation expense, (ii) expenses related to the March 2015public offering of ordinary shares by certain of our shareholders and to the June 2015 public offering of ordinary shares by us and certain of our shareholders,(iii) expenses related to acquisitions and (iv) amortization of intangible assets related to acquisitions. Non-GAAP net income also excludes (i) financialexpenses resulting from the revaluation of warrants to purchase preferred shares and (ii) tax effects related to the non-GAAP adjustments set forth above. Thefollowing tables reconcile operating income and net income, the most directly comparable U.S. GAAP measures, to non-GAAP operating income and non-GAAP net income for the periods presented: 2012 2013 2014 2015 2016 Reconciliation of Operating Income to Non-GAAPOperating Income: Operating income $7,633 $9,079 $20,454 $33,222 $35,956 Share-based compensation 284 403 1,573 7,049 17,535 Public offering related expenses — — — 1,568 — Acquisition related expenses — — — 677 — Amortization of intangible assets – Cost of revenues — — — 359 1,420 Amortization of intangible assets – Research and development — — — 749 1,913 Amortization of intangible assets – Sales and marketing — — — 17 1,190 Non-GAAP operating income $7,917 $9,482 $22,027 $43,641 $58,014 4 Year ended December 31, 2012 2013 2014 2015 2016 (in thousands) Reconciliation of Net Income to Non-GAAP Net Income: Net income $7,862 $6,635 $9,954 $25,794 $28,124 Share-based compensation 284 403 1,573 7,049 17,535 Warrant adjustment 176 1,446 4,309 — — Public offering related expenses — — — 1,568 — Acquisition related expenses — — — 677 — Amortization of intangible assets – Cost of revenues — — — 359 1,420 Amortization of intangible assets – Research and development — — — 749 1,913 Amortization of intangible assets – Sales and marketing — — — 17 1,190 Taxes on income related to non-GAAP adjustments — — — (951) (4,937) Non-GAAP net income $8,322 $8,484 $15,836 $35,262 $45,245 For a description of how we use non-GAAP operating income and non-GAAP net income to evaluate our business, see "Item 5. Operating and FinancialReview and Prospects—Key Financial Metrics." We believe that these non-GAAP financial measures are useful in evaluating our business because of varyingavailable valuation methodologies, subjective assumptions and the variety of equity instruments that can impact a company's non-cash expenses andbecause they exclude one-time cash expenditures that do not reflect the performance of our core business. We believe that providing non-GAAP operatingincome and non-GAAP net income that exclude, as appropriate, share-based compensation expenses, expenses relating to public offerings of our ordinaryshares, financial expenses resulting from the valuation of warrants to purchase preferred shares, expenses related to acquisitions, amortization of intangibleassets related to acquisitions and the tax effects related to these non-GAAP adjustments allows for more meaningful comparisons between our operatingresults from period to period. Share-based compensation expense has been, and will continue to be for the foreseeable future, a significant recurring expensein our business and an important part of the compensation we provide to employees. Additionally, excluding financial expenses with respect to revaluationof warrants to purchase preferred shares allows for more meaningful comparison between our net income from period to period. As these warrants wereexercised in connection with our initial public offering, they are no longer revalued at each balance sheet date. We also believe that expenses related to thepublic offerings of our ordinary shares in March 2015 and June 2015, expenses related to our acquisitions and amortization of intangible assets related toacquisitions do not reflect the performance of our core business and would impact period-to-period comparability. 5 Other companies, including companies in our industry, may calculate non-GAAP operating income and non-GAAP net income differently or not at all, whichreduces their usefulness as a comparative measure. You should consider non-GAAP operating income and non-GAAP net income along with other financialperformance measures, including operating income and net income, and our financial results presented in accordance with U.S. GAAP. B.Capitalization and Indebtedness Not applicable. C.Reasons for the Offer and Use of Proceeds Not applicable. D.Risk Factors Our business faces significant risks. You should carefully consider all of the information set forth in this annual report and in our other filings with theUnited States Securities and Exchange Commission, or the SEC, including the following risk factors which we face and which are faced by our industry.Our business, financial condition and results of operations could be materially and adversely affected by any of these risks. In that event, the trading priceof our ordinary shares would likely decline and you might lose all or part of your investment. This report also contains forward-looking statements thatinvolve risks and uncertainties. Our results could materially differ from those anticipated in these forward-looking statements, as a result of certain factorsincluding the risks described below and elsewhere in this report and our other SEC filings. See "Special Note Regarding Forward-Looking Statements" onpage 1. Risks Related to Our Business and Our Industry The IT security market is rapidly evolving within the increasingly challenging cyber threat landscape and the use of hybrid on-premise and cloud-basedinfrastructure. If the industry does not continue to develop as we anticipate, our sales may not continue to grow at current rates or may decline, and ourshare price could decline. We operate in a rapidly evolving industry focused on securing organizations' IT systems and sensitive data. Our solutions focus on safeguarding privilegedaccounts, which are those accounts within an organization that give the user high levels of access, or "privileged" access, to IT systems, on-premise andcloud-based infrastructure, industrial control systems, applications and data. While breaches of such privileged accounts have gained media attention inrecent years, IT security spending within enterprises is often concentrated on endpoint and web security products designed to stop threats from penetratingcorporate networks. Organizations that use these security products may allocate all or most of their IT security budgets to these products and may not adoptour solutions in addition to such products. Organizations are moving portions of their data to be managed by third parties, primarily infrastructure, platformand application service providers, and may rely on such providers' internal security measures. Further, security solutions such as ours, which are focused ondisrupting cyber attacks by insiders and external perpetrators that have penetrated the organization's perimeter, is a relatively new technology that has beendeveloped to respond to advanced threats and more rigorous compliance standards and audit requirements. However, advanced cyber attackers are skilled atadapting to new technologies and developing new methods of gaining access to organizations' sensitive data. Changes in the nature of advanced cyberthreats could result in a shift in IT budgets away from solutions such as ours and require us to invest in new technologies in order to address such advancedthreats. In addition, any changes in compliance standards or audit requirements that deemphasize the types of controls, security, monitoring and analysis thatour solutions provide would adversely impact demand for our offerings. It is therefore difficult to predict how large the market will be for our solutions. Ifsolutions such as ours are not viewed by organizations as necessary, or if customers do not recognize the benefit of our solutions as a critical layer of aneffective security strategy, then our revenues may not continue to grow at their current rate or may decline, and our share price could suffer. 6 As we invest in the growth of our business, we expect our operating and net profit margins and our revenue growth rate to decline in the near-term. As we invest in the growth of our business, we expect our operating and net profit margins and our operating and net income to decline compared to priorperiods. During the year ended December 31, 2016, we did not experience such declines due to an increase in revenue at a rate that exceeded the increase inexpenses; however, in future periods, we expect our operating and net profit margins to decline, primarily as a result of the costs associated with expandingour direct and indirect sales forces and marketing activities, our increased rate of investment in research and development and our increased administrativecosts associated with scaling our business. We expect that these invested costs will adversely impact our operating and net profit margins as we may not beable to increase our revenue at a rate sufficient to offset the expected increase in our costs. It takes time and resources to train and integrate new sales forcemembers and to implement such infrastructure improvements across our global operations. In addition, costs associated with adding new personnel to oursales force are expensed before their positive impact on our sales is recognized, and even then a significant portion of any revenues that they generate frommaintenance and professional services are deferred over the delivery period of those services. Further, from the year ended December 31, 2012 to the yearended December 31, 2016 our revenue grew from $47.2 million to $216.6 million, which represents a compounded annual growth rate of approximately 46%.We expect that our revenue growth rate will decline as we continue to grow. A failure to meet market expectations regarding our revenue growth rate orprofitability could have an adverse effect on our share price. Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solutions or the provision of ourservices, or due to the failure of our customers, channel partners, managed service providers, or subcontractors to correctly implement, manage andmaintain our solutions, which may subject us to lawsuits and financial losses. Security products and solutions are complex in design and deployment, and may contain errors that are not capable of being remediated or detected untilafter their deployment. Any errors, defects, or misconfigurations could cause our products or services to be vulnerable to security attacks, cause them to fail tosecure networks, and negatively impact customer operations. Organizations are facing increasingly sophisticated, continuously changing, and targeted cyberthreats, including the growing threat of cyber terrorism throughout the world. Many attack methods cannot be detected the first time they are deployed orexploited. Further, as our market position continues to grow specifically in the security industry, an increasing number of hackers may begin to focus onfinding ways to defeat our products and services. If we fail to identify and respond to new and increasingly complex methods of attack on privileged accountsand update our products to detect or prevent such threats, which will require significant resources, our business and reputation will suffer. In particular, wemay suffer significant adverse publicity and reputational harm if our solutions (or the services we provide in relation to our solutions) are associated, or arebelieved to be associated, with a significant breach or a breach at a high profile customer or managed service provider network, or in the event of a breach inthird party systems utilized by us as part of our cloud-based security solution. In addition, our Endpoint Privilege Manager product is made available to our customers both as on-premise software and as software-as-a service (SaaS).Providing the software as a service involves the storage and transmission of customers’ policies for management of their network and operational proprietaryinformation related to their assets and users, security breaches or product defects in our SaaS solutions could result in loss or alteration of this data,unauthorized access to multiple customers’ data and ultimately lead to downtime or compromise of the customers’ systems on which our SaaS solution isinstalled. Further, the third party data hosting facilities used for the provision of our SaaS solutions are vulnerable to damages, interruptions or otherunanticipated problems that could result in disruption in the provision of these solutions. Any disruptions or other performance problems with our SaaSsolutions could harm our reputation and business, damage our customers’ businesses, subject us to potential liability and cause customers to terminate or notrenew their subscriptions to our SaaS solutions. False detection of threats (so-called "false positives"), while typical in our industry, may reduce perception of the reliability of our products and may thereforeadversely impact market acceptance of our products. If our solutions restrict legitimate privileged access by authorized personnel to IT systems andapplications by falsely identifying those users as an attack or otherwise unauthorized, our customers' businesses could be harmed. There can be no assurancethat, despite testing by us, errors will not be found in existing and new versions of our products, resulting in loss of or delay in market acceptance. In such anevent, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem. 7 As our solutions not only reinforce but also rely on the common security concept of placing multiple layers of security controls throughout an IT system, thefailure of our customers, channel partners, managed service providers or subcontractors to correctly implement and effectively manage and maintain oursolutions, or to consistently implement and utilize generally accepted and comprehensive, multi-layered security measures and processes in the customernetworks, may lessen the efficacy of our solutions. Additionally, our customers or our channel partners may independently develop plug-ins or changeexisting plug-ins or APIs that we provided to them for interfacing purposes in an incorrect or insecure manner. Such failure or these other customer andpartner actions may lead to breaches of our customers' IT systems and loss or alteration of sensitive data or systems, and potentially to a perception that oursolutions failed. Further, our failure to provide our customers and channel partners with adequate services related to the use, implementation and maintenanceof our solutions, could lead to claims against us. An actual or perceived security breach or theft of our customers' data, regardless of whether the breach or theft is attributable to the failure of our products (orthe services we provided in relation to our products), could adversely affect the market's perception of the efficacy of our solutions and current or potentialcustomers may look to our competitors for alternatives to our solutions. An actual or perceived failure of our products, or our failure to provide adequateservices to our customers and channel partners, may also subject us to lawsuits, indemnity claims and financial losses, as well as the expenditure ofsignificant financial resources to analyze, correct or eliminate any vulnerabilities. It could also cause us to suffer reputational harm, lose existing customers,or deter new and existing customers from purchasing our solutions, additional products or our services. Our quarterly results of operations may fluctuate for a variety of reasons, including our failure to close significant sales before the end of a particularquarter. A meaningful portion of our revenues is generated by significant sales, whether initial sales to new customers or additional sales to existing customers.Purchases of our products and services often occur at the end of each quarter, particularly in the last quarter of the year. In addition, our sales cycle can lastseveral months from proof of concept to delivery of our solutions to our customers, and this sales cycle can be even longer, less predictable and moreresource-intensive for larger sales. Customers may also require additional internal approvals or seek to test our products for a longer trial period beforedeciding to purchase our solutions. As a result, the timing of individual sales can be difficult to predict. In some cases, sales have occurred in a quartersubsequent to those we anticipated, or have not occurred at all, which can significantly impact our quarterly results and make it more difficult to meet marketexpectations. Furthermore, even if we close a sale during a given quarter we may be unable to recognize the revenues derived from such sale during the sameperiod due to our revenue recognition policy. See "Item 5.A. Operating and Financial Review and Prospects—Operating Results—Application of CriticalAccounting Policies and Estimates—Revenue Recognition." In addition to the sales cycle-related fluctuations noted above, our results of operations will continue to vary as a result of a number of factors, many of whichare outside of our control and may be difficult to predict, including: ☐our ability to attract and retain new customers; ☐our ability to sell additional products to current customers; ☐the ability of our service operation to keep pace with license sales to new and existing customers; ☐changes in customer or channel partner requirements or market needs; ☐changes in the growth rate of the information security market; ☐ the timing and success of new product and service introductions by us or our competitors or any other change in the competitive landscape ofthe information security market, including consolidation among our customers or competitors; ☐a disruption in, or termination of, our relationship with channel partners; ☐our ability to successfully expand our business globally; ☐reductions in maintenance renewal rates; ☐changes in our pricing policies or those of our competitors; ☐general economic conditions in our markets; 8 ☐future accounting pronouncements or changes in our accounting policies or practices; ☐the amount and timing of our operating costs; ☐a change in our mix of products and services; ☐increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates; and ☐introduction of new accounting pronouncements or changes in our accounting policies. Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period toperiod. These fluctuations could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meetsuch expectations for these or other reasons, the market price of our ordinary shares could fall substantially, and we could face costly lawsuits, includingsecurities class action suits. If we are unable to acquire new customers, our future revenues and operating results will be harmed. Our success depends, in part, on our ability to acquire new customers. The number of customers that we add in a given period impacts both our short-term andlong-term revenues. If we are unable to attract a sufficient number of new customers, we may be unable to generate revenue growth at desired rates. The ITsecurity market is competitive and many of our competitors have substantial financial, personnel, and other resources that they utilize to develop productsand attract customers. As a result, it may be difficult for us to add new customers to our customer base. Competition in the marketplace may also lead us towin fewer new customers or result in us providing discounts and other commercial incentives. Additional factors that impact our ability to acquire newcustomers include the perceived need for IT security, the size of our prospective customers' IT budgets, the utility and efficacy of our existing and newofferings, whether proven or perceived, and general economic conditions. These factors may have a meaningful negative impact on future revenues andoperating results. If we are unable to sell additional products and services to our existing customers, our future revenues and operating results will be harmed. A significant portion of our revenues are generated from sales to existing customers. Our future success depends, in part, on our ability to continue to sell newlicenses and incremental licenses to our existing customers. We devote significant efforts to developing, marketing and selling additional licenses andassociated maintenance and support to existing customers and rely on these efforts for a portion of our revenues. These efforts require a significant investmentin building and maintaining customer relationships, as well as significant research and development efforts in order to provide product upgrades and launchnew products. The rate at which our existing customers purchase additional products and services depends on a number of factors, including the perceivedneed for additional IT security, the efficacy of our solutions and the utility of our new offerings, whether proven or perceived, our customers' IT budgets,general economic conditions, our customers' overall satisfaction with the maintenance and professional services we provide and the continued growth andeconomic health of our customer base. If our efforts to sell additional products and services to our customers are not successful, our future revenues andoperating results will be harmed. We face intense competition from IT security vendors, some of which are larger and better known than we are, and we may lack sufficient financial orother resources to maintain or improve our competitive position. The IT security market in which we operate is characterized by intense competition, constant innovation and evolving security threats. We compete withcompanies that offer a broad array of IT security products. Our current and potential future competitors include CA, Inc., Quest Software Inc., InternationalBusiness Machines Corporation, Microsoft Corporation and Oracle Corporation in the access and identity management market. We also compete with smallercompanies that offer solutions at lower price points often with a more limited range of functionality than our own offerings. Further, we may face competitionin the future due to changes in the manner that organizations utilize IT assets and the security solutions applied to them, such as the provision of privilegedaccount security functionalities as part of public cloud providers' infrastructure offerings, or cloud-based identity management solutions. Limited IT budgetsmay also result in competition with providers of other advanced threat protection solutions such as Hewlett-Packard Enterprise Company, EMC Corporation(which was acquired by Dell Inc.), International Business Machines Corporation, FireEye, Inc., Splunk Inc., Check Point Software Technologies Ltd. and PaloAlto Networks, Inc. Some of our competitors are large companies that have the technical and financial resources and broad customer bases needed to bringcompetitive solutions to the market and already have existing relationships as a trusted vendor for other products. Such companies may use these advantagesto offer products and services that are perceived to be as effective as ours at a lower price or for free as part of a larger product package or solely inconsideration for maintenance and services fees. They may also develop different products to compete with our current solutions and respond more quicklyand effectively than we do to new or changing opportunities, technologies, standards or client requirements. Additionally, from time to time we may competewith smaller regional vendors that offer products with a more limited range of capabilities that purport to perform functions similar to our solutions. Suchcompanies may enjoy stronger sales and service capabilities in their particular regions. 9 Our competitors may enjoy potential competitive advantages over us, such as: ☐greater name recognition, a longer operating history and a larger customer base, notwithstanding the increased visibility of our brand followingour initial public offering; ☐larger sales and marketing budgets and resources; ☐broader distribution and established relationships with channel and distribution partners and customers; ☐increased effectiveness in protecting, detecting and responding to cyber attacks. ☐greater customer support resources; ☐greater speed at which a solution can be deployed; ☐greater resources to make acquisitions; ☐larger intellectual property portfolios; and ☐greater financial, technical and other resources Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance theirresources. Current or potential competitors may be acquired by third parties with greater available resources. As a result of such acquisitions, our current orpotential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of theirproducts and services, initiate or withstand substantial price competition, take advantage of other opportunities more readily or develop and expand theirproduct and service offerings more quickly than we do. Larger competitors with more diverse product offerings may reduce the price of products that competewith ours in order to promote the sale of other products or may bundle them with other products, which would lead to increased pricing pressure on ourproducts and could cause the average sales prices for our products to decline. In addition, other IT security technologies exist or could be developed in the future by current or future competitors, and our business could be materiallyand adversely affected if such technologies are widely adopted.We may not be able to successfully anticipate or adapt to changing technology or customer requirements on a timely basis, or at all. If we fail to keep up withtechnological changes or to convince our customers and potential customers of the value of our solutions even in light of new technologies, our business,results of operations and financial condition could be materially and adversely affected. If our internal IT network system is compromised by cyber attackers or other data thieves, public perception of our products and services will be harmed.We will not succeed unless the marketplace is confident that we provide effective IT security protection. We provide privileged account security products,and as such we may be an attractive target for attacks by cyber attackers or other data thieves since a breach of our system could provide data informationregarding not only us, but potentially regarding the customers that our solutions protect. Further, we may be targeted by cyber terrorists because we are anIsraeli company. From time to time, we encounter intrusion incidents and attempts, none of which to date has resulted in any material adverse impact to ourbusiness or operations. In addition, as our market position continues to grow specifically in the security industry, an increasing number of cyber attackersmay begin to focus on finding ways to penetrate our network systems, which might eventually affect our products and services. If we experience a significantsecurity breach, it could impair our ability to operate our business, including our ability to provide maintenance and support services to our customers. If thishappens, our revenues could decline and our business could suffer. Because we are in the computer security industry, an actual or perceived breach of ournetwork or privileged account security in our systems also could adversely affect the market perception of our products and services. 10 Our business and operations will be negatively affected if we fail to effectively manage our growth. We have experienced significant growth in a relatively short period of time and intend to continue to grow our business. Our revenues grew from $103.0million in 2014 to $216.6 million in 2016. Our headcount has increased from 430 as of December 31, 2014 to 823 as of December 31, 2016. We plan to hireadditional employees in 2017 across all areas of the organization. In addition, the number of customers that we serve has grown significantly over the sameperiod. Our rapid growth has placed significant demands on our management, sales and operational and financial infrastructure, and our growth will continueto place significant demands on these resources. Further, in order to manage our current and future growth effectively, we must continue to improve andexpand our IT and financial infrastructure, operating and administrative systems and controls and efficiently manage headcount, capital and processes. Wemay not be able to successfully scale or implement these improvements in a manner that keeps pace with our growth, is timely or efficient, and our failure todo so may materially impact our projected growth rate. If we do not effectively expand, train and retain our sales and marketing personnel, we may be unable to acquire new customers or sell additional productsand services to existing customers, and our business will suffer. We depend significantly on our sales force to attract new customers and expand sales to existing customers. We generate approximately 35% of our revenuesfrom direct sales. As a result, our ability to grow our revenues depends in part on our success in recruiting, training and retaining sufficient numbers of salespersonnel to support our growth, particularly in the United States. The number of our sales and marketing personnel increased from 294 as of December 31,2015 to 377 as of December 31, 2016. We expect to continue to expand our sales and marketing personnel significantly and face a number of challenges inachieving our hiring and integration goals. There is intense competition for individuals with sales training and experience. In addition, the training andintegration of a large number of sales and marketing personnel in a short time requires the allocation of significant internal resources. We invest significanttime and resources in training new sales force personnel to understand our solutions and growth strategy. Based on our past experience, it takes an average ofapproximately six to nine months before a new sales force member operates at target performance levels. However, we may be unable to achieve or maintainour target performance levels with large numbers of new sales personnel as quickly as we have done in the past. Our failure to hire a sufficient number ofqualified sales force members and train them to operate at target performance levels may materially and adversely impact our projected growth rate. We rely on channel partners, including systems integrators, distributors and value-added resellers, to generate a significant portion of our revenue. If wefail to maintain successful relationships with our channel partners, or if our channel partners fail to perform, our ability to market, sell and distribute oursolutions will be limited, and our business, financial position and results of operations will be harmed. In addition to our direct sales force, we rely on our channel partners to sell and support our solutions, particularly in Europe and the Asia Pacific and Japanregions. We expect that sales through our channel partners will continue to account for a significant percentage of our revenue. In the year ended December31, 2016, we generated approximately 65% of our revenues from sales to channel partners and we expect that channel partners will represent a substantialportion of our revenues for the foreseeable future. Our agreements with channel partners are non-exclusive, meaning our partners may offer customers ITsecurity products from other companies, including products that compete with our solutions. If our channel partners do not effectively market and sell oursolutions, or choose to use greater efforts to market and sell their own products and services or the products and services of our competitors, our ability togrow our business will be adversely affected. Our channel partners may cease or deemphasize the marketing of our solutions with limited or no notice andwith little or no penalty. Further, new channel partners require training and may take several months or more to achieve productivity. The loss of a substantialnumber of our channel partners, the inability to replace them or the failure to recruit additional channel partners could materially and adversely affect ourresults of operations. Our reliance on channel partners could also subject us to lawsuits or reputational harm if, for example, a channel partner misrepresentsthe functionality of our solutions to customers or violates laws or our corporate policies. Our ability to grow revenues in the future will depend in part on oursuccess in maintaining successful relationships with our channel partners and training our channel partners to independently sell and install our solutions. Ifwe are unable to maintain our relationship with channel partners or otherwise develop and expand our indirect sales channel, or if our channel partners fail toperform, our business, financial position and results of operations could be adversely affected. 11 If we do not successfully anticipate market needs and enhance our existing products or develop or acquire new products that meet those needs on a timelybasis, we may not be able to compete effectively and our ability to generate revenues will suffer. Our customers operate in markets characterized by rapidly changing technologies and business plans, which require them to adapt to increasingly complex ITinfrastructures and usage models that incorporate a variety of software applications, software as a service, public and private cloud environments, hybrid on-premise and cloud environments, operating systems and networking protocols and mobile devices. As our customers' technologies and business plans growmore complex, we expect them to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our solutionseffectively identify and respond to these advanced and evolving attacks without disrupting the performance of our customers' IT systems. As a result, we mustcontinually modify and improve our products in response to changes in our customers' IT and industrial control infrastructures. We cannot guarantee that we will be able to anticipate future market needs and opportunities or be able to develop or acquire product enhancements or newproducts to meet such needs or opportunities in a timely manner, if at all. Even if we are able to anticipate, develop and commercially introduceenhancements and new products, there can be no assurance that enhancements or new products will achieve widespread market acceptance. Our product enhancements or new products could fail to attain sufficient market acceptance for many reasons, including: ☐delays in releasing product enhancements or new products; ☐failure to accurately predict market demand and to supply products that meet this demand in a timely fashion; ☐inability to interoperate effectively with the existing or newly introduced technologies, systems or applications of our existing and prospectivecustomers; ☐inability to protect against new types of attacks or techniques used by cyber attackers or other data thieves; ☐defects in our products, errors or failures of our solutions to secure privileged accounts; ☐negative publicity about the performance or effectiveness of our products; ☐introduction or anticipated introduction of competing products by our competitors; ☐installation, configuration or usage errors by our customers; ☐easing or changing of regulatory requirements related to security; and ☐reluctance of customers to purchase products incorporating open source software. If we fail to anticipate market requirements or fail to develop and introduce product enhancements or new products to meet those needs in a timely manner, itcould cause us to lose existing customers and prevent us from gaining new customers, which would significantly harm our business, financial condition andresults of operations. 12 If our products fail to help our customers achieve and maintain compliance with certain government regulations and industry standards, our business andresults of operations could be materially and adversely affected. We generate a substantial portion of our revenues from our products and services because they enable our customers to achieve and maintain compliancewith certain government regulations and industry standards, and we expect that will continue for the foreseeable future. Examples of industry standards andgovernment regulations include the Payment Card Industry Data Security Standard (PCI-DSS); the Federal Information Security Management Act (FISMA);the Sarbanes-Oxley Act; the North American Electric Reliability Corporation Critical Infrastructure Protection Plan (NERC-CIP); and the Monetary Authorityof Singapore's Technology Risk Management Notices (MAS TRM). These industry standards may change with little or no notice, including changes thatcould make them more or less onerous for businesses. In addition, governments may also adopt new laws or regulations, or make changes to existing laws orregulations, some of which may conflict with each other, that could impact whether our solutions enable our customers to maintain compliance with suchlaws or regulations. If we are unable to adapt our solutions to changing government regulations and industry standards in a timely manner, or if our solutionsfail to expedite our customers' compliance initiatives, our customers may lose confidence in our products and could switch to products offered by ourcompetitors. In addition, if government regulations and industry standards related to IT security are changed in a manner that makes them less onerous, ourcustomers may view compliance as less critical to their businesses, and our customers may be less willing to purchase our products and services. In eithercase, our sales and financial results would suffer. If we are unable to hire, retain and motivate qualified personnel, our business will suffer. Our future success depends, in part, on our ability to continue to attract and retain highly skilled personnel. Our inability to attract or retain qualifiedpersonnel or delays in hiring required personnel may seriously harm our business, financial condition and results of operations. Any of our employees mayterminate their employment at any time. Competition for highly skilled personnel, specifically engineers for Research & Development positions, isfrequently intense, especially in Israel, where we are headquartered. Further, certain of our employees are substantially vested in significant equity incentiveplans, and their ability to exercise those options and sell their shares in the public market may result in a larger than normal turn-over rate. We may struggleto retain employees and due to our profile and market position competitors may actively seek to hire skilled personnel away from us. Furthermore, from timeto time we have been subject to allegations that employees that have been hired from competitors may have been improperly solicited or divulgedproprietary or other confidential information. Failure by us or our channel partners to maintain sufficient levels of customer support could have a material adverse effect on our business, financialcondition and results of operations. Our customers depend in large part on customer support and professional services delivered through our channel partners or by us to resolve issues relating tothe use of our solutions. However, even with our support and that of our channel partners, our customers are ultimately responsible for effectively using oursolutions and ensuring that their IT staff is properly trained in the use of our products and complementary security products and processes. The failure of ourchannel partners to support and train our customers in the correct use of our solutions, or their failure to effectively assist customers in installing our solutionsand providing effective ongoing support, may result in an increase in the vulnerability of our customers' IT systems and sensitive data. Additionally, if ourchannel partners do not effectively provide support and professional services to the satisfaction of our customers, we may be required to provide support tosuch customers, which would require us to invest in additional personnel, which requires significant time and resources. We may not be able to keep up withdemand, particularly if the sales of our solutions exceed our internal forecasts. To the extent that we or our channel partners are unsuccessful in hiring,training and retaining adequate support resources, our ability and the ability of our channel partners to provide adequate and timely support to our customerswill be negatively impacted, and our customers' satisfaction with our products will be adversely affected. Accordingly, our failure to provide satisfactorymaintenance and technical support services could have a material and adverse effect on our business and results of operations. We may fail to fully integrate, or realize the benefits expected from acquisitions, which may require significant management attention, disrupt ourbusiness, dilute shareholder value and adversely affect our results of operations. As part of our business strategy and in order to remain competitive, we continue to evaluate acquiring or making investments in complementary companies,products or technologies. We may not be able to find suitable acquisition candidates or be able to complete such acquisitions on favorable terms. If wecomplete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions we complete could be viewednegatively by our customers, analysts and investors. In addition, if we are unsuccessful at integrating our acquisitions or the technologies associated withsuch acquisitions or to fully attain the expected benefits of these acquisitions, our revenues and results of operations could be adversely affected. Anyintegration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluateor utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. Inaddition, despite our review of acquired technology, we could become subject to infringement claims from third parties as a result of our use of such acquiredtechnology. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our shareholders. The incurrence ofindebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage ouroperations. 13 If our products do not effectively interoperate with our customers' existing or future IT infrastructures, installations could be delayed or cancelled, whichcould harm our business. Our products must effectively interoperate with our customers' existing or future IT infrastructures, which often have different specifications, utilize multipleprotocol standards, deploy products from multiple vendors and contain multiple generations of products that have been added over time. If we find errors inthe existing software or defects in the hardware used in our customers' infrastructure or problematic network configurations or settings, we may have tomodify our software so that our products will interoperate with our customers' infrastructure and business processes. In addition, to stay competitive withincertain markets, we may be required to make software modifications in future releases to comply with new statutory or regulatory requirements. These issuescould result in longer sales cycles for our products and order cancellations, either of which could adversely affect our business, results of operations andfinancial condition. Our research and development efforts may not produce successful products or enhancements to our solutions that result in significant revenue or otherbenefits in the near future, if at all. We expect to continue to dedicate significant financial and other resources to our research and development efforts in order to maintain our competitiveposition. For example, in 2016, we increased our dedicated research and development personnel by 16% compared to 2015. However, investing in researchand development personnel, developing new products and enhancing existing products is expensive and time consuming, and there is no assurance that suchactivities will result in significant new marketable products or enhancements to our products, design improvements, cost savings, revenues or other expectedbenefits. If we spend significant time and effort on research and development and are unable to generate an adequate return on our investment, our businessand results of operations may be materially and adversely affected. Intellectual property claims may increase our costs or require us to cease selling certain products, which could adversely affect our financial condition andresults of operations. The IT security industry is characterized by the existence of a large number of relevant patents and frequent claims and related litigation regarding patent andother intellectual property rights. In particular, leading companies in the IT security industry have extensive patent portfolios. From time to time, third-partieshave asserted and may assert their patent, copyright, trademark and other intellectual property rights against us, our channel partners or our customers.Furthermore, we may be subject to indemnification obligations with respect to third-party intellectual property rights pursuant to our agreements with ourcustomers and channel partners. Such indemnification provisions are customary for our industry. Successful claims of infringement or misappropriation by athird-party against us or a third-party that we indemnify could prevent us from distributing certain products or performing certain services or could require usto pay substantial damages (including, for example, treble damages if we are found to have willfully infringed patents and increased statutory damages if weare found to have willfully infringed copyrights), royalties or other fees. Such claims also could require us to cease making, licensing or using solutions thatare alleged to infringe or misappropriate the intellectual property of others, to expend additional development resources to attempt to redesign our productsor services or otherwise to develop non-infringing technology, to enter into potentially unfavorable royalty or license agreements in order to obtain the rightto use necessary technologies or intellectual property rights, and to indemnify our customers and partners (and parties associated with them). Even if thirdparties may offer a license to their technology, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costsassociated with any license could cause our business, results of operations or financial condition to be materially and adversely affected. Defending againstclaims of infringement or being deemed to be infringing the intellectual property rights of others could impair our ability to innovate, develop, distribute andsell our current and planned products and services. If we are unable to ensure that we are not violating the intellectual property rights of others, our financialposition may be adversely affected. 14 Regulatory data privacy concerns, evolving regulations of cloud computing, cross-border data transfer restrictions and other domestic or foreignregulations may limit the use and adoption of, or require modification of, our products and services, which could limit our ability to attract new customersor support our current customers thus reducing our revenues, harming our operating results and adversely affecting our business. Regulation related to the provision of services on the Internet is increasing, as federal, state and foreign governments continue to adopt new laws andregulations addressing data privacy and the collection, processing, storage and use of personal information. Such laws and regulations are subject to newand differing interpretations and may be inconsistent among jurisdictions. These and other regulatory requirements could restrict our ability to store andprocess data as part of our SaaS solutions, or, in some cases, impact our ability to offer our SaaS products in certain jurisdictions. Such laws may also impactour customers' ability to deploy certain of our solutions globally, to the extent they utilize our products for storing personal information that they store andprocess. In addition, in many cases these privacy laws apply not only to transfers of information to third parties, but also within an enterprise, including ourcompany or our customers. The costs of compliance with, and other burdens imposed by, such laws, regulations and standards may require resources to createnew products or modify existing products, lead to us being subject to significant fines, penalties or liabilities for noncompliance, and may slow the pace atwhich we close sales transactions, any of which could harm our business. We are subject to a number of risks associated with global sales and operations. Business practices in the global markets that we serve may differ from those in the United States and may require us to include non-standard terms incustomer contracts, such as extended payment or warranty terms. To the extent that we enter into customer contracts that include non-standard terms relatedto payment, warranties, or performance obligations, our results of operations may be adversely impacted. Additionally, our global sales and operations are subject to a number of risks, including the following: ☐higher costs of doing business globally, including costs incurred in maintaining office space, securing adequate staffing and localizing ourcontracts; ☐ fluctuations in exchange rates between the U.S. dollar and foreign currencies in markets where we do business (See "—We are exposed tofluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations"); ☐greater difficulty in enforcing contracts and managing collections, as well as longer collection periods; ☐management communication and integration problems resulting from cultural and geographic dispersion; ☐risks associated with trade restrictions and foreign legal requirements, including any importation, certification, and localization of our platformthat may be required in foreign countries; ☐greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties; ☐compliance with anti-bribery laws, including, without limitation, compliance with the U.S. Foreign Corrupt Practices Act and the UK Anti-Bribery Act; ☐ heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impactfinancial results and result in restatements of, or irregularities in, financial statements; ☐reduced or uncertain protection of intellectual property rights in some countries; ☐social, economic and political instability, terrorist attacks and security concerns in general; and ☐potentially adverse tax consequences. These and other factors could harm our ability to generate future global revenues and, consequently, materially impact our business, results of operations andfinancial condition. 15 If we are unable to adequately protect our proprietary technology and intellectual property rights, our business could suffer substantial harm. The success of our business depends on our ability to protect our proprietary technology, brands and other intellectual property and to enforce our rights inthat intellectual property. We attempt to protect our intellectual property under patent, copyright, trademark and trade secret laws, and through a combinationof confidentiality procedures, contractual provisions and other methods, all of which offer only limited protection. As of December 31, 2016, we had 5 issued patents in the United States, 2 provisional U.S. patent applications and 15 pending U.S. patent applications. Wealso had 3 International PCT applications as well as 3 issued patents and 14 applications pending for examination in non-U.S. jurisdictions, all of which arecounterparts of our U.S. patent applications. We expect to file additional patent applications in the future. The process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patentapplications at a reasonable cost or in a timely manner all the way through to the successful issuance of a patent. We may choose not to seek patentprotection for certain innovations and may choose not to pursue patent protection in certain jurisdictions. Furthermore, it is possible that our patentapplications may not issue as granted patents, that the scope of our issued patents will be insufficient or not have the coverage originally sought, that ourissued patents will not provide us with any competitive advantages, and that our patents and other intellectual property rights may be challenged by others orinvalidated through administrative processes or litigation. In addition, issuance of a patent does not guarantee that we have an absolute right to practice thepatented invention. Our policy is to require our employees (and our consultants and service providers that develop intellectual property included in ourproducts) to execute written agreements in which they assign to us their rights in potential inventions and other intellectual property created within the scopeof their employment (or, with respect to consultants and service providers, their engagement to develop such intellectual property), but we cannot be certainthat we have adequately protected our rights in every such agreement or that we have executed an agreement with every such party. Finally, in order tobenefit from the protection of patents and other intellectual property rights, we must monitor and detect infringement and pursue infringement claims incertain circumstances in relevant jurisdictions, all of which are costly and time-consuming. As a result, we may not be able to obtain adequate protection or toeffectively enforce our issued patents or other intellectual property rights. In addition to patents, we rely on trade secret rights, copyrights and other rights to protect our unpatented proprietary intellectual property and technology.Despite our efforts to protect our proprietary technologies and our intellectual property rights, unauthorized parties, including our employees, consultants,service providers or customers, may attempt to copy aspects of our products or obtain and use our trade secrets or other confidential information. Wegenerally enter into confidentiality agreements with our employees, consultants, service providers, vendors, channel partners, subcontractors and customers,and generally limit access to and distribution of our proprietary information and proprietary technology through certain procedural safeguards. Theseagreements may not effectively prevent unauthorized use or disclosure of our intellectual property or technology and may not provide an adequate remedy inthe event of unauthorized use or disclosure of our intellectual property or technology. We cannot be certain that the steps taken by us will preventmisappropriation of our intellectual property or technology or infringement of our intellectual property rights. In addition, the laws of some foreign countrieswhere we sell our products do not protect intellectual property rights and technology to the same extent as the laws of the United States, and these countriesmay not enforce these laws as diligently as government agencies and private parties in the United States. Based on the 2016 report on intellectual propertyrights protection and enforcement published by the Office of the United States Trade Representative, such countries included Algeria, Argentina, Chile,China, India, Indonesia, Kuwait, Russia, Thailand, Ukraine and Venezuela (designated as priority watch list countries). If we are unable to protect ourintellectual property, we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time and effort required tocreate the innovative products that have enabled us to be successful to date. 16 We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations. Our functional and reporting currency is the U.S. dollar and we generate a majority of our revenues in U.S. dollars. In 2016, the majority of our revenues weredenominated in U.S. dollars and the remainder primarily in euros and British pounds sterling. In 2016, the substantial majority of our cost of revenues andoperating expenses were denominated in U.S. dollars and New Israeli Shekels (NIS), and the remainder primarily in euros and British pounds sterling. Ourforeign currency-denominated expenses consist primarily of personnel, rent and other overhead costs. Since a significant portion of our expenses is incurredin NIS and is substantially greater than our revenues in NIS, any appreciation of the NIS relative to the U.S. dollar would adversely impact our net income. Inaddition, since the portion of our revenues generated in euros and British pounds sterling is greater than our expenses incurred in euros and British poundssterling, respectively, any depreciation of the euro or the British pounds sterling relative to the U.S. dollar would adversely impact our net income. Weestimate that a 10% strengthening or weakening in the value of the NIS against the U.S. dollar would have decreased or increased, respectively, our netincome by approximately $4.0 million in 2016. We estimate that a 10% strengthening or weakening in the value of the euro against the U.S. dollar wouldhave increased or decreased, respectively, our net income by approximately $1.1 million in 2016. We estimate that a 10% strengthening or weakening in thevalue of the British pounds sterling against the U.S. dollar would have increased or decreased, respectively, our net income by approximately $0.3 million in2016. These estimates of the impact of fluctuations in currency exchange rates on our historic results of operations may be different from the impact offluctuations in exchange rates on our future results of operations since the mix of currencies comprising our revenues and expenses may change. We evaluateperiodically the various currencies to which we are exposed and take hedging measures to reduce the potential adverse impact from the appreciation or thedepreciation of our non U.S. dollar-denominated operations, as appropriate. We expect that the majority of our revenues will continue to be generated in U.S.dollars with the balance in euros and British pounds sterling for the foreseeable future and that a significant portion of our expenses will continue to bedenominated in NIS, U.S. dollars, British pounds sterling and in euros. We cannot provide any assurances that our hedging activities will be successful inprotecting us from adverse impacts from currency exchange rate fluctuations. See "Item 11—Quantitative and Qualitative Disclosures About Market Risk—Foreign Currency Risk." The economic effects of "Brexit" may affect relationships with existing and future customers and could have an adverse impact on our business andoperating results. On June 23, 2016, the United Kingdom (the "U.K.") held a referendum in which voters approved an exit from the European Union ("E.U."), commonly referredto as "Brexit." On February 8, 2017, the U.K.'s House of Commons approved a bill authorizing the government to start exit talks with the European Union.The impact on us from Brexit will depend, in part, on the outcome of tariff, trade, regulatory and other negotiations. As a result of the referendum, the global markets and certain currencies were adversely impacted, including a sharp decline in the value of the British poundas compared to the U.S. dollar, which led to decrease in our revenues generated from sales in the U.K. A potential further devaluation of the British pound, aswell as the euro, relative to the U.S. dollar may impair the purchasing power of buyers in the U.K. and E.U. and could cause those buyers to decrease theirpurchase of our products and services. Volatility in the foregoing exchange rates resulting from Brexit may continue as the U.K. negotiates its exit from the E.U. We translate sales and other resultsdenominated in foreign currency into U.S. dollars for our financial statements. During periods of a strengthening U.S. dollar, our reported international salesand earnings would be reduced because these currencies would translate into fewer U.S. dollars. Brexit could lead to legal uncertainty and potentially divergent national laws and regulations as the U.K. determines which E.U. laws to replace or replicate,and those laws and regulations may be cumbersome, difficult or costly in terms of compliance. Any of these effects of Brexit, among other factors, couldadversely affect our business, financial condition, operating results and cash flows. Prolonged economic uncertainties or downturns in certain regions or industries could materially adversely affect our business. Our business depends on our current and prospective customers' ability and willingness to invest money in IT security, which in turn is dependent upon theiroverall economic health. Negative economic conditions in the global economy or certain regions such as U.S. or Europe, including conditions resulting fromfinancial and credit market fluctuations, could cause a decrease in corporate spending on information security software. In 2016, we generated 58.1% of ourrevenues from the United States, 31.4% of our revenues from Europe, the Middle East and Africa and 10.5% from the rest of the world, which includescountries from Asia Pacific and Japan region, Latin America region and Canada. 17 In addition, a significant portion of our revenues is generated from customers in the financial services industry, including banking and insurance. Negativeeconomic conditions may cause customers generally and in that industry in particular to reduce their IT spending. Customers may delay or cancel IT projects,choose to focus on in-house development efforts or seek to lower their costs by renegotiating maintenance and support agreements. To the extent purchasesof licenses for our software are perceived by customers and potential customers to be discretionary, our revenues may be disproportionately affected bydelays or reductions in general IT spending. If the economic conditions of the general economy or industries in which we operate worsen from present levels,our results of operation could be adversely affected. We rely significantly on revenues from maintenance and support contracts, which we recognize ratably over the term of the associated contract and, to alesser extent, from professional services contracts, which we recognize as services are performed, and downturns in sales of these contracts are notimmediately reflected in full in our quarterly operating results. Maintenance and support and professional services revenues accounted for 39% of our total revenues in 2016. Sales of maintenance and support andprofessional services may decline or fluctuate as a result of a number of factors, including the number of product licenses we sell, our customers' level ofsatisfaction with our products and services, the prices of our products and services, the prices of products and services offered by our competitors orreductions in our customers' spending levels. If our sales of maintenance and support and professional services contracts decline, our revenues or revenuegrowth may decline and our business will suffer. We recognize revenues from maintenance and support contracts ratably on a straight-line basis over the termof the related contract which is typically one year and, to a lesser extent, three years, and from professional services as services are performed. As a result, ameaningful portion of the revenues we report each quarter results from the recognition of deferred revenues from maintenance and support and professionalservices contracts entered into during previous quarters. Consequently, a decline in the number or size of such contracts in any one quarter will not be fullyreflected in revenues in that quarter, but will negatively affect our revenues in future quarters. Accordingly, the effect of significant downturns inmaintenance and support and professional services contracts would not be reflected in full in our results of operations until future periods. A portion of our revenues is generated by sales to government entities, which are subject to a number of challenges and risks, such as increased competitivepressures, administrative delays and additional approval requirements. A portion of our revenues is generated by sales to U.S. and foreign federal, state and local governmental agency customers, and we may in the future increasesales to government entities. Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive,expensive and time consuming, often requiring significant upfront time and expense without any assurance that we will complete a sale. Government demandand payment for our products and services may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delaysadversely affecting public sector demand for our products. Additionally, for purchases by the U.S. government, the government may require certain productsto be manufactured in the United States and other high cost manufacturing locations, and we may not manufacture all products in locations that meet therequirements of the U.S. government. Finally, some government entities require our products to be certified by industry-approved security agencies as a pre-condition of purchasing our products. The grant of such certifications depends on the then-current requirements of the certifying agency. We cannot becertain that any certificate will be granted or renewed or that we will be able to satisfying the technological and other requirements to maintain certifications.The loss of any of our product certificates, or the failure to obtain new ones, could cause us to suffer reputational harm, lose existing customers, or deter newand existing customers from purchasing our solutions, additional products or our services. We are subject to governmental export and import controls that could subject us to liability in the event of non-compliance or impair our ability tocompete in international markets. We incorporate encryption capabilities into certain products and these products are subject to U.S. export control requirements. We are also subject to Israeliexport controls on encryption technology since our product development initiatives are primarily conducted in Israel. If the applicable U.S. or Israelirequirements regarding the export of encryption technology were to change or if we change the encryption functionality in our products, we may need tosatisfy additional requirements or obtain specific permissions (licenses) in the United States or Israel in order to continue to export our products to the samerange of customers and countries as we presently do. There can be no assurance that we will be able to satisfy such additional requirements or obtain specificlicenses under these circumstances in either the United States or Israel. Furthermore, various other countries regulate the import of certain encryption productsand technology, including import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our products orcould limit our customers' ability to implement our products in those countries. 18 We are also subject to U.S., Israeli and other applicable export control and economic sanctions laws, which prohibit the export or sale of certain products orservices to embargoed or sanctioned countries, governments and persons. Our products could be exported to these sanctioned targets by our channel partnersdespite our due diligence and the contractual undertakings they have given us and any such export could have negative consequences, includinggovernment investigations, penalties and reputational harm. Any change in export or import regulations, economic sanctions or related legislation, shift inthe enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could resultin decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations.Any decreased use of our products or limitation on our ability to export or sell our products and services would likely adversely affect our business, financialcondition and results of operations. In addition, in the future we may be subject to defense-related export controls. For example, currently our solutions are not subject to supervision under theIsraeli Defense Export Control Law, 5767-2007, but if they were used for purposes that are classified as defense-related or if they fall under "dual-use goodsand technology" as referred to below, we could become subject to such regulation. In particular, under the Israeli Defense Export Control Law, 5767-2007, anIsraeli company may not conduct "defense marketing activity" without a defense marketing license from the Israeli Ministry of Defense (MOD) and may besubject to a requirement to obtain a specific license from the MOD for any export of defense related products and/or knowhow. The definition of defensemarketing activity is broad and includes any marketing of "defense equipment," "defense knowhow" or "defense services" outside of Israel, which includes"dual-use goods and technology," (material and equipment intended in principle for civilian use and that can also be used for defensive purposes, such as ourcybersecurity solutions) that is specified in the list of Goods and Dual-Use Technology annexed to the Wassenaar Arrangement on Export Controls forConventional Arms and Dual-Use Goods and Technologies, if intended for defense use only, or is specified under Israeli legislation. "Dual-use goods andtechnology" will be subject to control by the Ministry of Economy if intended for civilian use only. In December 2013, regulations under the WassenaarArrangement included for the first time a chapter on cyber-related matters, which chapter was last amended in December 2016. We believe that our productsdo not fall under this chapter; however, in the future we may become subject to this regulation or similar regulations, which would limit our sales andmarketing activities and could therefore have an adverse effect on our results of operations. Similar issues could arise under the U.S. defense/military exportcontrols under the Arms Export Control Act and the International Traffic in Arms Regulations. Accordingly, there can be no assurance whether our solutionswould be impacted by any potential new regulations pertaining to cybersecurity products and services similar to those provided by us, and what impactpotential new regulations would have on our sales or our costs relating to compliance. Our use of open source software, third-party software and other intellectual property may expose us to risks. We use open source software and expect to continue to use open source software in the future. Some open source software licenses require users whodistribute or make available as a service open source software as part of their own software product to publicly disclose all or part of the source code of theusers' developed software or to make available any derivative works of the open source code on unfavorable terms or at no cost. We may face ownershipclaims of third parties over, or seeking to enforce the license terms applicable to, such open source software, including by demanding the release of the opensource software, derivative works or our proprietary source code that was developed using such software. In addition, if the license terms for the open sourcecode change, we may be forced to re-engineer our software or incur additional costs. 19 Further, some of our products and services include software or other intellectual property licensed from third parties, and we otherwise use software and otherintellectual property licensed from third parties in our business. This exposes us to risks over which we may have little or no control. For example, a licensormay have difficulties keeping up with technological changes or may stop supporting the software or other intellectual property that it licenses to us. Therecan be no assurance that the licenses we use will be available on acceptable terms, if at all. In addition, a third party may assert that we or our customers are inbreach of the terms of a license, which could, among other things, give such third party the right to terminate a license or seek damages from us, or both. Ourinability to obtain or maintain certain licenses or other rights or to obtain or maintain such licenses or rights on favorable terms, or the need to engage inlitigation regarding these matters, could result in delays in releases of new products, and could otherwise disrupt our business, until equivalent technologycan be identified, licensed or developed.Risks Related to Our Ordinary Shares Our share price may be volatile, and you may lose all or part of your investment. Our ordinary shares were first offered publicly in our initial public offering in September 2014, at a price of $16.00 per share. Certain of our shareholders soldour ordinary shares in a public offering in March 2015. Subsequently, we issued and sold our ordinary shares and certain of our shareholders sold additionalordinary shares in a public offering in June 2015. Since our initial public offering in September 2014, our ordinary shares have traded as high as $76.35 pershare and as low as $22.12 per share through February 28, 2017. In addition, the market price of our ordinary shares could be highly volatile and mayfluctuate substantially as a result of many factors, some of which are beyond our control, including, but not limited to: ·actual or anticipated fluctuations in our results of operations and the results of other similar companies; ·variance in our financial performance from the expectations of market analysts; ·announcements by us or our competitors of significant business developments, changes in service provider relationships, acquisitions orexpansion plans; ·changes in the prices of our products and services; ·our involvement in litigation; ·our sale of ordinary shares or other securities in the future; ·market conditions in our industry; ·changes in key personnel; ·speculation in the press or the investment community; ·the trading volume of our ordinary shares; ·changes in the estimation of the future size and growth rate of our markets; ·any merger and acquisition activities; and ·general economic and market conditions. In addition, the stock markets have experienced extreme price and volume fluctuations. Broad market and industry factors may materially harm the marketprice of our ordinary shares, regardless of our operating performance. In the past, following periods of volatility in the market price of a company's securities,securities class action litigation has often been instituted against that company. If we were involved in any similar litigation we could incur substantial costsand our management's attention and resources could be diverted. If securities or industry analysts cease to publish research or publish inaccurate or unfavorable research reports about our business, our share price andtrading volume could decline. The trading price for our ordinary shares is affected by any research or reports that securities or industry analysts publish about us or our business. If one ormore of the analysts who cover us or our business publish inaccurate or unfavorable research about us or our business, and in particular, if they downgradetheir evaluations of our ordinary shares, the price of our ordinary shares would likely decline. If one or more of these analysts cease coverage of our company,we could lose visibility in the market for our ordinary shares, which in turn could cause our share price to decline. 20 As a foreign private issuer whose shares are listed on the NASDAQ Stock Market, or NASDAQ, we may follow certain home country corporate governancepractices instead of otherwise applicable SEC and NASDAQ requirements, which may result in less protection than is accorded to investors under rulesapplicable to domestic U.S. issuers. As a foreign private issuer whose shares are listed on the NASDAQ Global Select Market, we are permitted to follow certain home country corporategovernance practices instead of certain rules of NASDAQ. We currently follow Israeli home country practices with regard to the quorum requirement forshareholder meetings and NASDAQ requirements relating to distribution of our annual report to shareholders. As permitted under the Israeli Companies Law,5759-1999, or the Companies Law, our articles of association provide that the quorum for any meeting of shareholders shall be the presence of at least twoshareholders present in person or by proxy who hold at least 25% of the voting power of our shares instead of 33 1/3% of our issued share capital (asprescribed by NASDAQ's rules). Further, as permitted by the Companies Law and in accordance with the generally accepted business practice in Israel, we donot distribute our annual report to shareholders but make it available through a public website. We may in the future elect to follow Israeli home countrypractices with regard to other matters such as the formation and composition of the nominating and corporate governance committee, separate executivesessions of independent directors and the requirement to obtain shareholder approval for certain dilutive events (such as for the establishment or amendmentof certain equity-based compensation plans, issuances that will result in a change of control of the company, certain transactions other than a public offeringinvolving issuances of a 20% or more interest in the company and certain acquisitions of the stock or assets of another company). Accordingly, ourshareholders may not be afforded the same protection as provided under NASDAQ corporate governance rules. Following our home country governancepractices as opposed to the requirements that would otherwise apply to a United States company listed on NASDAQ may provide less protection than isaccorded to investors of domestic issuers. See "Item16.G. Corporate Governance." As a foreign private issuer we are not subject to the provisions of Regulation FD or U.S. proxy rules and are exempt from filing certain Exchange Actreports. As a foreign private issuer, we are exempt from a number of requirements under U.S. securities laws that apply to public companies that are not foreign privateissuers. In particular, we are exempt from the rules and regulations under the Exchange Act related to the furnishing and content of proxy statements, and ourofficers, directors and principal shareholders are exempt from the reporting and short-swing profit recovery provisions contained in Section 16 of theExchange Act. In addition, we are not required under the Exchange Act to file annual and current reports and financial statements with the SEC as frequentlyor as promptly as U.S. domestic companies whose securities are registered under the Exchange Act and we are generally exempt from filing quarterly reportswith the SEC under the Exchange Act. We are also exempt from the provisions of Regulation FD, which prohibits issuers from making selective disclosure ofmaterial nonpublic information to, among others, broker-dealers and holders of a company's securities under circumstances in which it is reasonablyforeseeable that the holder will trade in the company's securities on the basis of the information. Even though we intend to comply voluntarily withRegulation FD, these exemptions and leniencies will reduce the frequency and scope of information and protections to which you are entitled as an investor.For so long as we qualify as a foreign private issuer, we are not required to comply with the proxy rules applicable to U.S. domestic companies, althoughpursuant to the Companies Law, we disclose the annual compensation of our five most highly compensated office holders (as defined under the CompaniesLaw) on an individual basis, including in this annual report. Since a majority of our voting securities are either directly or indirectly owned of record by residents of the United States, we would lose our foreign privateissuer status if any of the following were to occur: (i) the majority of our executive officers or directors were United States citizens or residents, (ii) more than50 percent of our assets were located in the United States, or (iii) our business was administered principally in the United States. Although we have elected tocomply with certain U.S. regulatory provisions, our loss of foreign private issuer status would make such provisions mandatory. The regulatory andcompliance costs to us under U.S. securities laws as a U.S. domestic issuer may be significantly higher. If we are not a foreign private issuer, we will berequired to file periodic reports and registration statements on U.S. domestic issuer forms with the SEC, which are more detailed and extensive than the formsavailable to a foreign private issuer. We would also be required to follow U.S. proxy disclosure requirements, including the requirement to disclose moredetailed information about the compensation of our senior executive officers on an individual basis. We may also be required to modify certain of ourpolicies to comply with good governance practices associated with U.S. domestic issuers. Such conversion and modifications will involve additional costs. Inaddition, we would lose our ability to rely upon exemptions from certain corporate governance requirements on U.S. stock exchanges that are available toforeign private issuers. 21 If we sell our ordinary shares in future financings, ordinary shareholders could experience immediate dilution and, as a result, the market price of ourordinary shares may decline. We may from time to time issue additional ordinary shares at a discount from the current trading price of our ordinary shares. As a result, our ordinaryshareholders would experience immediate dilution upon the purchase of any ordinary shares sold at such discount. In addition, as opportunities presentthemselves, we may enter into equity or debt financings or similar arrangements in the future, including the issuance of convertible debt securities, preferredshares or ordinary shares. If we issue ordinary shares or securities convertible into ordinary shares, holders of our ordinary shares could experience dilution. Our U.S. shareholders may suffer adverse tax consequences if we are classified as a passive foreign investment company. Generally, if for any taxable year 75% or more of our gross income is passive income, or at least 50% of the average quarterly value of our assets (which maybe measured in part by the market value of our ordinary shares, which is subject to change) are held for the production of, or produce, passive income, wewould be characterized as a passive foreign investment company, or PFIC, for U.S. federal income tax purposes. Based on our gross income and gross assets,and the nature of our business, we believe that we were not classified as a PFIC for the taxable year ended December 31, 2016. Because PFIC status is basedon our income, assets and activities for the entire taxable year, it is not possible to determine whether we will be characterized as a PFIC for our 2017 taxableyear until after the close of the year. There can be no assurance that we will not be considered a PFIC for any taxable year. Our characterization as a PFICcould result in material adverse tax consequences for you if you are a U.S. investor, including having gains realized on the sale of our ordinary shares treatedas ordinary income, rather than a capital gain, the loss of the preferential rate applicable to dividends received on our ordinary shares by individuals who areU.S. holders, and having interest charges apply to distributions by us and the proceeds of share sales. Certain elections exist that may alleviate some of theadverse consequences of PFIC status and would result in an alternative treatment (such as mark-to-market treatment) of our ordinary shares. ProspectiveU.S. investors should consult their own tax advisers regarding the potential application of the PFIC rules to them. Prospective U.S. investors should refer to"Item 10.E. Taxation—Certain United States Federal Income Tax Consequences" for discussion of additional U.S. income tax considerations applicable tothem based on our treatment as a PFIC. If we are unable to satisfy the requirements of Sections 404(a) and 404(b) of the Sarbanes-Oxley Act of 2002, or the Sarbanes-Oxley Act, or if our internalcontrol over financial reporting is not effective, investors may lose confidence in the accuracy and the completeness of our financial reports and thetrading price of our ordinary shares may be negatively affected. Pursuant to Section 404(a) of the Sarbanes-Oxley Act, we are required to furnish a report by management on the effectiveness of our internal control overfinancial reporting. Additionally, pursuant to Section 404(b) of the Sarbanes-Oxley Act, we must include an auditor attestation on our internal control overfinancial reporting. To maintain the effectiveness of our disclosure controls and procedures and our internal control over financial reporting, we expect that we will need tocontinue enhancing existing, and implement new, financial reporting and management systems, procedures and controls to manage our business effectivelyand support our growth in the future. The process of evaluating our internal control over financial reporting requires an investment of substantial time andresources, including by our Chief Financial Officer and other members of our senior management. As a result, this process may divert internal resources andtake a significant amount of time and effort to complete. Additionally, as part of management assessments of the effectiveness of our internal control overfinancial reporting required by Section 404(a), our management may conclude that our internal control over financial reporting is not effective due to ourfailure to cure any identified material weakness or otherwise, which would require us to employ remedial actions to implement effective controls. If weidentify material weaknesses in our internal control over financial reporting, if we are unable to comply with the requirements of Section 404(a) or 404(b) in atimely manner or to assert that our internal control over financial reporting is effective, or if our independent registered public accounting firm is unable toexpress an opinion or issues an adverse opinion in its attestation as to the effectiveness of our internal control over financial reporting required by Section404(b), investors may lose confidence in the accuracy and completeness of our financial reports and the trading price of our ordinary shares could benegatively affected. We could also become subject to investigations by the stock exchange on which our securities are listed, the SEC or other regulatoryauthorities, which could require additional financial and management resources. 22 Irrespective of compliance with Sections 404(a) and 404(b), any failure of our internal control could have a material adverse effect on our stated results ofoperations and harm our reputation. In order to implement changes to our internal control over financial reporting triggered by a failure of those controls, wecould experience higher than anticipated operating expenses, as well as higher independent auditor fees during and after the implementation of thesechanges. As a public company we may become subject to further compliance obligations, which may strain our resources and divert management's attention. Changing laws, regulations and standards in the United States relating to corporate governance and public disclosure and other matters may be implementedin the future, which may increase our legal and financial compliance costs, make some activities more time consuming and divert management's time andattention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations and standards differ from theactivities intended by regulatory or governing bodies due to ambiguities related to practice, regulatory authorities may initiate legal proceedings against usand our business may be harmed. Being a publicly traded company in the United States and being subject to U.S. rules and regulations may make it moreexpensive for us to obtain director and officer liability insurance, and we may be required to accept reduced coverage or incur substantially higher costs toobtain coverage. These factors could also make it more difficult for us to attract and retain qualified members of our board of directors, particularly to serveon our audit committee, and qualified executive officers. Risks Relating to Our Incorporation and Location in Israel Our headquarters, research and development activities and other significant operations are located in Israel and, therefore, our results may be adverselyaffected by political, economic and military instability in Israel. Our headquarters and principal research and development facilities are located in Israel. In addition, the majority of our key employees, officers and directorsare residents of Israel. Accordingly, political, economic and military conditions in Israel may directly affect our business. Since the establishment of the Stateof Israel in 1948, a number of armed conflicts have taken place between Israel and its neighboring countries. In recent years, these have included hostilitiesbetween Israel and Hezbollah in Lebanon and Hamas in the Gaza strip, both of which resulted in rockets being fired into Israel causing casualties anddisruption of economic activities. In addition, Israel faces threats from more distant neighbors, including, in particular, Iran. Our commercial insurance doesnot cover losses that may occur as a result of an event associated with the security situation in the Middle East. Although the Israeli government is currentlycommitted to covering the reinstatement value of direct damages that are caused by terrorist attacks or acts of war, we cannot assure you that this governmentcoverage will be maintained, or if maintained, will be sufficient to compensate us fully for damages incurred. Any losses or damages incurred by us couldhave a material adverse effect on our business. Any armed conflict involving Israel could adversely affect our operations and results of operations. Further, our operations could be disrupted by the obligations of personnel to perform military service. As of December 31, 2016, we had 324 employees basedin Israel, certain of which may be called upon to perform up to 54 days in each three year period (and in the case of non-officer commanders or officers, up to70 or 84 days, respectively, in each three year period) of military reserve duty until they reach the age of 40 (and in some cases, depending on their specificmilitary profession up to 45 or even 49 years of age) and, in certain emergency circumstances, may be called to immediate and unlimited active duty. Ouroperations could be disrupted by the absence of a significant number of employees related to military service, which could materially adversely affect ourbusiness and results of operations. 23 Several countries, principally in the Middle East, restrict doing business with Israel and Israeli companies, and additional countries may impose restrictionson doing business with Israel and Israeli companies whether as a result of hostilities in the region or otherwise. In addition, there have been increased effortsby activists to cause companies and consumers to boycott Israeli goods based on Israeli government policies. Such actions, particularly if they become morewidespread, may adversely impact our ability to sell our products. The tax benefits that are available to us require us to continue to meet various conditions and may be terminated or reduced in the future, which couldincrease our costs and taxes. We were granted Approved Enterprise status under the Israeli Law for the Encouragement of Capital Investments, 1959, referred to as the Investment Law. Wehad elected the alternative benefits program, pursuant to which income derived from the Approved Enterprise program is tax-exempt for two years and enjoysa reduced tax rate of 10.0% to 25.0% for up to a total of eight years, subject to an adjustment based upon the foreign investors' ownership. We were alsoeligible for certain tax benefits provided to Benefited Enterprises under the Investment Law. In March 2013, we notified the Israel Tax Authority that weapply the new tax regime under the Investment Law instead of our Approved Enterprise and Benefited Enterprise. We are eligible for certain tax benefitsprovided to Preferred Enterprises under the Investment Law. If we do not meet the conditions stipulated in the Investment Law, any tax benefits will becanceled and we would be required to refund the amount of the benefits, in whole or in part, including interest and CPI linkage (or other monetary penalties).Further, in the future these tax benefits may be reduced or discontinued. If these tax benefits are reduced, cancelled or discontinued, our Israeli taxableincome would be subject to regular Israeli corporate tax rates. The standard corporate tax rate for Israeli companies in 2014 and 2015 was 26.5%, was reducedto 25% for 2016, and then reduced to 24.0% for 2017 and as of 2018 the corporate tax rate will be 23%. Additionally, if we increase our activities outside ofIsrael through acquisitions, for example, our expanded activities might not be eligible for inclusion in future Israeli tax benefit programs. See "Item 5.Operating and Financial Review and Prospects—Operating Results—Israeli Tax Considerations and Government Programs—Law for the Encouragement ofCapital Investments, 5719-1959." We may become subject to claims for remuneration or royalties for assigned service invention rights by our employees. We enter into assignment-of-invention agreements with our employees pursuant to which such individuals agree to assign to us all rights to any inventionscreated in the scope of their employment or engagement with us. A significant portion of our intellectual property has been developed by our employeesduring the course of their employment by us. Under the Israeli Patent Law, 5727-1967, inventions conceived by an employee during the scope of his or heremployment with a company are regarded as "service inventions" which belong to the employer, absent a specific agreement between the employee andemployer giving the employee service invention rights. Although our employees have agreed to assign to us service invention rights, as a result ofuncertainty under Israeli law with respect to service invention rights and the efficacy of related waivers, including with respect to remuneration and its extent,we may face claims demanding remuneration in consideration for assigned inventions. As a consequence of such claims, we could be required to payadditional remuneration or royalties to our current and/or former employees, or be forced to litigate such claims, which could negatively affect our business.Provisions of Israeli law and our articles of association may delay, prevent or otherwise impede a merger with or an acquisition of us, even when the termsof such a transaction are favorable to us and our shareholders. Israeli corporate law regulates mergers, requires tender offers for acquisitions of shares above specified thresholds, requires special approvals for transactionsinvolving directors, officers or significant shareholders and regulates other matters that may be relevant to such types of transactions. For example, a tenderoffer for all of a company's issued and outstanding shares can only be completed if the acquirer receives positive responses from the holders of at least 95% ofthe issued share capital. Completion of the tender offer also requires approval of a majority of the offerees that do not have a personal interest in the tenderoffer, unless at least 98% of the company's outstanding shares are tendered. Furthermore, the shareholders, including those who indicated their acceptance ofthe tender offer (unless the acquirer stipulated in its tender offer that a shareholder that accepts the offer may not seek appraisal rights), may, at any timewithin six months following the completion of the tender offer, petition an Israeli court to alter the consideration for the acquisition. See "Item 10.B. Articlesof Association—Acquisitions under Israeli Law" for additional information. 24 Our articles of association provide that our directors are elected on a staggered basis, such that a potential acquirer cannot readily replace our entire board ofdirectors at a single annual general shareholder meeting. Furthermore, Israeli tax considerations may make potential transactions unappealing to us or to our shareholders whose country of residence does not have atax treaty with Israel exempting such shareholders from Israeli tax. For example, Israeli tax law does not recognize tax-free share exchanges to the same extentas U.S. tax law. With respect to mergers involving an exchange of shares, Israeli tax law allows for tax deferral in certain circumstances but makes the deferralcontingent on the fulfillment of a number of conditions, including, in some cases, a holding period of two years from the date of the transaction during whichsales and dispositions of shares of the participating companies are subject to certain restrictions. Moreover, with respect to certain share swap transactions, thetax deferral is limited in time, and when such time expires, the tax becomes payable even if no disposition of the shares has occurred. In order to benefit fromthe tax deferral, a pre-ruling from the Israel Tax Authority might be required. It may be difficult to enforce a judgment of a U.S. court against us, our officers and directors or the Israeli auditors named in this annual report in Israel orthe United States, to assert U.S. securities laws claims in Israel or to serve process on our officers and directors and these auditors. We are incorporated in Israel. The majority of our directors and executive officers, and the Israeli auditors listed in this annual report reside outside of theUnited States, and most of our assets and most of the assets of these persons are located outside of the United States. Therefore, a judgment obtained againstus, or any of these persons, including a judgment based on the civil liability provisions of the U.S. federal securities laws, may not be collectible in theUnited States and may not be enforced by an Israeli court. It also may be difficult for you to effect service of process on these persons in the United States orto assert U.S. securities law claims in original actions instituted in Israel. Israeli courts may refuse to hear a claim based on an alleged violation of U.S.securities laws reasoning that Israel is not the most appropriate forum in which to bring such a claim. In addition, even if an Israeli court agrees to hear aclaim, it may determine that Israeli law and not U.S. law is applicable to the claim. If U.S. law is found to be applicable, the content of applicable U.S. lawmust be proven as a fact by expert witnesses, which can be a time consuming and costly process. Certain matters of procedure will also be governed by Israelilaw. There is little binding case law in Israel that addresses the matters described above. As a result of the difficulty associated with enforcing a judgmentagainst us in Israel, you may not be able to collect any damages awarded by either a U.S. or foreign court. Your rights and responsibilities as a shareholder are, and will continue to be, governed by Israeli law which differs in some material respects from therights and responsibilities of shareholders of U.S. companies. The rights and responsibilities of the holders of our ordinary shares are governed by our articles of association and by Israeli law. These rights andresponsibilities differ in some material respects from the rights and responsibilities of shareholders in U.S.-based corporations. In particular, a shareholder ofan Israeli company has a duty to act in good faith and in a customary manner in exercising its rights and performing its obligations towards the company andother shareholders, and to refrain from abusing its power in the company, including, among other things, in voting at a general meeting of shareholders onmatters such as amendments to a company's articles of association, increases in a company's authorized share capital, mergers and acquisitions and relatedparty transactions requiring shareholder approval. In addition, a shareholder who is aware that it possesses the power to determine the outcome of ashareholder vote or to appoint or prevent the appointment of a director or executive officer in the company has a duty of fairness toward the company. Thereis limited case law available to assist us in understanding the nature of this duty or the implications of these provisions. These provisions may be interpretedto impose additional obligations and liabilities on holders of our ordinary shares that are not typically imposed on shareholders of U.S. corporations.25 ITEM 4. INFORMATION ON THE COMPANY A.History and Development of the Company Our History We were founded in 1999 with the vision of protecting high-value business data and pioneered our Digital Vault technology, which is the foundation of ourplatform. That same year, we began offering our first product, the Sensitive Information Management Solution (previously called the Sensitive DocumentVault), which provides a secure platform through which our customers' employees can share sensitive files. We believe our early innovation in vaultingtechnology enabled us to evolve into a company that provides a comprehensive security solutions built for privileged accounts. In 2005, we introduced ourPrivileged Account Security Solution, which has become our leading offering and reflects our emphasis on protecting privileged accounts across anorganization. In September 2014, we listed our ordinary shares on the NASDAQ Global Select Market. In 2015, we acquired Viewfinity, a provider ofWindows least privilege management and application control software, as well as Cybertinel, a cyber security company specializing in cyber threat detectiontechnology. Our Privileged Account Security Solution consists of several products: Enterprise Password Vault, SSH Key Manager, Privileged Session Manager, PrivilegedThreat Analytics, Application Identity Manager, Endpoint Privilege Manager and On-Demand Privileges Manager. We are a company limited by shares organized under the laws of the State of Israel. We are registered with the Israeli Registrar of Companies. Our registrationnumber is 51-229164-2. Our principal executive offices are located at 94 Em-Ha'moshavot Road, Park Ofer, P.O. Box 3143, Petach Tikva 4970602, Israel, andour telephone number is +972 (3) 918-0000. Our website address is www.cyberark.com. Information contained on, or that can be accessed through, ourwebsite is not part of this annual report and is not incorporated by reference herein. We have included our website address in this annual report solely forinformational purposes. Our agent for service of process in the United States is Cyber-Ark Software, Inc., located at 60 Wells Avenue, Suite 103, Newton, MA02459, and our telephone number is (617) 965-1544. Principal Capital Expenditures Our capital expenditures for fiscal years 2014, 2015 and 2016 amounted to $1.4 million, $2.1 million and $2.8 million, respectively. Capital expendituresconsist primarily of investments in leasehold improvements for our office space and the purchase of computers and related equipment. We anticipate ourcapital expenditures in fiscal year 2017 to be in a range of $7 million and $9 million, of which approximately $4 million related to the new office space inIsrael that we leased, which we expect to move to during the second half of 2017. We anticipate our capital expenditures in 2017 will be financed with cashon hand and cash flow generated from operating activities. B.Business Overview We are a global leader and pioneer of a critical layer of IT security solutions that protects organizations from cyber attacks that have made their way insidethe network perimeter to strike at the heart of the enterprise. Our software solutions are focused on protecting privileged accounts, which have become acritical target in the lifecycle of today's cyber attacks. Privileged accounts are pervasive and act as the "keys to the IT kingdom," providing complete accessto, and control of, all parts of IT infrastructure (whether located on premise or in the cloud), industrial control systems and critical business data. In the handsof an external attacker or malicious insider, privileged accounts allow attackers to take control of and disrupt an organization's IT and industrial controlinfrastructures, steal confidential information and commit financial fraud. Our comprehensive solutions proactively protect privileged accounts, monitorprivileged activity, detect malicious privileged behavior and enforce privilege security on the endpoint. Our customers use our innovative solutions tointroduce this critical security layer to protect against, detect and respond to cyber attacks before they strike vital systems and compromise sensitive data. 26 Organizations worldwide are experiencing an unprecedented increase in the sophistication, scale and frequency of cyber attacks. The challenge this presentsis intensified by the growing adoption of new technologies, such as cloud computing, virtualization, software-defined networking, enterprise mobility andsocial networking, which has resulted in increasingly complex and distributed IT environments with significantly larger attack surfaces. Organizations havehistorically relied upon perimeter-based threat protection solutions such as network and web security tools as the predominant defense against cyber attacks,yet these traditional solutions have a limited ability to stop today's advanced threats. According to a 2015 special report issued by FireEye, Inc., 96% of thesystems of more than 1,600 FireEye network and email sensors deployed in real-world networks had suffered a network security breach. Many organizationsare still in the early stages of adapting their security strategies to address this new threat environment and are evolving their approaches based on theassumption that their network perimeter has been or will be breached. They are therefore increasingly implementing new layers of security inside the networkto disrupt attacks before they result in the theft of confidential information or other serious damage. Regulators are also continuing to mandate rigorouscompliance standards and audit requirements in response to this evolving threat landscape. We believe that the implementation of a privileged account security solution is one of the most critical layers of an effective security strategy. Privilegedaccounts represent one of the most vulnerable aspects of an organization's IT infrastructure. Privileged accounts are used by system administrators, third-partyand cloud service providers, applications and business users, and they exist in nearly every connected device, server, hypervisor, operating system, database,application and industrial control system. Due to the broad access and control they provide, exploiting privileged accounts has become a critical stage of thecyber attack lifecycle. The typical cyber attack involves an attacker effecting an initial breach, escalating privileges to access target systems, movinglaterally through the IT infrastructure to identify valuable targets, and exfiltrating, or stealing, the desired information. According to Mandiant, a FireEyecompany, credentials of authorized users were hijacked in 100% of the breaches that Mandiant investigated, and privileged accounts were targeted wheneverpossible. We have architected our solutions to address the challenges of protecting privileged accounts and an organization's sensitive information. Our solutionsprovide proactive protection against cyber attacks from both external and internal sources and allow for real-time detection and neutralization of such threats.They can be deployed in traditional on-premise data centers, public, private or hybrid cloud environments, endpoints, and industrial control systems. Ourinnovative software solutions are the result of over 17 years of research and expertise, combined with valuable knowledge we have gained from working withour diverse population of customers and from our acquisitions of Viewfinity and Cybertinel. Our comprehensive, purpose-built Privileged Account Security Solution enables our customers to secure, manage and monitor privileged account access andactivities and enforce privilege security on the endpoint. Our Privileged Account Security Solution consists of our Enterprise Password Vault, SSH KeyManager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, Endpoint Privilege Manager and On-Demand PrivilegesManager. These products leverage a common technology platform that includes our secure Digital Vault, Web Management Interface, Master Policy Engineand Discovery Engine, and integrates out of the box with over 100 types of IT assets in the datacenter or the cloud. Our solutions complement other vendors'IT, security and cloud solutions in 2 significant ways. First, by enhancing the security of these solutions by reducing the misuse potential of privilegedaccounts used by or incorporated within these solutions and second, through the sharing of valuable information between the solutions, for improveddetection, protection and response in the event of a cyber attack. In April 2016, we announced the launch of the C3 Alliance, which promotes members'cooperation in addressing customers' cybersecurity challenges as they evolve by extending and leveraging the benefit of privileged account security acrossthe customers' organizations and setting a product integration foundation with our C3 Alliance technology partners for the benefit of our mutual customers. As of December 31, 2016, we had approximately 3,100 customers, including approximately 50% of the Fortune 100 companies and more than 25% of theGlobal 2000 companies. We define a customer to include a distinct entity, division or business unit of a company. Our customers include leadingorganizations in a diverse set of industries, including energy and utilities, financial services, healthcare, manufacturing, retail, technology andtelecommunications, as well as government agencies. We sell our solutions through a high touch, channel fulfilled hybrid sales model that combines theleverage of channel sales with the account control of direct sales, and therefore provides us with significant opportunities to grow our current customer base.This approach allows us to maintain close relationships with our customers and benefit from the global reach of our channel partners. Additionally, wecontinue to enhance our product offerings and go-to-market strategy by establishing technology alliances within the IT infrastructure and security vendorecosystem. Our business has rapidly grown in recent years. During 2014, 2015 and 2016, our revenues were $103.0 million, $160.8 million and $216.6 million,respectively, representing year-over-year growth of 56.1% and 34.7% in 2015 and 2016, respectively. Our net income for 2014, 2015 and 2016 was $10.0million, $25.8 million and $28.1 million, respectively. 27 Industry Background The recent increase in sophisticated, targeted security threats by both external attackers and malicious insiders, along with an increase in the attack surfacedue to the growing complexity and distributed nature of IT environments, have made it extremely challenging for enterprises and governments around theworld to protect their sensitive information. These challenges are driving the need for a new layer of security that complements traditional threat protectiontechnologies by securing access to privileged accounts and preventing the exploitation of organizations' critical systems and data. Our Products Our products secure organizations' high-value data and critical IT assets by providing proactive protection against external and internal cyber threats andenabling real-time detection and neutralization of attacks. Privileged Account Security Solution Our comprehensive, purpose-built Privileged Account Security Solution provides our customers a set of products that enable them to secure, manage andmonitor privileged account access and activities. Our Privileged Account Security Solution consists of our Enterprise Password Vault, SSH Key Manager,Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, Endpoint Privilege Manager and On-Demand Privileges Manager.These products share a common technology platform that includes our secure Digital Vault, Web Management Interface, Master Policy Engine and DiscoveryEngine, and integrates out of the box with over 100 types of IT assets in the datacenter or the cloud. Enterprise Password Vault. Our Enterprise Password Vault provides customers with a powerful tool to manage and protect all privileged accounts across anentire organization, including physical, virtual or cloud-based assets. Customers can control how often to require scheduled password changes for differentprivileged accounts or grant passwords solely for one-time use based on operational needs and regulatory requirements. This automated process reduces thetime-consuming and error-prone task of manually tracking and updating privileged credentials thereby enhancing system security and facilitatingobservance of audit and compliance standards. 28 SSH Key Manager. Our SSH Key Manager product securely stores, rotates and controls access to SSH keys to prevent unauthorized access to privilegedaccounts. This includes the protection of keys at rest and in transit, granular access controls and integration with strong authentication solutions. Detailedaudit logs and reporting capabilities provide visibility into key usage to meet audit and compliance requirements. SSH keys are used as an alternative topassword credentials, commonly used for administrative access for users, devices and applications to UNIX and Linux systems. SSH Key Manager is a logicalextension to our Privileged Account Security Solution, leveraging our shared technology platform infrastructure, enabling organizations to protect allprivileged credentials with a single integrated platform that can be built out over time in accordance with business needs. Privileged Session Manager. Our Privileged Session Manager protects IT assets including servers, applications, databases and hypervisors from malware andprovides command-level monitoring and recording of all privileged activity. Privileged Session Manager prevents malware on an infected workstation fromcapturing a privileged credential and spreading to additional assets. It also provides a single point of control, forcing all privileged access to pass through ourserver, ensuring that all privileged activity is monitored and recorded. The single point of control also allows for real-time viewing of privileged activities,enabling customers to terminate privileged sessions in real-time as a threat is detected. In addition, Privileged Session Manager records complete privilegedsessions and stores the recordings in the Digital Vault to prevent tampering. Auditors, forensics team and others are able to view and quickly search throughan entire session recording for specific activities. Privileged Session Manager can operate entirely in the background, although customers can opt to deterprivileged account users from prohibited conduct by alerting users that their sessions are being recorded. We offer customers the choice of licensingPrivileged Session Manager based on the number of devices secured or the number of concurrent sessions it monitors. Our Privileged Session Manager andEnterprise Password Vault serve complementary functions and are part of a shared platform. As such, we frequently sell them together. Privileged Threat Analytics. Our Privileged Threat Analytics product allows organizations to detect, alert, and respond to anomalous privileged activitywhile attacks are in progress. Privileged Threat Analytics uses proprietary algorithms to profile and analyze individual privileged user behavior and createsprioritized alerts when abnormal activity is detected. For example, our product can be used to detect privileged account access at unusual times or access toan abnormal quantity of privileged assets. Privileged Threat Analytics can automatically contain an attack by invalidating a stolen credential to block anattacker from further penetrating the network perimeter. Privileged Threat Analytics uses historical data collected by our Privileged Account SecuritySolution, Digital Vault and other network data sources to create and maintain a current profile of each privileged user's behavior. It allows incident responseteams to investigate the details that triggered the alert in order to prioritize and respond to the threat. We specialize in analyzing behavior related toprivileged user behavior, thus providing vital intelligence on the most critical attack vector. This intelligence can be integrated into an organization'sexisting systems and incident response processes enabling a faster response time. Application Identity Manager. Our Application Identity Manager addresses the challenges of hard-coded, embedded credentials and cryptographic keysbeing hijacked and exploited by malicious insiders or external cyber attackers. This is enabled by our proprietary Digital Vault application providertechnology, which eliminates the need to store such credentials in applications, scripts or configuration files. Instead, Application Identity Manager allowsfor secure, programmatic retrieval of needed credentials only at run-time and based on master policy control and monitoring. Endpoint Privilege Manager. Formerly known as CyberArk Viewfinity, which we added to our product offerings following our acquisition of Viewfinity, Inc.in 2015, Endpoint Privilege Manager is intended to secure and manage the use of privileged accounts and credentials on the endpoint, and can be deployedon-premise or as a cloud-based solution. Removing local administrator rights for business users on endpoints can significantly reduce the attack surface, butit can also result in unintended productivity tradeoffs and high help desk costs, as users attempt to regain privileges necessary for day-to-day tasks. EndpointPrivilege Manager is designed to help organizations reduce the attack surface by removing local administrative privileges for business users, granularlycontrolling IT administrator privileges on Windows Servers based on role and elevating privileges when necessary and authorized. Endpoint PrivilegeManager's application control features also enable organizations to closely control and monitor all applications within the environment, identify the originalsource and instances of malicious applications in the environment for incident response, or supporting forensic investigations. Malicious applications maybe immediately blocked, unknown applications may be "grey" listed and restricted pending further analysis and trusted applications may seamlessly runwithout frustrating business or IT users. Endpoint Privilege Manager also provides a layer of credential protection and can detect and block attempts ofmalicious applications to hijack credentials and to alert the organization of such in-progress attack. 29 On-Demand Privileges Manager. Our On-Demand Privileges Manager allows customers to limit the breadth of access of Unix/Linux administrative accountsand granularly restrict them from performing certain commands and functions. Shared Technology Platform. Our shared technology platform is the foundation of our Privileged Account Security Solution and includes our secure DigitalVault, Web Management Interface, Master Policy Engine and Discovery Engine. Our Digital Vault is an encrypted server that only responds to preset vaultprotocols to ensure security throughout an organization's network. Our Privileged Account Security Solution's products use our Digital Vault to safely store,audit and manage passwords, privileged credentials, policy information and privileged account session data. Our Web Management Interface provides asingle, user-friendly interface for customers to set, manage and monitor privileged account security policies across an entire organization in a matter ofminutes while allowing for granular level exceptions to meet the organization's unique operational needs. Our Master Policy Engine and Discovery Engineenable organizations to understand the scope of privileged account risk and helps to ensure that all privileged account activity is accounted for byautomatically discovering new privileged accounts or changes to existing accounts. Our platform integrates out of the box with over 100 types of IT assets inthe datacenter or the cloud, including leading operating systems, databases, network devices, security appliances, hypervisors, applications, industrialcontrol systems and application servers. Our platform further leverages our proprietary vault protocol technology to enable distributed deployments acrossglobal networks for central management and auditing while providing enterprise-wide global coverage. Sensitive Information Management Solution Our Sensitive Information Management Solution provides a secure platform through which our customers' employees can share sensitive files while enablingthe customer to monitor who is sharing these files. This allows organizations to isolate, store, share and track sensitive files and documents, such as customercredit card information, human resource records, intellectual property documents and legal information in a secure, internal environment. It also allowsorganizations to exchange sensitive information securely and efficiently with their business partners, customers, suppliers and subcontractors. Our SensitiveInformation Management Solution integrates with an organization's existing applications and can be deployed on-premise or as a cloud-based solution forfaster audit readiness without the need for significant upfront cost. Our Services Maintenance and Support Our customers typically purchase one year or, to a lesser extent, three years, of software maintenance and support in conjunction with their initial purchase ofperpetual licenses for our products. Thereafter, they can renew such maintenance and support for additional one or three-year periods. These two alternativemaintenance and support periods are common in the software industry. Customers pay for each alternative in full at the beginning of their terms. Thesubstantial majority of our contracts sold are for a one-year term. For example, for the years 2014 through 2016 more than 85% of the renewal contracts werefor a one year term. Our global customer support organization has expertise in our software and how it interacts with complex IT environments. When sales are made to customersdirectly, we typically also provide any necessary maintenance and support pursuant to a maintenance and support contract directly with the customer. Whensales are made through channels, the channel partner (primarily in the EMEA and Asia Pacific and Japan regions) typically provides the first and second levelsupport and we typically provide third level support if the issue cannot be resolved by the channel partner. Our maintenance and support program provides customers the right to software bug repairs, the latest system enhancements and updates on an if-and-whenavailable basis during the maintenance period, and access to our technical support services. Our technical support services are provided via our onlinesupport center, which enables customers to submit new support queries and monitor the status of open and past queries. Our online support system alsoprovides customers with access to our CyberArk Knowledge Base, an online user-driven information repository that provides customers the ability to addresstheir own queries. Additionally, we offer email and telephone support during business hours to customers that purchase a standard support package and 24/7availability to customers that purchase our 24/7 support package. 30 Professional Services Our products are designed for customers to be able to download, install and deploy our software on their own. They are highly configurable and manycustomers will select either one of our many trained channel partners or our professional services team to provide services. Our professional services team canbe contracted to assist customers in planning, installing and configuring our solution to meet the needs of their security and IT environment. Our professionalservices team provides ongoing consulting services regarding best practices in privileged account security, and recommended ways to implement oursolutions to meet specific customer requirements. Additionally, they share best practices associated with use of our software and educate customers andpartners on alternative ways to deploy and use our product through CyberArk University, which offers in-person and WebEx courses globally. Our Technology Our comprehensive Privileged Account Security Solution relies on a set of proprietary technologies that provide a high level of security, scalability andreliability. The core technologies included in our solution are as follows: Secure Digital Vault Technology. Our proprietary Digital Vault technology provides a highly secure, isolated environment, independent of other software,and is engineered with multiple layers of security. Our Digital Vault provides a data encryption mechanism that eliminates the need for encryption keymanagement by the end user, while each object in our Digital Vault is encrypted with its own unique encryption key. To ensure security throughout thenetwork, our Digital Vault communicates within an organization's network and over the internet through a proprietary and highly protected Vault Protocol,enabling an organization to implement the centrally managed Privileged Account Security Solution with products located in multiple datacenters andgeographic locations. Our Digital Vault provides an additional level of protection by preventing the vault administrator from accessing or discoveringprotected data stored within it. In addition, our Digital Vault database is embedded, isolated and self-managed as part of our Digital Vault software, therebyblocking database administrator access to our Digital Vault database to further eliminate threats. Our Privileged Account Security Solution's additionalproducts use the highly secured Digital Vault to safely store, audit and manage passwords, privileged credentials, policy information and privileged accountsession data. Sophisticated Threat Analytics Algorithms. Our team of cyber experts and development engineers has developed proprietary algorithms that are at the coreof our Privileged Threat Analytics product. These algorithms were developed using our deep understanding of cybersecurity and cyber attack techniques,together with over a decade of rich experience in analyzing privileged account activities. Our Privileged Threat Analytics product uses these proprietaryalgorithms to construct a behavioral profile for privileged users within an organization and continuously updates the profile based on normal changes inbehavior. Once a behavioral profile is established, the threat analytics algorithms provide the ability to look for deviations from that profile in order toidentify anomalies in user behavior. It then scores each individual anomaly and determines the level of threat based on the correlation of such anomalousevents. Alerts with full details of the incident, including the probability of malicious intent, can be raised immediately, allowing an organization's incidentresponse team to review the potential threat and take action when necessary.Strong Application Authentication and Credential Management. Our Application Identity Manager product's architecture allows an organization toeliminate hard-coded application credentials, such as passwords and encryption keys, from applications and scripts. Our secure, proprietary product permitsauthentication of an application during run-time, based on any combination of the application's signature, executable path, or IP address, and operatingsystem user. Following application authentication, the authenticated application uses a secure application programming interface, or API, to requestprivileged account credentials during run-time and, based on the application permissions in our Privileged Account Security Solution, up-to-date credentialsare provided to the application. To ensure business continuity, and high availability and performance even within complex and distributed networkenvironments, our advanced product architecture provides a secure local credentials cache on the application server, eliminating the dependency on networkavailability and traffic during a run-time application credential request. Our proprietary architecture provides even higher value in application serverenvironments, allowing an organization to eliminate application credentials without the need to perform any code changes and without impactingapplication availability. 31 Privileged Session Recording and Controls. Our innovative privileged session recording and control mechanisms provide the ability to isolate anorganization's IT systems from end-user desktops, while monitoring and recording the privileged session activities. Our proprietary architecture provides ahighly secure, proxy-based solution that does not require agent installation on the target systems and provides a single-access control point to the targetsystems. The architecture blocks direct communication between an end-user's desktop and a target system, thus preventing potential malware on the desktopfrom infiltrating the target system. This architecture further ensures that privileged credentials will remain protected and will not be exposed to the end-useror reach the desktop. Comprehensive recording capabilities provide the ability to record every keystroke and mouse click on the privileged session, and alsoprovide DVR-like recordings with search, locate and alert capabilities. Endpoint Privilege Manager Server and Endpoint Agents. Following the acquisition of Viewfinity, Inc. in 2015, we began offering endpoint agenttechnology, which provides policy-based privilege management, application control and credential theft protection capabilities. The agent is able to detectthe privileged commands, and application installation or invocation on the endpoint and validate whether permissible by the organization's security policy,otherwise blocking the operation. Having users operate in a least privilege mode together with the Endpoint Privilege Manager agent technology effectivelyreduces the surface that attackers or malware can exploit. The Endpoint Privilege Manager server provides policy-based agent management and consolidatedreporting, which allows organizations to manage privileges and handle application control. The Endpoint Privilege Manager server can also leverage thirdparty threat and reputation information to enrich the policy and black-list definitions to further strengthen controls and block bad or malicious applicationsbased on such security intelligence. Our Customers As of December 31, 2016, we had approximately 3,100 customers, including approximately 50% of the Fortune 100 companies and more than 25% of theGlobal 2000 companies. Our customers include leading organizations in a diverse set of industries, including energy and utilities, banking and financialservices, healthcare, insurance, manufacturing, retail, technology and telecommunications and hosting providers, as well as government agencies. Our business is not dependent on any particular customer. No customer in 2014, 2015 and 2016 and no channel partner in 2014 and 2015 accounted for morethan 10% of our revenues. In 2016, our largest channel partner accounted for approximately 12.1% of our revenues. Our diverse global footprint is evidencedby the fact that in 2016, we generated 58.1% of our revenues from customers in the United States, 31.4% from the EMEA region and 10.5% from the rest ofthe world, including countries in North and South America other than the United States and countries in the Asia Pacific region.Sales and Marketing Sales We believe that our hybrid sales model, which combines the leverage of high touch, channel sales with the account control of direct sales, has played animportant role in the growth of our customer base to date. We maintain a highly trained sales force that is responsible for developing and closing newbusiness, the management of relationships with our channel partners and the support and expansion of relationships with existing customers. Our salesorganization is organized by geographic regions, consisting of the Americas, EMEA and Asia Pacific and Japan regions. As of December 31, 2016, our globalnetwork of channel partners consisted of approximately 300 resellers, distributors and managed service providers. Our channel partners generallycomplement our sales efforts by helping to identify potential sales targets, maintaining relationships with certain customers and introducing new products toexisting customers and offering post-sale professional services and technical support. In 2016, we generated approximately 35% of our revenues from directsales from our field offices located throughout the world. Approximately 50% of our sales in the United States are direct while the substantial majority of oursales in the EMEA region and the rest of the world are through channel partners. We work with many global systems integration partners and several leadingregional security value added resellers, such as , Optiv Security Inc., Computacenter PLC, Orange S.A. Business Services (Orange Cyberdefense), Hewlett-Packard Enterprise Company, Carahsoft Technology Corp, Sayers Technology, LLC, Wipro Limited, and Conexsys Communications Ltd. These companieswere each among our top 15 channel partners in 2015 and 2016 by revenues and we have derived a meaningful amount from sales to each of them during thelast two years. 32 Our sales cycle varies by size of the customer, the number of products purchased and the complexity of the customer's IT infrastructure, ranging from severalweeks for incremental sales to existing customers to many months for sales to new customers or large deployments. To support our broadly dispersed globalchannel and customer base, as of December 31, 2016, we had sales personnel in 32 countries. We plan to continue investing in our sales organization tosupport both the growth of our channel partners and our direct sales organization. Marketing Our marketing strategy is focused on building our brand strength, communicating the benefits of our solutions, developing leads and increasing sales toexisting customers. We market our software as a solution to stop cyber threats before they have the chance to stop business. We execute our strategy byleveraging a combination of internal marketing professionals and a network of channel partners to communicate the value proposition and differentiation forour products, generating qualified leads for our sales force and channel partners. Our marketing efforts also include public relations in multiple regions andextensive content development available through our website. We are focused on an ongoing thought-leadership campaign to further establish ourselves as aleader in the cybersecurity market. Our marketing team is expanding its efforts by investing in analytics-driven lead development, stronger globalcoordination, quick response to current events and proactive and consistent communication with market analysts. Research and Development Continued investment in research and development is critical to our business. Our research and development efforts are focused primarily on improving andcontinuing to enhance existing products and services, as well as developing new products, features and functionality. We believe the timely development ofnew products is essential to maintaining our competitive position. We regularly release new versions of our software which incorporate new features andenhancements to existing ones. We also maintain a dedicated team that researches reported advanced cyber attacks, the attackers' techniques and methodsthat lead to new security development initiatives for our products and provide thought-leadership on targeted attack mitigation. As of December 31, 2016, we had 205 employees focused on research and development. We conduct our research and development activities in Israel and webelieve this provides us with access to world class engineering talent. Our research and development expenses were $14.4 million, $21.7 million and $34.6million in 2014, 2015 and 2016, respectively. Intellectual Property We rely on a combination of patent, trademark, copyright and trade secret laws, confidentiality procedures and contractual provisions to protect ourtechnology and the related intellectual property. As of December 31, 2016, we had 5 issued patents in the United States, 2 provisional U.S. patent applications and 15 pending U.S. patent applications. Wealso had 3 International PCT applications as well as 3 issued patents and 14 applications pending for examination in non-U.S. jurisdictions, all of which arecounterparts of our U.S. patent applications. The claims for which we have sought patent protection relate to current and future elements of our products and technology, including the Digital Vault,Discovery & Audit tool, Privileged Threat Analytics, Privileged Session Manager, Endpoint Privilege Manager and Application Identity Manager. We generally enter into confidentiality agreements with our employees, consultants, service providers, resellers and customers and generally limit internaland external access to, and distribution of, our proprietary information and proprietary technology through certain procedural safeguards. These agreementsmay not effectively prevent unauthorized use or disclosure of our intellectual property or technology and may not provide an adequate remedy in the eventof unauthorized use or disclosure of our intellectual property or technology. 33 Our industry is characterized by the existence of a large number of relevant patents and frequent claims and related litigation regarding patent and otherintellectual property rights. In particular, leading companies in the security industry have extensive patent portfolios. If we become more successful, webelieve that competitors will be more likely to try to develop products that are similar to ours and that may infringe our proprietary rights. It may also be morelikely that competitors or third parties will claim that our products infringe their proprietary rights. From time to time, third parties have asserted and mayassert their patent, copyright, trademark and other intellectual property rights against us, our channel partners, users or customers, whom our standard licenseand other agreements obligate us to indemnify against such claims under certain circumstances. Successful claims of infringement or misappropriation by athird party could prevent us from distributing certain products or performing certain services or could require us to pay substantial damages (including, forexample, treble damages if we are found to have willfully infringed patents and increased statutory damages if we are found to have willfully infringedcopyrights), royalties or other fees. Such claims also could require us to cease making, licensing or using solutions that are alleged to infringe ormisappropriate the intellectual property of others, or to expend additional development resources to attempt to redesign our products or services or otherwiseto develop non-infringing technology; enter into potentially unfavorable royalty or license agreements in order to obtain the right to use necessarytechnologies or intellectual property rights; and to indemnify our customers and partners (and parties associated with them). Even if third parties may offer alicense to their technology, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costs associated with any licensecould cause our business, results of operations or financial condition to be materially and adversely affected. Competition The IT security market in which we operate is characterized by intense competition, constant change and innovation. We believe that none of ourcompetitors offer a fully comprehensive and integrated privileged account security solution; however, we do compete with companies that offer a broad arrayof IT security products. Our current and potential future competitors include CA, Inc., Quest Software Inc. International Business Machines Corporation,Microsoft Corporation and Oracle Corporation, in the access and identity management market. Further, we compete with smaller companies that offersolutions at lower price points often with a more limited range of functionality than our own offerings. We may face competition in the future due to changesin the manner that organizations utilize IT assets and the security solutions applied to them, such as the provision of privileged account securityfunctionalities as part of public cloud providers' infrastructure offerings, or cloud-based identity management solutions. Limited IT budgets may also result incompetition with providers of other advanced threat protection solutions such as Hewlett-Packard Enterprise Company, EMC Corporation (which wasacquired by Dell Inc.), International Business Machines Corporation, FireEye, Inc., Splunk Inc., Check Point Software Technologies Ltd. and Palo AltoNetworks, Inc. The principal competitive factors in our market include: ☐the breadth and completeness of a security solution; ☐reliability and effectiveness in protecting, detecting and responding to cyber attacks; ☐analytics and accountability at an individual user level; ☐ability of customers to achieve and maintain compliance with compliance standards and audit requirements; ☐strength of sale and marketing efforts, including distribution and channel relationships; ☐global reach and customer base; ☐scalability and ease of integration with an organization's existing IT infrastructure and security investments; ☐brand awareness and reputation; ☐innovation and thought leadership; ☐quality of customer support; ☐speed at which a solution can be deployed; and ☐price of a solution and cost of maintenance and professional services. 34 We believe we compete favorably with our competitors on the basis of these factors. However, some of our current and potential future competitors may enjoypotential competitive advantages, such as greater name recognition, longer operating history, larger market share, larger existing user base and greaterfinancial, technical and other resources. Properties Our corporate headquarters are located in Petach Tikva, Israel in an office consisting of approximately 64,000 square feet. In February 2015, we signed a newlease with our current landlord for different premises in Petach Tikva, which was expanded in April 2016, consisting of up to approximately 140,000 squarefeet. We expect to move to the new premises during the second half of 2017. The new lease expires in June 2022. Our U.S. headquarters are located inNewton, Massachusetts in an office consisting of approximately 22,000 square feet. The lease for this office expires in April 2022 with the option to extendfor two successive five-year periods. We maintain additional sales offices in England, France, Germany, Singapore, Australia, Japan, Italy, Netherlands andTurkey. We believe that our facilities are sufficient to meet our current needs and that if we require additional space to accommodate our growth we will beable to obtain additional facilities on commercially reasonable terms. Legal Proceedings See "Item 8.A. Financial Information—Consolidated Financial Statements and Other Financial Information—Legal proceedings." C.Organizational Structure The legal name of our company is CyberArk Software Ltd. and we are organized under the laws of the State of Israel. We have five wholly-ownedsubsidiaries: CyberArk Software, Inc., Cyber-Ark Software (UK) Limited, CyberArk Software (Singapore) PTE. LTD., CyberArk Software (Japan) K.K.(established in 2017), and Viewfinity Ltd. (which became a wholly owned subsidiary following the acquisition conducted in 2015 and is expected to beliquidated in 2018). Our wholly-owned United Kingdom subsidiary, Cyber-Ark Software (UK) Limited, has four wholly-owned subsidiaries, which areincorporated in Germany, Italy, France and Netherlands, respectively: CyberArk Software (DACH) GmbH, CyberArk Software Italy S.r.l., CyberArk Software(France) SARL and CyberArk Software (Netherlands) B.V. Our wholly-owned subsidiary in Singapore, CyberArk Software (Singapore) PTE. LTD., has onewholly-owned subsidiary which is incorporated in Australia: CyberArk Software (Australia) Pty Ltd. Our wholly-owned subsidiary in the United States,CyberArk Software, Inc., has one wholly-owned subsidiary which is incorporated in Canada: CyberArk Software Canada Inc. (established in 2017). D. Property, Plants and Equipment See "Item 4.B.—Business Overview—Property" for a discussion of property, plants and equipment. ITEM 4A. UNRESOLVED STAFF COMMENTS Not applicable. ITEM 5.OPERATING AND FINANCIAL REVIEW AND PROSPECTS Company Overview We are a global leader and pioneer of a critical layer of IT security solutions that protects organizations from cyber attacks that have made their way insidethe network perimeter to strike at the heart of the enterprise. Our software solutions are focused on protecting privileged accounts, which have become acritical target in the lifecycle of today's cyber attacks. Privileged accounts act as the "keys to the IT kingdom," providing complete access to, and control of,all parts of IT infrastructure (whether located on premise or in the cloud), industrial control systems and critical business data. In the hands of an externalattacker or malicious insider, privileged accounts allow attackers to take control of and disrupt an organization's IT and industrial control infrastructures,steal confidential information and commit financial fraud. Our comprehensive solutions proactively protect privileged accounts, monitor privileged activity,detect malicious privileged behavior and enforce privilege security on the endpoint. Our customers use our innovative solutions to introduce this criticalsecurity layer to protect against, detect and respond to cyber attacks before they strike vital systems and compromise sensitive data. 35 We have a history of innovation. We started operations in 1999 with the vision of protecting high-value business data and pioneered our Digital Vaulttechnology, which is the foundation of our platform. That same year, we began offering our first product, the Sensitive Information Management Solution(previously called the Sensitive Document Vault), which provides a secure platform through which our customers' employees can share sensitive files. Webelieve our early innovation in vaulting technology enabled us to evolve into a company that provides comprehensive security solutions built for privilegedaccounts. In 2005, we introduced our Privileged Account Security Solution, which has become our leading offering and reflects our emphasis on protectingprivileged accounts across an organization. Our Privileged Account Security Solution leverages a shared technology platform and consists of severalproducts: Enterprise Password Vault, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, EndpointPrivilege Manager and On-Demand Privileges Manager.We derive our revenues from licensing our cybersecurity software, selling maintenance and support contracts, and providing professional services to theextent requested by customers. Our license revenues consist primarily of revenues from sales of our Privileged Account Security Solution. Our customerstypically purchase one year and, to a lesser extent, three years, of maintenance and support in conjunction with their initial purchase of perpetual licenses forour products. Thereafter, they can renew such maintenance and support for additional one or three-year periods. We seek to foster long-term relationships with our customers. We have a significant opportunity to generate additional revenues from our existing customersby helping them identify and address gaps in their current privileged account security strategy. Our platform provides our customers flexibility to initiallydeploy one or more of our products for a single use case and then expand usage over time to address more use cases, to add incremental licenses for moreusers or systems or to license additional products from our comprehensive platform. We measure the perpetual license maintenance renewal rate for ourcustomers over a 12-month period, based on a dollar renewal rate of contracts expiring during that time period. Our renewal rate for each of the years endedDecember 31, 2014, 2015 and 2016 was over 90%. Our key strategies to maintain our renewal rate include focusing on the quality and reliability of ourproduct updates and our technical support services. We sell our products directly and through a global network of channel partners, including distributors and resellers, who then sell to their end customers. In2016, we generated approximately 65% of our revenues through sales made by our global network of channel partners, with the balance being generatedthrough our direct sales force. When analyzing our business, we refer to end customers as our customers throughout this annual report. We believe that ourhybrid sales model, which combines the leverage of channel sales with the account control of direct sales, will continue to play an important role in thegrowth of our customer base. Our hybrid sales model has aided our global growth by allowing us to partner with local distributors while being able to use ourdirect sales team in locations where that approach is advantageous to our business. We market and sell our solutions to organizations in a variety of industries and geographies. As of December 31, 2016, we had approximately 3,100customers, including approximately 50% of the Fortune 100 companies and more than 25% of the Global 2000 companies. We define a customer to include adistinct entity, division or business unit of a company. The growth of our business and our future success depend on our ability to expand our customer baseand increase our sales to existing customers, which depend on many factors, including our ability to expand our sales force, introduce new products and growour relationships with channel partners. While each of these areas presents significant opportunities for us, they also pose important challenges and risks thatwe must successfully address in order to sustain the growth of our business and improve our results of operations. Additionally, the IT security market inwhich we operate is characterized by intense competition, constant innovation and evolving security needs, each of which may impact our ability to growour business. We have experienced strong growth over the last several years, as evidenced by a compound annual growth rate in revenues of 45.0% from 2014 to 2016. Wehave also increased our number of employees and subcontractors from 430 as of December 31, 2014 to 823 as of December 31, 2016. We intend to continueto execute on our strategy of growing our business to meet the needs of our customers and to pursue opportunities in new and to pursue opportunities in newand existing verticals, geographies and products. We intend to continue to invest in the development of our sales and marketing teams, with a particularfocus on expanding our channel partnerships, targeting new customers, creating technology partnerships and solidifying relationships with existingcustomers. We also plan to continue to invest in research and development in order to continue to develop technology for both existing and new on-premiseand cloud-based products and services. 36 During the years ended December 31, 2014, 2015 and 2016, our revenues were $103.0 million, $160.8 million and $216.6 million, respectively, representingyear-over-year growth of 56.1% and 34.7% in 2015 and 2016, respectively, and with maintenance and professional services comprising 37.7% and 39.3% ofour revenues in 2015 and 2016, respectively. Our net income for the years ended December 31, 2014, 2015 and 2016 was $10.0 million, $25.8 million and$28.1 million, respectively. Key Financial Metrics We monitor several key financial metrics to help us evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing effortsand assess operational efficiencies. The key financial metrics that we monitor are as follows: Year ended December 31, 2014 2015 2016 (in thousands) Revenues $102,999 $160,812 $216,613 Non-GAAP operating income(1) 22,027 43,641 58,014 Non-GAAP net income(1) 15,836 35,262 45,245 Net cash provided by operating activities 23,195 59,160 56,310 Total deferred revenues (as of period-end) 32,160 54,389 73,506 (1)For a reconciliation of non-GAAP operating income to operating income and of non-GAAP net income to net income, the nearest comparable GAAPmeasures, see "Item 3.A. Selected Financial Data." Revenues. We derive our revenues from licensing our cybersecurity software, selling maintenance and support contracts, and providing professional servicesto the extent requested by customers. We review our revenues generally to assess the overall health of our business and our license revenues in particular toassess the adoption of our software and our growth in the markets we serve. We consider our license revenues to be particularly important in assessing our results of operations because license fees impact both our short-term and long-term revenues. License purchases, whether by new customers or due to usage expansion by existing customers, impact our revenues favorably in the short-term because we recognize substantially all license fees immediately upon delivery. License purchases further contribute significantly to our revenues in thelong term because the size of our maintenance and support contracts is directly related to our licenses revenues but revenues from maintenance and supportcontracts are recognized on a straight-line basis over the term of the related contract. This fact, coupled with the high renewal rate for our maintenance andsupport contracts, means that a meaningful portion of the revenues we report each period are recognized from deferred revenues generated by maintenanceand support contracts entered into during previous quarters. The amount that a customer pays for a license can vary from a few thousand dollars to many millions of dollars depending on its scope. We generally licenseour products on a price per user or price per server basis; however, our license agreements with a small number of our largest customers do not contain anylimit on the number of users or servers in recognition of the size of the overall agreement. We also license certain of our products based on the number ofconcurrent sessions monitored or endpoints secured. As a result, we do not track, and are unable to track, the amount of license revenues we generate on a peruser or per server basis. We do, however, maintain internal price guidelines for different size transactions and, since our cost of license revenues is negligible,we generate incremental profit from every license. Although we are focused on growing our customer base, we also do not focus on the exact number ofcustomers that we add in a given period because our revenues are also a function of the size of initial sales to new customers and the size of upsells to existingcustomers. We seek to increase the number of large transactions that we enter into because they better leverage our operating expense base, and particularlyour sales and marketing expenses, and also generate larger maintenance and support contracts to drive future revenues and margins. 37 Because the size of our maintenance and support contracts is directly related to our licenses revenues and because the rates that we charge for professionalservices fluctuate very little, the drivers of changes in these sources of revenues have to date been volume-based. Historically, there has been little fluctuationin price when we renew a contract for maintenance and support or for professional services. While the demand for professional services is expected to increaseas our customers and license base grow, we expect that our channel partners will increase the amount of such services that they provide. Therefore, while weexpect an increase in the dollar amount of our professional services revenue, we do not expect our professional services revenues to increase materially as apercentage of total revenues. See "—Components of Statements of Operations—Revenues" for more information. Non-GAAP Operating Income and Non-GAAP Net Income. Non-GAAP operating income and non-GAAP net income are non-GAAP financial measures. Wedefine non-GAAP operating income and non-GAAP net income as operating income and net income, respectively, which each exclude (i) share-basedcompensation expense, (ii) expenses related to the March 2015 public offering of ordinary shares by certain of our shareholders and to the June 2015 publicoffering of ordinary shares by us and certain of our shareholders, (iii) expenses related to acquisitions and (iv) amortization of intangible assets related toacquisitions. Non-GAAP net income also excludes (i) financial expenses resulting from the revaluation of warrants to purchase preferred shares and (ii) taxeffects related to the non-GAAP adjustments set forth above. Because of varying available valuation methodologies, subjective assumptions and the variety of equity instruments that can impact a company's non-cashexpense, we believe that providing non-GAAP operating income and non-GAAP net income that exclude, as appropriate, share-based compensationexpenses, expenses relating to public offerings of our ordinary shares, financial expenses resulting from the revaluation of warrants to purchase preferredshares, expenses related to acquisitions, amortization of intangible assets related to acquisitions and the tax effects related to these non-GAAP adjustmentsallows for more meaningful comparisons between our operating results from period to period. Share-based compensation expense has been, and will continueto be for the foreseeable future, a significant recurring expense in our business and an important part of the compensation we provide to employees.Additionally, excluding financial expenses with respect to revaluation of warrants to purchase preferred shares allows for more meaningful comparisonbetween our net income from period to period. As these warrants were exercised in connection with our initial public offering, they are no longer revalued ateach balance sheet date. We also believe that expenses related to the public offerings of our ordinary shares in March 2015 and June 2015, expenses relatedto our acquisitions and amortization of intangible assets related to acquisitions, do not reflect the performance of our core business and would impact period-to-period comparability. Each of our non-GAAP financial measures is an important tool for financial and operational decision making and for evaluating ourown operating results over different periods of time. In particular, these financial measures reflect our operating expenses, the largest of which is currentlysales and marketing. Accordingly, we assess the effectiveness of our sales and marketing efforts in part by considering whether increases in such expendituresare reflected in increased revenues and increased non-GAAP operating income and non-GAAP net income. The material factors driving changes in thesefinancial measures are discussed under the subheading "Revenues" within "—Comparison of Period to Period Results of Operations." Net Cash Provided by Operating Activities. We monitor net cash provided by operating activities as a measure of our overall business performance. Our netcash provided by operating activities is driven in large part by net income and from up-front payments for maintenance and support contracts andprofessional services. Monitoring net cash provided by operating activities enables us to analyze our financial performance as it includes our deferredrevenues and removes the non-cash effects of certain items such as depreciation, amortization and share-based compensation expense, thereby allowing us tobetter understand and manage the cash needs of our business. The material factors driving changes in our net cash provided by operating activities arediscussed under "—Comparison of Period to Period Results of Operations." Total Deferred Revenues. Our total deferred revenues consist of amounts that have been collected but that have not yet been recognized as revenues becausethey do not meet the applicable criteria. The substantial majority of our deferred revenues consists of the unrecognized portion of upfront paymentsassociated with maintenance and support contracts. The remaining balance of our deferred revenues consists of payments for licenses, and, to a lesser extent,professional services that could not yet be recognized. We monitor our total deferred revenues because it represents a significant portion of revenues to berecognized in future periods. Substantially all of the increase in our total deferred revenues has been from growth in our maintenance and support contractswhich, in turn, is driven by growth of our license revenues. The material factors driving changes in our license revenues are discussed under "—Comparisonof Period to Period Results of Operations." 38 A.Operating Results The following discussion and analysis should be read in conjunction with the section titled "Item 3.A. Selected Financial Data" of this annual report andour consolidated financial statements and the related notes contained elsewhere in this annual report. This discussion and analysis may contain forward-looking statements based upon current expectations that involve risks and uncertainties. Our actual results may differ materially from those anticipated inthese forward-looking statements as a result of various factors, including those set forth in "Item 3.D. Risk Factors" of this annual report. Our financialstatements have been prepared in accordance with U.S. GAAP. Components of Statements of Operations Revenues Our revenues consist of the following: ☐License Revenues. License revenues are generated primarily from sales of licenses for our cybersecurity software: Privileged Account SecuritySolution and Sensitive Information Management Solution. ○Privileged Account Security Solution – the substantial majority of our license revenues has been from sales of our Privileged AccountSecurity Solution. Customers can purchase Enterprise Password Vault, SSH Key Manager, Privileged Session Manager, Privileged ThreatAnalytics, Application Identity Manager, Endpoint Privilege Manager and On-Demand Privileges Manager. We license our EnterprisePassword Vault to our customers based on the number of privileged account users. We offer customers the choice of licensing our PrivilegedSession Manager based on the number of devices secured or the number of concurrent sessions it monitors. We license our SSH KeyManager, Application Identity Manager and On-Demand Privileges Manager to our customers based on the number of servers that eachsuch product protects. We license our Privileged Threat Analytics to customers based on the number of protected endpoints, such as servers,desktops, databases or mobile devices. We license our Endpoint Privilege Manager to our customers based on the number of protectedendpoints such as servers and desktops. ○Sensitive Information Management Solution–we generate additional license revenues through sales of our Sensitive InformationManagement Solution, our first product to market. Customers license the Sensitive Information Management Solution based on thepermitted number of users of the software. ☐Maintenance and Professional Services Revenues. Maintenance revenues are generated from maintenance and support contracts purchased by ourcustomers in order to gain access to the latest software enhancements and updates on an 'if and when available' basis and to telephone and emailtechnical support. We also offer professional services focused on both deployment and training our customers to fully leverage the use of ourproducts. Geographic Breakdown of Revenues The United States is our biggest market, with the balance of our revenues generated from the EMEA region and the rest of the world, including North andSouth America (excluding the United States) as well as countries in the Asia Pacific and Japan region. The following table sets forth the geographicbreakdown of our revenues by region for the periods indicated: Year ended December 31, 2014 2015 2016 (in thousands) United States $60,761 59.0% $92,034 57.2% $125,749 58.1%EMEA 33,198 32.2% 50,644 31.5% 68,094 31.4%Rest of World 9,040 8.8% 18,134 11.3% 22,770 10.5% Total revenues $102,999 100.0% $160,812 100.0% $216,613 100.0% 39 Cost of Revenues Our total cost of revenues consists of the following: ☐Cost of License Revenues. Cost of license revenues consists primarily of shipping costs associated with delivery of our software, amortization ofintangible assets and license payments to third-party software vendors. We expect the absolute cost of license revenues to increase as our licenserevenues increase. ☐Cost of Maintenance and Professional Services Revenues. Cost of maintenance and professional services revenues primarily consists of personnel costsfor our global customer support and professional services organization. Such costs consist of salaries, benefits, bonuses, share-based compensation andsubcontractors' fees. We expect the absolute cost of maintenance and professional services revenues to increase as our customer base grows and as we hireadditional professional services and technical support personnel. Gross Profit and Gross Margin Gross profit is total revenues less total cost of revenues. Gross margin is gross profit expressed as a percentage of total revenues. Our gross margin hashistorically fluctuated slightly from period to period as a result of changes in the mix of license revenues and maintenance and professional services revenuesand we expect this pattern to continue. Operating Expenses Our operating expenses are classified into three categories: research and development, sales and marketing and general and administrative. For each category,the largest component is personnel costs, which consists of salaries, employee benefits (including commissions and bonuses) and share-based compensationexpense. Operating expenses also include allocated overhead costs for facilities and foreign currency hedging contracts gains and losses. Allocated costs forfacilities primarily consist of rent and office maintenance and utilities. Operating expenses are generally recognized as incurred. We expect personnel and allallocated costs to continue to increase in absolute dollars as we hire new employees and add facilities to continue to grow our business. We expect operatingmargins to decline in the near term compared to prior periods as we further increase our headcount to support the future growth of our business. Research and Development. Research and development expenses consist primarily of personnel costs attributable to our research and development personneland consultants as well as allocated overhead costs and amortization of intangibles assets. We expense research and development expenses as incurred. Weexpect that our research and development expenses will continue to increase in absolute dollars as we continue to grow our research and developmentheadcount to further strengthen our technology platform and invest in the development of both existing and new products. Sales and Marketing. Sales and marketing expenses are the largest component of our operating expenses and consist primarily of personnel costs, includingvariable compensation, as well as marketing and business development costs, product certifications, travel expenses, allocated overhead costs andamortization of intangibles assets. We expect that sales and marketing expenses will continue to increase in absolute dollars and, in the near term, as apercentage of our revenues as we plan to expand our sales and marketing efforts globally. We expect sales and marketing expenses will remain our largestcategory of operating expenses. General and Administrative. General and administrative expenses consist primarily of personnel costs for our executive, finance, human resources, legal andadministrative personnel. General and administrative expenses also include external legal, accounting and other professional service fees. We expect thatgeneral and administrative expense will increase in absolute dollars as we grow and expand our operations and operate as a public company, includinghigher legal, corporate insurance, investor relations and accounting expenses, and the additional costs relating to our ongoing regulatory compliance efforts. 40 Financial Income (Expenses), Net Financial income (expenses), net consists of interest income, foreign currency exchange gains or losses, foreign exchange forward transactions and warrantliability expenses. Interest income consists of interest earned on our cash, cash equivalents, short-term bank deposits and marketable securities. We expectinterest income to vary depending on our average investment balances and market interest rates during each reporting period. Foreign currency exchangechanges reflect gains or losses related to transactions denominated in currencies other than the U.S. dollar. Warrant liability changes relate to our preferredshare warrants. Our preferred share warrants were classified as a liability on our consolidated balance sheets and, as such, were remeasured to fair value eachperiod with a corresponding expense from the adjustment recorded as financial income (expenses), net. Immediately prior to the completion of our initialpublic offering, all of our preferred share warrants were exercised and, accordingly, we no longer record any financial expenses in respect of them on ourstatement of operations. As of the most recent reporting period, we did not have any indebtedness for borrowed amounts. Taxes on Income The standard corporate tax rate in Israel is currently 24.0%, and was 25.0% for 2016 and 26.5% for 2015. As of 2018, the corporate tax rate will be 23%. As discussed in greater detail below under "Israeli Tax Consideration and Government Programs", we have received various tax benefits under the InvestmentLaw. Under the Investment Law, our effective tax rate to be paid with respect to our Israeli taxable income under these benefits programs is 16.0%. Under the Investment Law and other Israeli legislation, we are entitled to certain additional tax benefits, including accelerated depreciation and amortizationrates for tax purposes on certain assets and deduction of public offering expenses in three equal annual installments. Our non-Israeli subsidiaries are taxed according to the tax laws in their respective jurisdictions of organization. Due to our multi-jurisdictional operations, weapply significant judgment to determine our consolidated income tax position. Comparison of Period to Period Results of Operations The following table sets forth our results of operations in dollars and as a percentage of revenues for the periods indicated: Year ended December 31, 2014 2015 2016 Amount % ofRevenues Amount % ofRevenues Amount % ofRevenues (in thousands, except for %) Revenues: License $61,320 59.5% $100,113 62.3% $131,530 60.7%Maintenance and professional services 41,679 40.5 60,699 37.7 85,083 39.3 Total revenues 102,999 100.0 160,812 100.0 216,613 100.0 Cost of revenues: License 2,654 2.6 5,088 3.2 4,726 2.2 Maintenance and professional services 12,053 11.7 17,572 10.9 25,425 11.7 Total cost of revenues 14,707 14.3 22,660 14.1 30,151 13.9 Gross profit 88,292 85.7 138,152 85.9 186,462 86.1 Operating expenses: Research and development 14,400 14.0 21,734 13.5 34,614 16.0 Sales and marketing 44,943 43.6 66,206 41.2 93,775 43.3 General and administrative 8,495 8.2 16,990 10.6 22,117 10.2 Total operating expenses 67,838 65.8 104,930 65.3 150,506 69.5 Operating income 20,454 19.9 33,222 20.6 35,956 16.6 Financial income (expenses), net (5,988) (5.8) (1,479) (0.9) 245 0.1 Income before taxes on income 14,466 14.1 31,743 19.7 36,201 16.7 Taxes on income (4,512) (4.4) (5,949) (3.7) (8,077) (3.7) Net income $9,954 9.7% $25,794 16.0% $28,124 13.0% 41 Year Ended December 31, 2015 Compared to Year Ended December 31, 2016 Revenues Year ended December 31, 2015 2016 Change Amount % ofRevenues Amount % ofRevenues Amount % ($ in thousands) Revenues: License $100,113 62.3% $131,530 60.7% $31,417 31.4%Maintenance and professional services 60,699 37.7 85,083 39.3 24,384 40.2 Total revenues $160,812 100.0% $216,613 100.0% $55,801 34.7% Revenues increased by $55.8 million, or 34.7%, from $160.8 million in 2015 to $216.6 million in 2016. This increase was due to increased sales of oursolutions. This increase was also driven by growth in both our license revenues and our maintenance and professional services revenues. This growth wasmost pronounced in the United States, where revenues increased by $33.7 million compared to increases of $17.5 million in EMEA and $4.6 million in therest of the world. The significant increase in revenues from the United States primarily resulted from a higher volume of deals including large transactions ofgreater than $1.0 million each that together accounted for $21.6 million. Multiple large transactions or even a single large transaction in a specific periodcould materially impact relative growth rates among our different regions for a particular period. We increased our number of customers from approximately2,500 as of December 31, 2015 to approximately 3,100 as of December 31, 2016. License revenues increased by $31.4 million, or 31.4%, from $100.1 million in 2015 to $131.5 million in 2016. In 2016, approximately 60.0% of licenserevenues were generated from sales to customers from whom we had generated revenues before this period. Substantially all of the license revenue growthresulted from increased sales of our Privileged Account Security Solution, driven by increased demand for our Enterprise Password Vault and PrivilegedSession Manager. Maintenance and professional services revenues increased by $24.4 million, or 40.2%, from $60.7 million in 2015 to $85.1 million in 2016. Maintenancerevenues increased by $21.3 million from $48.1 million in 2015 to $69.4 million in 2016, with renewals accounting for approximately $11.9 million andinitial maintenance contracts for approximately $9.4 million, respectively, of this increase. Professional services revenues increased by $3.1 million from$12.6 million in 2015 to $15.7 million in 2016 primarily due to the provision of more services to customers. 42 Cost of Revenues and Gross Profit Year ended December 31, 2015 2016 Change Amount % of Revenues Amount % of Revenues Amount % ($ in thousands) Cost of revenues: License $5,088 3.2% $4,726 2.2% $(362) (7.1)%Maintenance and professional services 17,572 10.9 25,425 11.7 7,853 44.7 Total cost of revenues $22,660 14.1% $30,151 13.9% $7,491 33.1% Gross profit $138,152 85.9% $186,462 86.1% $48,310 35.0% Cost of license revenues decreased by $0.4 million, or 7.1%, from $5.1 million in 2015 to $4.7 million in 2016. The decrease in cost of license revenues wasdriven primarily by the contribution of our in-house Endpoint Privilege Manager product compared to the third-party product resold in 2015. Cost of maintenance and professional services revenues increased by $7.8 million, or 44.7%, from $17.6 million in 2015 to $25.4 million in 2016. Theincrease in cost of maintenance and professional services revenues was driven primarily by a $6.2 million increase in personnel costs and related expenses asour technical support and professional services headcount grew from 118 at the end of 2015 to 166 at the end of 2016. Gross profit increased by $48.3 million, or 35.0%, from $138.2 million in 2015 to $186.5 million in 2016. Gross margins increased from 85.9% in 2015 to86.1% in 2016. This increase was driven by our revenue growth outpacing the growth of our cost of revenue as well as higher margin contribution of our in-house Endpoint Privilege Manager product compared to the third-party product resold in 2015. Operating Expenses Year ended December 31, 2015 2016 Change Amount % ofRevenues Amount % ofRevenues Amount % ($ in thousands) Operating expenses: Research and development $21,734 13.5% $34,614 16.0% $12,880 59.3%Sales and marketing 66,206 41.2 93,775 43.3 27,569 41.6 General and administrative 16,990 10.6 22,117 10.2 5,127 30.2 Total operating expenses $104,930 65.3% $150,506 69.5% $45,576 43.4% 43 Research and Development. Research and development expenses increased by $12.9 million, or 59.3%, from $21.7 million in 2015 to $34.6 million in 2016.This increase was primarily attributable to a $10.3 million increase in personnel costs and related expenses as we increased our research and developmentteam headcount from 176 at the end of 2015 (including approximately 30 employees who joined us following the acquisitions of Cybertinel and Viewfinitywhich occurred in the second half of 2015) to 205 at the end of 2016 to support continued investment in our future product and service offerings. Theincrease was also attributable to a $1.2 million increase related to amortization of intangible assets from our acquisitions. Sales and Marketing. Sales and marketing expenses increased by $27.6 million, or 41.6%, from $66.2 million in 2015 to $93.8 million in 2016. This increasewas primarily attributable to a $19.6 million increase in personnel costs and related expenses due to increased headcount in all regions to expand our salesand marketing organization coupled with a $3.1 million increase in expenses related to our marketing programs and a $1.6 million increase in travel andrelated expenses. The increase was also attributable to a $1.2 million increase related to amortization of intangible assets from our acquisitions. Our sales andmarketing headcount grew from 294 at the end of 2015 to 377 at the end of 2016. General and Administrative. General and administrative expenses increased by $5.1 million, or 30.2%, from $17.0 million in 2015 to $22.1 million in 2016.This increase was primarily attributable to an increase of $4.3 million in personnel costs and related expenses due to increased headcount. Financial Income (Expenses), Net. Financial income (expenses), net changed by $1.7 million from $1.5 million of expenses in 2015 to $0.2 million ofincome in 2016. This change resulted primarily from an increase of $1.4 million in interest income from investments in marketable securities and short andlong term deposits. Taxes on Income. Taxes on income increased from $5.9 million in 2015 to $8.1 million in 2016. This increase was attributable to the increase in pre-taxincome coupled with certain tax benefits we were able to recognize in 2015 resulting from acquisitions. Year Ended December 31, 2014 Compared to Year Ended December 31, 2015 Revenues Year ended December 31, 2014 2015 Change Amount % ofRevenues Amount % ofRevenues Amount % ($ in thousands) Revenues: License $61,320 59.5% $100,113 62.3% $38,793 63.3%Maintenance and professional services 41,679 40.5 60,699 37.7 19,020 45.6 Total revenues $102,999 100.0% $160,812 100.0% $57,813 56.1% Revenues increased by $57.8 million, or 56.1%, from $103.0 million in 2014 to $160.8 million in 2015. This increase was due to increased sales of oursolutions. This increase was also driven by growth in both our license revenues and our maintenance and professional services revenue. This growth was mostpronounced in the United States where revenues increased by $31.3 million compared to increases of $17.4 million in EMEA and $9.1 million in the rest ofthe world. The significant increase in revenues from the United States primarily resulted from a higher volume of deals including large transactions of greaterthan $1.0 million each that together accounted for $11.7 million. Multiple large transactions or even a single large transaction in a specific period couldmaterially impact relative growth rates among our different regions for a particular period. We increased our number of customers from approximately 1,800as of December 31, 2014 to approximately 2,500 as of December 31, 2015.License revenues increased by $38.8 million, or 63.3%, from $61.3 million in 2014 to $100.1 million in 2015. In 2015, approximately 50% of licenserevenues were generated from sales to customers from whom we had generated revenues before this period. Substantially all of the license revenue growthresulted from increased sales of our Privileged Account Security Solution, driven by increased demand for our Enterprise Password Vault and PrivilegedSession Manager.44 Maintenance and professional services revenues increased by $19.0 million, or 45.6%, from $41.7 million in 2014 to $60.7 million in 2015. Maintenancerevenues increased by $15.0 million from $33.1 million in 2014 to $48.1 million in 2015, with renewals accounting for approximately $4.7 million andinitial maintenance contracts for approximately $10.3 million, respectively, of this increase. Professional services revenues increased by $4.0 million from$8.6 million in 2014 to $12.6 million in 2015 due to the provision of more services to customers.Cost of Revenues and Gross Profit Year ended December 31, 2014 2015 Change Amount % ofRevenues Amount % ofRevenues Amount % ($ in thousands) Cost of revenues: License $2,654 2.6% $5,088 3.2% $2,434 91.7%Maintenance andprofessional services 12,053 11.7 17,572 10.9 5,519 45.8 Total cost of revenues $14,707 14.3% $22,660 14.1% $7,953 54.1% Gross profit $88,292 85.7% $138,152 85.9% $49,860 56.5% Cost of license revenues increased by $2.4 million, or 91.7%, from $2.7 million in 2014 to $5.1 million in 2015. The increase in cost of license revenues wasdriven primarily by an increase in license revenue and amortization of intangible assets from our recent acquisitions. Cost of maintenance and professional services revenues increased by $5.5 million, or 45.8%, from $12.1 million in 2014 to $17.6 million in 2015. Theincrease in cost of maintenance and professional services revenues was driven primarily by a $3.5 million increase in personnel costs and related expenses asour technical support and professional services headcount grew from 76 at the end of 2014 to 118 at the end of 2015. Gross profit increased by $49.9 million, or 56.5%, from $88.3 million in 2014 to $138.2 million in 2015. Gross margins increased from 85.7% in 2014 to85.9% in 2015. This increase was driven by our revenue growth outpacing the growth of our cost of revenue. 45 Operating Expenses Year ended December 31, 2014 2015 Change Amount % ofRevenues Amount % ofRevenues Amount % ($ in thousands) Operating expenses: Research and development $14,400 14.0% $21,734 13.5% $7,334 50.9%Sales and marketing 44,943 43.6 66,206 41.2 21,263 47.3 General and administrative 8,495 8.2 16,990 10.6 8,495 100.0 Total operating expenses $67,838 65.8% $104,930 65.3% $37,092 54.7% Research and Development. Research and development expenses increased by $7.3 million, or 50.9%, from $14.4 million in 2014 to $21.7 million in 2015.This increase was primarily attributable to a $5.7 million increase in personnel costs and related expenses as we increased our research and development teamheadcount from 119 at the end of 2014 to 176 at the end of 2015 to support continued investment in our future product and service offerings. The increasewas also attributable to a $0.7 million increase related to amortization of intangible assets from our recent acquisitions. Sales and Marketing. Sales and marketing expenses increased by $21.3 million, or 47.3%, from $44.9 million in 2014 to $66.2 million in 2015. This increasewas primarily attributable to a $17.5 million increase in expenses for salaries and related expenses due to increased headcount in all regions to expand oursales and marketing organization coupled with a $1.6 million increase in expenses related to our marketing programs and a $0.7 million increase in traveland related expenses. Our sales and marketing headcount grew from 202 at the end of 2014 to 294 at the end of 2015. General and Administrative. General and administrative expenses increased by $8.5 million, or 100.0%, from $8.5 million in 2014 to $17.0 million in 2015.This increase was primarily attributable to an increase of $4.0 million in payroll expenses, including variable compensation to executive management, due toincreased headcount coupled with a $3.5 million increase in legal and accounting fees of which $2.2 million was expenses related to acquisitions andexpenses related to the public offerings of our ordinary shares in March 2015 and June 2015. Financial Expenses, Net. Financial expenses decreased by $4.5 million from $6.0 million in 2014 to $1.5 million in 2015. This decrease resulted primarilyfrom expenses associated with the revaluation of fair value of warrants to purchase series B3 preferred shares of $4.3 million in 2014. Taxes on Income. Taxes on income increased from $4.5 million in 2014 to $5.9 million in 2015. This increase was attributable to the increase in pre-taxincome partially offset by tax benefits we had from our recent acquisitions. Application of Critical Accounting Policies and Estimates Our accounting policies and their effect on our financial condition and results of operations are more fully described in our consolidated financial statementsincluded elsewhere in this annual report. We have prepared our financial statements in conformity with U.S. GAAP, which requires management to makeestimates and assumptions that in certain circumstances affect the reported amounts of assets and liabilities, revenues and expenses and disclosure ofcontingent assets and liabilities. These estimates are prepared using our best judgment, after considering past and current events and economic conditions.While management believes the factors evaluated provide a meaningful basis for establishing and applying sound accounting policies, management cannotguarantee that the estimates will always be consistent with actual results. In addition, certain information relied upon by us in preparing such estimatesincludes internally generated financial and operating information, external market information, when available, and when necessary, information obtainedfrom consultations with third-parties. Actual results could differ from these estimates and could have a material adverse effect on our reported results. See"Item 3.D. Risk Factors" for a discussion of the possible risks which may affect these estimates. We believe that the accounting policies discussed below are critical to our financial results and to the understanding of our past and future performance, asthese policies relate to the more significant areas involving management's estimates and assumptions. We consider an accounting estimate to be critical if:(1) it requires us to make assumptions because information was not available at the time or it included matters that were highly uncertain at the time we weremaking our estimate; and (2) changes in the estimate could have a material impact on our financial condition or results of operations. 46 Revenue Recognition We account for our software licensing sales in accordance with the Financial Accounting Standards Board, or FASB, Accounting Standards Codification, orASC, 985-605, "Software Revenue Recognition." ASC 985-605 generally requires revenues earned on software arrangements involving multiple elements tobe allocated to each element based on the relative fair value of the elements when Vendor Specific Objective Evidence, or VSOE, of fair value exists for allelements and to be allocated to the different elements in the arrangement under the "residual method" when VSOE of fair value exists for all undeliveredelements and no VSOE exists for the delivered elements. Maintenance and professional services are sold separately and therefore the selling price (VSOE) is based on stand-alone transactions. Under the residual method, at the outset of the arrangement with the customer, we defer revenues for the fair value of our undelivered elements and recognizerevenues for the remainder of the arrangement fee attributable to the elements initially delivered in the arrangement (software product) when all other criteriain ASC 985-605 have been met. Any discount in the arrangement is allocated to the delivered element. We recognize software license revenues when persuasive evidence of an arrangement exists, the software license has been delivered, there are no uncertaintiessurrounding product acceptance, there are no significant future performance obligations, the license fees are fixed or determinable and collection of thelicense fee is considered probable. Fees for arrangements with payment terms extending beyond customary payment terms are considered not to be fixed ordeterminable, in which case revenues are deferred and recognized when payments become due from the customer provided that all other revenue recognitioncriteria have been met. Revenues from maintenance and support contracts are recognized ratably on a straight-line basis over the term of the related contract which is typically oneyear and, to a lesser extent, three years, and revenues from professional services which consist mostly of time and material services are recognized as theservices are performed. Our agreements with resellers are non-exchangeable, non-refundable, non-returnable and carry no rights of price protection.Accordingly, we consider resellers as customers. We do not grant a right of return to our customers. In transactions where a customer's contractual terms include a substantive provision for customeracceptance, revenues are recognized when such acceptance has been obtained or when the acceptance provision has lapsed. Deferred revenues include unearned amounts received under maintenance and support contracts, professional services and amounts received from customersfor licenses that do not meet the revenue recognition criteria as of the balance sheet date. Derivative instruments ASC No. 815, "Derivative and Hedging", requires companies to recognize all of their derivative instruments as either assets or liabilities in the statement offinancial position at fair value. For those derivative instruments that are designated and qualify as hedging instruments, a company must designate thehedging instrument, based upon the exposure being hedged, as a fair value hedge, cash flow hedge or a hedge of a net investment in a foreign operation. For derivative instruments that are designated and qualify as a cash flow hedge (i.e., hedging the exposure to variability in expected future cash flows that isattributable to a particular risk), the effective portion of the gain or loss on the derivative instrument is reported as a component of other comprehensiveincome and reclassified into earnings in the same period or periods during which the hedged transaction affects earnings. The remaining gain or loss on thederivative instrument in excess of the cumulative change in the present value of future cash flows of the hedged item, if any, is recognized in current earningsduring the period of change. To hedge against the risk of overall changes in cash flows resulting from foreign currency salary payments during the year, we have instituted a foreigncurrency cash flow hedging program. We hedge a portion of our forecasted expenses denominated in NIS. These forward and option contracts are designatedas cash flow hedges, as defined by ASC 815, and are all effective, as their critical terms match underlying transactions being hedged. In addition to the derivatives that are designated as hedges as discussed above, we also enter into certain foreign exchange forward transactions toeconomically hedge certain account receivables in Euro and GBP. Gains and losses related to such derivative instruments are recorded in financial income(expenses), net. 47 Share-Based Compensation Option Valuations Under U.S. GAAP, we account for share-based compensation for employees in accordance with the provisions of the FASB's ASC Topic 718 "Compensation—Stock Based Compensation," or ASC 718, which requires us to measure the cost of options based on the fair value of the award on the grant date. We selected the Black-Scholes-Merton option pricing model as the most appropriate method for determining the estimated fair value of options. Theresulting cost of an equity incentive award is recognized as an expense over the requisite service period of the award, which is usually the vesting period. Werecognize compensation expense over the vesting period using the straight-line method and classify these amounts in the consolidated financial statementsbased on the department to which the related employee reports. The determination of the grant date fair value of options using the Black-Scholes-Merton option pricing model is affected by estimates and assumptionsregarding a number of complex and subjective variables. These variables include the expected volatility of our share price over the expected term of theoptions, share option exercise, cancellation behaviors, risk-free interest rates and expected dividends, which are estimated as follows: ☐ Fair Value of our Ordinary Shares. Because our shares were not publicly traded before September 24, 2014, we estimated the fair value ofordinary shares based on a number of objective and subjective factors consistent with the methodologies outlined in the American Institute ofCertified Public Accountants Practice Aid, Valuation of Privately-Held-Companies Equity Securities Issued as Compensation, and based onindependent third-party valuations that we obtained on a periodic basis. Following our initial public offering on September 24, 2014, ourordinary shares are publicly traded, and therefore we currently base the value of our ordinary shares on their market price. ☐ Expected Term. The expected term of options granted represents the period of time that options granted are expected to be outstanding, and isdetermined based on the simplified method in accordance with ASC No. 718-10-S99-1, (SAB No. 110), as adequate historical experience is notavailable to provide a reasonable estimate. ☐Volatility. The expected share price volatility was based on the historical equity volatility of the ordinary shares of comparable companies thatare publicly traded. ☐Risk-free Rate. The risk-free interest rate is based on the yield from U.S. Treasury zero-coupon bonds with a term equivalent to the contractuallife of the options. ☐Dividend Yield. We have never declared or paid any cash dividends and do not presently plan to pay cash dividends in the foreseeable future.Consequently, we used an expected dividend yield of zero. Warrants to Purchase Preferred Shares Prior to our initial public offering, we accounted for freestanding warrants to purchase our preferred shares as a liability on our balance sheet at fair value. Werecorded warrants to purchase preferred shares as a liability because the underlying preferred shares were contingently redeemable (upon a deemedliquidation event) and, therefore, could have required us to transfer assets. The warrants were subject to re-measurement to fair value at each balance sheetdate and any change in fair value was recognized as a component of financial income (expense), net, on the consolidated statements of comprehensiveincome. We recorded the warrants at their estimated fair value utilizing the option pricing model with changes in the fair value of the warrant liability reflected infinancial income (expense), net. Upon the completion of our initial public offering, the warrants were exercised to Series B3 preferred shares and laterconverted to ordinary shares. We re-measured the warrants as of the conversion date using the intrinsic value based on the initial public offering price. 48 During the year ended December 31, 2014, we recognized financial expenses in the amount of $4.3 million from the re-measurement of the fair value of thewarrants. Goodwill and other Intangible Assets Goodwill and certain other purchased intangible assets have been recorded in our financial statements as a result of acquisitions. Goodwill represents excessof the costs over the net tangible and intangible assets acquired of businesses acquired under ASC No. 350, "Intangible - Goodwill and other," ("ASC 350")according to which goodwill is not amortized. In addition, the costs of intangible assets that were purchased from others for use in research and developmentactivities were recorded as assets to the extent that they have alternative future use. ASC 350 requires goodwill to be tested for impairment at least annually or between annual tests in certain circumstances, and written down when impaired.We operate as one reporting unit. Therefore, goodwill is tested for impairment by comparing the fair value of the reporting unit with its carrying value. Weelect to perform an annual impairment test of goodwill as of October 1 of each year, or more frequently if impairment indicators are present. Purchased intangible assets with finite lives are carried at cost, less accumulated amortization. Amortization is computed over the estimated useful lives ofthe respective assets which range from one to 13 years. Acquired customer relationship and backlog are amortized over their estimated useful lives inproportion to the economic benefits realized. Other intangible assets consist primarily of technology are amortized over their estimated useful lives on astraight-line basis. For the years ended December 31, 2015 and 2016, no impairment losses were identified. Income Taxes As part of the process of preparing our consolidated financial statements we are required to estimate our taxes in each of the jurisdictions in which we operate.We account for income taxes in accordance with ASC Topic 740, "Income Taxes," or ASC Topic 740. ASC Topic 740 prescribes the use of an asset andliability method whereby deferred tax asset and liability account balances are determined based on the temporary difference between book value and taxbases of assets and liabilities and carryforward tax losses. Deferred taxes are measured using the enacted tax rates and laws that will be in effect when thedifferences are expected to reverse. We exercise judgment and provide a valuation allowance, if necessary, to reduce deferred tax assets to their estimatedrealizable value if it is more likely than not that some portion or all of the deferred tax asset will not be realized. We established reserves for uncertain tax positions based on the evaluation of whether or not the Company's uncertain tax position is "more likely than not"to be sustained upon examination. The Company records interest and penalties pertaining to its uncertain tax positions in the financial statements as incometax expense. Israeli Tax Considerations and Government Programs The following is a brief summary of the material Israeli tax laws applicable to us, and certain Israeli Government programs that benefit us. To the extent thatthe discussion is based on new tax legislation that has not yet been subject to judicial or administrative interpretation, we cannot assure you that theappropriate tax authorities or the courts will accept the views expressed in this discussion. The discussion below is subject to change, including due toamendments under Israeli law or changes to the applicable judicial or administrative interpretations of Israeli law, which change could affect the taxconsequences described below. General Corporate Tax Structure in Israel Israeli companies are generally subject to corporate tax on their taxable income. In 2017, the corporate tax rate is 24.0% (in 2015 and 2016, the corporate taxrate was 26.5% and 25.0%, respectively). In 2018, the corporate tax rate will be 23%. However, the effective tax rate payable by a company that derivesincome from an Approved Enterprise, a Benefited Enterprise or a Preferred Enterprise (as discussed below) may be considerably less. Capital gains derived byan Israeli company are generally subject to tax at the prevailing regular corporate tax rate. 49 Tax Benefits and Grants for Research and Development Israeli tax law allows, under certain conditions, a tax deduction for research and development expenditures, including capital expenditures, for the year inwhich they are incurred if: ☐the expenditures are approved by the relevant Israeli government ministry, determined by the field of research; ☐the research and development is for the promotion or development of the company; and ☐the research and development is carried out by or on behalf of the company seeking the deduction. However, the amount of such deductible expenses shall be reduced by the sum of any funds received through government grants for the finance of suchscientific research and development projects. Expenditures not so approved are deductible over a three-year period from the first year that the expenditureswere made if the research or development is for the promotion or development of the company. Law for the Encouragement of Industry (Taxes), 5729-1969 The Law for the Encouragement of Industry (Taxes), 5729-1969, generally referred to as the Industry Encouragement Law, provides several tax benefits for"Industrial Companies". The Industry Encouragement Law defines an "Industrial Company" as an Israeli resident company which was incorporated in Israel, of which 90% or more ofits income in any tax year, other than income from certain government loans, is derived from an "Industrial Enterprise" owned by it and located in Israel. An"Industrial Enterprise" is defined as an enterprise whose principal activity in a given tax year is industrial production. The following tax benefits, among others, are available to Industrial Companies: ☐ deduction of the cost of purchased know-how, patents and rights to use a patent and know-how which are used for the development orpromotion of the Industrial Enterprise, over an eight-year period commencing on the year in which such rights were first exercised; ☐under limited conditions, an election to file consolidated tax returns together with Israeli Industrial Companies controlled by it; and ☐expenses related to a public offering are deductible in equal amounts over three years commencing on the year of offering. Eligibility for benefits under the Industry Encouragement Law is not contingent upon the approval of any governmental authority. We believe that wequalify as an Industrial Company within the meaning of the Industry Encouragement Law. The Israel Tax Authority may determine that we do not qualify asan Industrial Company, which could entail our loss of the benefits that relate to this status. There can be no assurance that we will continue to qualify as anIndustrial Company or that the benefits described above will be available in the future. Law for the Encouragement of Capital Investments, 5719-1959 The Law for the Encouragement of Capital Investments, 5719-1959, generally referred to as the Investment Law, provides certain incentives for capitalinvestments in production facilities (or other eligible assets) by "Industrial Enterprises" (as defined under the Investment Law). The Investment Law was significantly amended effective April 1, 2005, or the 2005 Amendment, further amended as of January 1, 2011, or the 2011Amendment, and further amended as of January 1, 2017, or the 2017 Amendment. Pursuant to the 2005 Amendment, tax benefits granted in accordance withthe provisions of the Investment Law prior to its revision by the 2005 Amendment remain in force but any benefits granted subsequently are subject to theprovisions of the 2005 Amendment. Similarly, the 2011 Amendment introduced new benefits to replace those granted in accordance with the provisions ofthe Investment Law in effect prior to the 2011 Amendment. However, companies entitled to benefits under the Investment Law as in effect prior to January 1,2011 were entitled to choose to continue to enjoy such benefits, provided that certain conditions are met, or elect instead, irrevocably, to forego such benefitsand have the benefits of the 2011 Amendment apply. The 2017 Amendment introduces new benefits for Technological Enterprises, alongside the existing taxbenefits. 50 Tax Benefits Prior to the 2005 Amendment An investment program that is implemented in accordance with the provisions of the Investment Law prior to the 2005 Amendment, referred to as an"Approved Enterprise", is entitled to certain benefits. A company that wished to receive benefits as an Approved Enterprise must have received approval fromthe Israeli Authority for Investments and Development of the Industry and Economy, or the Investment Center. Each certificate of approval for an ApprovedEnterprise relates to a specific investment program, delineated both by the financial scope of the investment, including sources of funds, and by the physicalcharacteristics of the facility or other assets. In general, an Approved Enterprise is entitled to receive a cash grant from the Government of Israel or an alternative package of tax benefits, known as thealternative benefits track. The tax benefits available under any certificate of approval relate only to taxable income attributable to the specific program andare contingent upon meeting the criteria set out in such certificate. Income derived from activity that is not integral to the activity of the Approved Enterprisewill not enjoy tax benefits. The tax benefits under the alternative benefits track include an exemption from corporate tax on undistributed income which was generated from anApproved Enterprise for between two and ten years from the first year of taxable income, depending on the geographic location of the Approved Enterprisefacility within Israel, and the taxation of income generated from an Approved Enterprise at a reduced corporate tax rate of between 10% to 25% for theremainder of the benefits period, depending on the level of foreign investment in the company in each year, as detailed below. The benefits commence on thedate in which that taxable income is first earned. The benefits period under Approved Enterprise status is limited to 12 years from the year in which theproduction commenced (as determined by the Investment Center), or 14 years from the year of receipt of the approval as an Approved Enterprise, whicheverends earlier. If a company has more than one Approved Enterprise program or if only a portion of its capital investments are approved, its effective tax rates isthe result of a weighted combination of the applicable tax rates. The entitlement to the above benefits is subject to fulfillment of certain conditions,according to the law and related regulations. In addition, a company that has an Approved Enterprise program is eligible for further tax benefits if it qualifies as a Foreign Investors' Company, or an FIC,which is a company with a level of foreign investment, as defined in the Investment Law, of more than 25%. The level of foreign investment is measured asthe percentage of rights in the company (in terms of shares, rights to profits, voting and appointment of directors), and of combined share and loan capital,that are owned, directly or indirectly, by persons who are not residents of Israel. The determination as to whether a company qualifies as an FIC is made on anannual basis. A company that qualifies as an FIC and has an Approved Enterprise program is eligible for an extension of the period during which it is to taxbenefits under its Approved Enterprise status (so that the benefits period may be up to ten years) and for further tax benefits if the level of foreign investmentis 49% or more. If a company that has an Approved Enterprise program is a wholly owned subsidiary of another company, then the percentage of foreigninvestments is determined based on the percentage of foreign investment in the parent company. As specified above, depending on the geographic locationof the Approved Enterprise within Israel, income derived from the Approved Enterprise program may be exempt from tax on its undistributed income for aperiod of between two to ten years, and will be subject to a reduced corporate tax rate for the remainder of the benefits period. The tax rate for the remainderof the benefits period will be 25%, unless the level of foreign investment is at least 49% (20% if the foreign investment is 49% or more but less than 74%;15% if 74% or more but less than 90%; and 10% if 90% or more). If a company elects the alternative benefits track and subsequently distributes a dividend out of income derived by its Approved Enterprise during the taxexemption period it will be subject to corporate tax in respect of the amount of the distributed dividend (grossed-up to reflect the pre-tax income that itwould have had to earn in order to distribute the dividend) at the corporate tax rate which would have been otherwise applicable if such income had not beentax-exempted under the alternative benefits track. This rate generally ranges from 10% to 25%, depending on the level of foreign investment in the companyin each year, as explained above. In addition, dividends paid out of income attributed to an Approved Enterprise (or out of dividends received from acompany whose income is attributed to an Approved Enterprise) are generally subject to withholding tax at source at the rate of 15% or such lower rate asmay be provided in an applicable tax treaty (subject to the receipt in advance of a valid certificate from the Israel Tax Authority allowing for a reduced taxrate). The 15% tax rate is limited to dividends and distributions out of income derived during the benefits period and actually paid at any time up to 12 yearsthereafter. After this period, the withholding tax is applied at a rate of up to 30%, or at the lower rate under an applicable tax treaty (subject to the receipt inadvance of a valid certificate from the Israel Tax Authority allowing for a reduced tax rate). In the case of an FIC, the 12-year limitation on reducedwithholding tax on dividends does not apply. 51 The Investment Law also provides that an Approved Enterprise is entitled to accelerated depreciation on its property and equipment that are included in anApproved Enterprise program during the first five years in which the equipment is used. This benefit is an incentive granted by the Israeli governmentregardless of whether the alternative benefits program is elected. The benefits available to an Approved Enterprise are subject to the continued fulfillment of conditions stipulated in the Investment Law and its regulationsand the criteria in the specific certificate of approval, as described above. If a company does not meet these conditions, it would be required to refund theamount of tax benefits, adjusted to the Israeli consumer price index, and interest, or other monetary penalties. Until 2013 tax year, we had Approved Enterprise programs under the Investment Law, which, we believe, entitled us to certain tax benefits. Tax Benefits Subsequent to the 2005 Amendment The 2005 Amendment applies to new investment programs commencing after 2004, but does not apply to investment programs approved prior to April 1,2005. The 2005 Amendment provides that terms and benefits included in any certificate of approval that was granted before the 2005 Amendment becameeffective (April 1, 2005) will remain subject to the provisions of the Investment Law as in effect on the date of such approval. Pursuant to the 2005Amendment, the Investment Center will continue to grant Approved Enterprise status to qualifying investments. The 2005 Amendment, however, limits thescope of enterprises that may be approved by the Investment Center by setting criteria for the approval of a facility as an Approved Enterprise. An enterprise that qualifies under the new provisions is referred to as a "Benefited Enterprise", rather than "Approved Enterprise". The 2005 Amendmentprovides that a certificate of approval from the Investment Center will only be necessary for receiving cash grants. As a result, it was no longer necessary for acompany to obtain the advance approval of the Investment Center in order to receive the tax benefits previously available under the alternative benefitstrack. Rather, a company may claim the tax benefits offered by the Investment Law directly in its tax returns, provided that its facilities meet the criteria fortax benefits set forth in the 2005 Amendment. A company that has a Benefited Enterprise may, at its discretion, approach the Israel Tax Authority for a pre-ruling confirming that it is in compliance with the provisions of the Investment Law.Tax benefits are available under the 2005 Amendment to production facilities (or other eligible facilities) which are generally required to derive more than25% of their business income from export to specific markets with a population of at least 14 million in 2012 (such export criteria will further be increased inthe future by 1.4% per annum). In order to receive the tax benefits, the 2005 Amendment states that a company must make an investment which meets certainconditions set forth in the amendment for tax benefits, including exceeding a minimum investment amount specified in the Investment Law. Such investmententitles a company to receive a "Benefited Enterprise" status with respect to the investment, and may be made over a period of no more than three years fromthe end of the year in which the company chose to have the tax benefits apply to its Benefited Enterprise. Where a company requests to have the tax benefitsapply to an expansion of existing facilities, only the expansion will be considered to be a Benefited Enterprise and the company's effective tax rate will bethe weighted average of the applicable rates. In such case, the minimum investment required in order to qualify as a Benefited Enterprise must exceed acertain percentage of the value of the company's production assets before the expansion. The extent of the tax benefits available under the 2005 Amendment to qualifying income of a Benefited Enterprise depends on, among other things, thegeographic location in Israel of the Benefited Enterprise. The location will also determine the period for which tax benefits are available. Such tax benefitsinclude an exemption from corporate tax on undistributed income generated by the Benefited Enterprise for a period of between two to ten years, dependingon the geographic location of the Benefited Enterprise in Israel, and a reduced corporate tax rate of between 10% to 25% for the remainder of the benefitsperiod, depending on the level of foreign investment in the company in each year, as explained above. The benefits period is limited to 12 or 14 years fromthe year the company first chose to have the tax benefits apply, depending on the location of the company. 52 A company qualifying for tax benefits under the 2005 Amendment which pays a dividend out of income derived by its Benefited Enterprise during the taxexemption period will be subject to corporate tax in respect of the amount of the dividend distributed (grossed-up to reflect the pre-tax income that it wouldhave had to earn in order to distribute the dividend) at the corporate tax rate which would have otherwise been applicable. Dividends paid out of incomeattributed to a Benefited Enterprise (or out of dividends received from a company whose income is attributed to a Benefited Enterprise) are generally subjectto withholding tax at source at the rate of 15% or at a lower rate as may be provided in an applicable tax treaty (subject to the receipt in advance of a validcertificate from the Israel Tax Authority allowing for a reduced tax rate). The reduced rate of 15% is limited to dividends and distributions out of incomeattributed to a Beneficiary Enterprise during the benefits period and actually paid at any time up to 12 years thereafter except with respect to an FIC, in whichcase the 12-year limit does not apply. The benefits available to a Benefited Enterprise are subject to the continued fulfillment of conditions stipulated in the Investment Law and its regulations. Ifa company does not meet these conditions, it would be required to refund the amount of tax benefits, adjusted to the Israeli consumer price index, andinterest, or other monetary penalties. Until the 2013 tax year, we had Approved Enterprise programs under the Investment Law, which, we believe, entitled us to certain tax benefits. Tax Benefits Under the 2011 Amendment The 2011 Amendment canceled the availability of the benefits granted to companies in accordance with the provisions of the Investment Law prior to 2011and, instead, introduced new benefits for income generated by a "Preferred Company" through its "Preferred Enterprise" (as such terms are defined in theInvestment Law) as of January 1, 2011. The definition of a Preferred Company includes a company incorporated in Israel that is not wholly-owned by agovernmental entity, and that has, among other things, Preferred Enterprise status and is controlled and managed from Israel. Pursuant to the 2011Amendment, a Preferred Company is entitled to a reduced corporate tax rate of 15% with respect to its preferred income derived by its Preferred Enterprise in2011 and 2012, unless the Preferred Enterprise is located in a specified development zone, in which case the rate will be 10%. Such corporate tax rate wasreduced from 15% and 10%, respectively, to 12.5% and 7%, respectively in 2013, and then increased to 16% and 9%, respectively, in 2014 until 2016.Pursuant to the 2017 Amendment, in 2017 and thereafter, the corporate tax rate for Preferred Enterprise which is located in a specified development zone wasdecreased to 7.5%, while the reduced corporate tax rate for other development zones remains 16%. Dividends paid out of preferred income attributed to a Preferred Enterprise are generally subject to withholding tax at the rate of 20% or such lower rate asmay be provided in an applicable tax treaty (subject to the receipt in advance of a valid certificate from the Israel Tax Authority allowing for a reduced taxrate). However, if such dividends are paid to an Israeli company, no tax is required to be withheld (although, if such dividends are subsequently distributed toindividuals or a non-Israeli company, withholding tax at a rate of 20% or such lower rate as may be provided in an applicable tax treaty will apply).The 2011 Amendment also provided transitional provisions to address companies already enjoying existing tax benefits under the Investment Law. Thesetransitional provisions provide, among other things, that unless an irrevocable request is made to apply the provisions of the Investment Law as amended in2011 with respect to income to be derived as of January 1, 2011: (i) the terms and benefits included in any certificate of approval that was granted to anApproved Enterprise which chose to receive grants before the 2011 Amendment became effective will remain subject to the provisions of the Investment Lawas in effect on the date of such approval, and subject to certain other conditions; (ii) the terms and benefits included in any certificate of approval that wasgranted to an Approved Enterprise which had participated in an alternative benefits track before the 2011 Amendment became effective will remain subjectto the provisions of the Investment Law as in effect on the date of such approval, provided that certain conditions are met; and (iii) a Benefited Enterprise canelect to continue to benefit from the benefits provided to it before the 2011 Amendment became effective, provided that certain conditions are met. From time to time, the Israeli Government has discussed reducing the benefits available to companies under the Investment Law. The termination orsubstantial reduction of any of the benefits available under the Investment Law could materially increase our tax liabilities. We have examined the possible effect, if any, of the provisions of the 2011 Amendment on our financial statements and have decided to apply the newbenefits under the 2011 Amendment instead of the benefits provided to our Approved Enterprise and Benefited Enterprise as of 2013 tax year. 53 New Tax Benefits under the 2017 Amendment. The 2017 Amendment was enacted as part of the Economic Efficiency Law that was published on December 29, 2016, and is effective as of January 1, 2017,subject to the publication of regulations expected to be released before March 31, 2017. The 2017 Amendment provides new tax benefits for two types of"Technology Enterprises", as described below, and is in addition to the other existing tax beneficial programs under the Investment Law. The 2017 Amendment provides that a technology company satisfying certain conditions will qualify as a "Preferred Technology Enterprise" and will therebyenjoy a reduced corporate tax rate of 12% on income that qualifies as "Preferred Technology Income", as defined in the Investment Law. The tax rate isfurther reduced to 7.5% for a Preferred Technology Enterprise located in development zone A. In addition, a Preferred Technology Enterprise will enjoy areduced corporate tax rate of 12% on capital gain derived from the sale of certain "Benefitted Intangible Assets" (as defined in the Investment Law) to arelated foreign company if the Benefitted Intangible Assets were acquired from a foreign company on or after January 1, 2017 for at least NIS 200 million,and the sale receives prior approval from the National Authority for Technological Innovation, or NATI. The 2017 Amendment further provides that a technology company satisfying certain conditions will qualify as a "Special Preferred Technology Enterprise"and will thereby enjoy a reduced corporate tax rate of 6% on "Preferred Technology Income" regardless of the company's geographic location within Israel. Inaddition, a Special Preferred Technology Enterprise will enjoy a reduced corporate tax rate of 6% on capital gain derived from the sale of certain "BenefittedIntangible Assets" to a related foreign company if the Benefitted Intangible Assets were either developed by an Israeli company or acquired from a foreigncompany on or after January 1, 2017, and the sale received prior approval from NATI. A Special Preferred Technology Enterprise that acquires BenefittedIntangible Assets from a foreign company for more than NIS 500 million will be eligible for these benefits for at least ten years, subject to certain approvals asspecified in the Investment Law. Dividends distributed by a Preferred Technology Enterprise or a Special Preferred Technology Enterprise, paid out of Preferred Technology Income, aresubject to withholding tax at source at the rate of 20%, and if distributed to a foreign company and other conditions are met, the withholding tax rate will be4%. We are examining the impact of the 2017 Amendment and the degree to which we will qualify as a Preferred Technology Enterprise and the amount ofPreferred Technology Income that we may have, or other benefits that we may receive from the 2017 Amendment. Recently Issued Accounting Pronouncements In May 2014, the Financial Accounting Standards Board ("FASB") issued Accounting Standards Update ("ASU") 2014-09, Revenue Recognition – Revenuefrom Contracts with Customers (Topic 606), which will replace substantially all current revenue recognition guidance once it becomes effective. In August2015, the FASB issued ASU No. 2015-14, Revenue from Contracts with Customers: Deferral of the Effective Date, which deferred the effective date of thenew revenue standard for periods beginning after December 15, 2016 to December 15, 2017, with early adoption permitted but not earlier than the originaleffective date. The Company does not currently intend to adopt the provisions of the new standard early. The FASB issued subsequent amendments to theinitial guidance in March 2016, April 2016, May 2016 and December 2016 within ASU 2016-08, 2016-10, 2016-12, 2016-20, respectively. The newstandard provides accounting guidance for all revenue arising from contracts with customers and affects all entities that enter into contracts to provide goodsor services to their customers unless the contracts are in the scope of other standards. The new standard is less prescriptive and may require software entities touse more judgment and estimates in the revenue recognition process than are required under existing revenue guidance. The new standard allows the optionof modified retrospective adoption with certain reliefs according to which the new standard will be applied to existing contracts from the initial period ofadoption and thereafter with no restatement of comparative data. Under this option, we will recognize the cumulative effect of the initial adoption of the newstandard as an adjustment to the opening balance of retained earnings (or another component of equity, as applicable) as of the date of initial application.Alternatively, the new standard permits full retrospective adoption with certain reliefs. We expect to adopt the standard under the modified retrospectivemethod. However, we are continuing to evaluate the impact of the standard, and its adoption method is subject to change. We are in the process of analyzingour contracts to quantify the impact that the adoption of the standard will have on revenue. We are also continuing to evaluate the impact of the standard onour costs related to obtaining customer contracts (mainly sales commissions). 54 In February 2016, the FASB issued ASU 2016-02. ASU 2016-02 changes the current lease accounting standard by requiring the recognition of lease assetsand lease liabilities for all leases, including those currently classified as operating leases. This new guidance is to be applied under a modified retrospectiveapplication to the earliest reporting period presented for reporting periods beginning after December 15, 2018. Early adoption is permitted. We are currentlyevaluating the potential impact of this new guidance on our financial statements. In March 2016, the FASB issued ASU 2016-09 Compensation-Stock Compensation (Topic 718): Improvements to Employee Share-Based PaymentAccounting. This standard simplifies various aspects related to how share-based payments are accounted for and presented in the financial statements,including income taxes, forfeitures and statutory tax withholding requirements. The guidance is effective for the Company beginning in the first quarter of2017. We will adopt the updated standard in the first quarter of fiscal year 2017. As a result, our deferred taxes and retained earnings increased byapproximately $12.2 million. In June 2016, the FASB Issued ASU 2016-13, Financial Instruments—Credit Losses (Topic 326): Measurement of Credit Losses on Financial Instruments.The new standard requires financial assets measured at amortized cost be presented at the net amount expected to be collected, through an allowance forcredit losses that is deducted from the amortized cost basis. The standard will be effective beginning January 1, 2020, with early application permitted. Weare evaluating the impact of adopting this new accounting guidance on our consolidated financial statements. In August 2016, the FASB issued ASU 2016-15, Statement of Cash Flows (Topic 230): Classification of Certain Cash Receipts and Cash Payments. The newstandard will address eight specific cash flow issues with the objective of reducing the existing diversity in practice in how certain transactions are presentedand classified in the statement of cash flows. The standard will be effective for the Company beginning January 1, 2018, with early application permitted.The standard will require adoption on a retrospective basis unless it is impracticable to apply, in which case the Company would be required to apply theamendments prospectively as of the earliest date practicable. We are evaluating the impact of adopting this new accounting guidance on our consolidatedfinancial statements. In October 2016, the FASB issued ASU 2016-16, Income Taxes (Topic 740); Intra-Entity Transfers of Assets Other than Inventory. This guidance was issuedto improve the accounting for income tax consequences of intra-entity transfers of assets other than inventory. Under the amendment an entity shouldrecognize the income tax consequences of an intra-entity transfer of an asset other than inventory when the transfer occurs. The update is effective for annualperiods beginning after December 15, 2017, and interim periods thereafter. Early adoption is permitted. We are currently evaluating the effect of the ASU onour consolidated financial statements. In January 2017, FASB issued ASU 2017-01, Business Combinations (Topic 805) Clarifying the Definition of Business. ASU No. 2017-01 clarifies thedefinition of a business with the objective of adding guidance to assist entities with evaluating whether transactions should be accounted for as acquisitions(or disposals) of assets or businesses. The update to the standard is effective for interim and annual periods beginning after December 15, 2017, and appliedprospectively. We are currently evaluating the impact of the adoption of ASU 2017-01 on our consolidated financial statements. In January 2017, the FASB issued ASU 2017-04, simplifying the Test for Goodwill Impairment (Topic 350). This standard eliminates Step 2 from thegoodwill impairment test, instead requiring an entity to recognize a goodwill impairment charge for the amount by which the goodwill carrying amountexceeds the reporting unit's fair value. This guidance is effective for interim and annual goodwill impairment tests in fiscal years beginning after December15, 2019 with early adoption permitted. This guidance must be applied on a prospective basis. We are currently evaluating the potential effect of theguidance on our consolidated financial statements. B. Liquidity and Capital Resources We fund our operations with cash generated from operating activities. We have also raised capital through the sale of equity securities in public offerings andto a lesser extent, through exercised options. Our primary current uses of our cash are ongoing operating expenses and capital expenditures. As of December 31, 2016, we had $295.5 million of cash, cash equivalents, short-term bank deposits and marketable securities. This compared with cash, cashequivalents and short-term bank deposits of $238.3 million and $177.2 million as of December 31, 2015 and 2014, respectively. We believe that our existingcash, cash equivalents and short-term bank deposits will be sufficient to fund our operations and capital expenditures for at least the next 12 months. Ourfuture capital requirements will depend on many factors, including our rate of revenue growth, the expansion of our sales and marketing activities, the timingand extent of spending to support product development efforts and expansion into new geographic locations, the timing of introductions of new softwareproducts and enhancements to existing software products and the continuing market acceptance of our software offerings. 55 The following table presents the major components of net cash flows for the periods presented: Year Ended December 31, 2014 2015 2016 (in thousands) Net cash provided by operating activities $23,195 $59,160 $56,310 Net cash used in investing activities (51,445) (7,012) (121,861)Net cash provided by financing activities 90,055 58,207 3,969 A substantial source of our net cash provided by operating activities is our deferred revenues, which is included on our consolidated balance sheet as aliability. The majority of our deferred revenues consist of the unrecognized portion of upfront payments associated with maintenance and professionalservices, with the remainder consisting of payments for licenses that could not yet be recognized. We assess our liquidity, in part, through an analysis of ourshort and long term deferred revenues that have not yet been recognized as revenues together with our other sources of liquidity. Deferred revenues forlicenses are recognized when all applicable revenue criteria are met. Revenues from maintenance and support contracts are recognized ratably on a straightline basis over the term of the related contract which is typically one year and, to a lesser extent, three years, and from professional services as services areperformed. Thus, since we frequently recognize revenues in subsequent periods to when certain payments may be received, an increase in deferred revenuesadds to the liquidity of our operations. Net Cash Provided by Operating Activities Our cash flows historically have reflected our net income coupled with changes in our non-cash working capital. During the year ended December 31, 2016,operating activities provided $56.3 million in cash as a result of $28.1 million net income , adjusted by $17.5 million of non-cash charges related to share-based compensation expenses and $6.5 million related to depreciation and amortization expenses coupled with $6.1 million increase in long term deferredrevenues and $0.5 million net increase from other long-term assets and liabilities and offset by both an increase of $1.1 million in deferred tax assets and byan increase of $1.3 million in our non-cash working capital. The increase of $1.3 million in our non-cash working capital was due to a $13.0 million increase in short-term deferred revenues, a $2.4 million decrease inaccrued expenses and other current liabilities, an increase of $2.6 million in employees and payroll accruals and an increase of $14.5 million in other currentassets. Our days' sales outstanding, or DSO, was 56 days for the year ended December 31, 2016. During the year ended December 31, 2015, operating activities provided $59.2 million in cash as a result of $25.8 million net income combined with adecrease of $21.2 million in our non-cash working capital, adjusted by $9.3 million of non-cash charges related to share-based compensation expenses of$7.0 million and depreciation and amortization of $2.3 million coupled with an approximately $7.0 million increase in other long-term assets and liabilitiesand long-term deferred revenues from three-year maintenance contracts for which we collected payment up front which were partially offset by an increase of$4.1 million in deferred tax assets. The decrease of $21.2 million in our non-cash working capital was due to a $14.5 million increase in short-term deferredrevenues, a $2.5 million increase in accrued expenses and other current liabilities, and an increase of $5.0 million in employees and payroll accruals whichwere partially offset by an increase of $0.8 million in other current assets. Our days' sales outstanding, or DSO, was 46 days for the year ended December 31,2015. During the year ended December 31, 2014, operating activities provided $23.2 million in cash as a result of $10.0 million net income combined with adecrease of $3.1 million in our non-cash working capital, adjusted by $6.6 million of non-cash charges related to a $4.3 million change in the fair value ofwarrants to purchase preferred shares, share-based compensation expenses of $1.6 million and depreciation of $0.7 million coupled with a $3.3 millionincrease in long-term deferred revenues from three-year maintenance contracts for which we collected payment up front and a $0.2 million increase in long-term liabilities. The decrease of $3.1 million in our non-cash working capital was due to a $4.4 million increase in short-term deferred revenues and a $5.5million increase in employees and payroll accruals and other current liabilities, which were partially offset by a $6.5 million increase in trade receivables andan increase of $0.3 million in trade payables and prepaid expenses and other current assets. Our DSO was 68 days for the year ended December 31, 2014.56 Net Cash Used in Investing Activities Net cash used in investing activities was $51.4 million, $7.0 million and $121.9 million for the years ended December 31, 2014, 2015 and 2016 respectively.Investing activities have consisted primarily of investment in and proceeds from short-term and long-term deposits, investment in marketable securities,acquisitions and purchase of property and equipment. Net Cash Provided by Financing Activities Our financing activities have primarily consisted of proceeds from the issuance and sale of our securities, excess tax benefit from stock-based compensationand proceeds from the exercise of share options. Net cash provided by financing activities was $90.1 million, $58.2 million and $4.0 million for the yearsended December 31, 2014, 2015 and 2016, respectively. C. Research and Development, Patents and Licenses, etc. We conduct our research and development activities in Israel. As of December 31, 2016, our research and development department included 205 employeesand contractors. In 2016, research and development costs accounted for 16.0% of our total revenues We employ a strategy of seeking patent protection for some of our technologies. As of December 31, 2016, we have obtained 8 issued patents for certain ofour technologies in various jurisdictions, including the United States and have 34 pending patent applications that were filed in various jurisdictions,including the United States. No patent application is material to the overall conduct of our business. For a description of our research and development policies, see "Item 4.B. Business Overview—Research and development." D. Trend Information Other than as disclosed elsewhere in this annual report, we are not aware of any trends, uncertainties, demands, commitments or events for the period fromJanuary 1, 2016 to December 31, 2016 that are reasonably likely to have a material adverse effect on our net revenue, income, profitability, liquidity orcapital resources, or that caused the disclosed financial information to be not necessarily indicative of future operating results or financial condition. E. Off-Balance Sheet Arrangements We do not currently engage in off-balance sheet financing arrangements. In addition, we do not have any interest in entities referred to as variable interestentities, which includes special purposes entities and other structured finance entities. 57 F. Contractual Obligations The following summarizes our contractual obligations as of December 31, 2016: Payments Due by Period Total 2017 2018 2019 2020 2021 2022 and thereafter (in thousands) Operating leaseobligations(1) $23,207 $4,208 $4,113 $4,147 $4,050 $4,057 $2,632 Uncertain taxobligations(2) 474 — — — — — — Severance pay(3) 5,035 — — — — — — Total $28,716 $4,208 $4,113 $4,147 $4,050 $4,057 $2,632 (1)Operating lease obligations consist of our contractual rental expenses under operating leases of facilities and certain motor vehicles. (2)Consists of accruals for certain income tax positions under ASC 740 that are paid upon settlement, and for which we are unable to reasonablyestimate the ultimate amount and timing of settlement. See Note 11(j) to our consolidated financial statements included elsewhere in this annualreport for further information regarding our liability under ASC 740. Payment of these obligations would result from settlements with tax authorities.Due to the difficulty in determining the timing of resolution of audits, these obligations are only presented in their total amount. (3)Severance pay relates to accrued severance obligations to our Israeli employees as required under Israeli labor laws. These obligations are payableonly upon the termination, retirement or death of the respective employee and may be reduced if the employee's termination is voluntary. Theseobligations are partially funded through accounts maintained with financial institutions and recognized as an asset on our balance sheet. Of thisamount, $1.7 million is unfunded. See Note 2(l) to our consolidated financial statement included elsewhere in this report for further information.58 ITEM 6.DIRECTORS, SENIOR MANAGEMENT AND EMPLOYEES A. Directors and Senior Management The following table sets forth the name, age and position of each of our executive officers and directors as of March 15, 2017: Name Age PositionExecutive Officers Ehud (Udi) Mokady 48 Chairman of the Board and Chief Executive Officer and FounderChen Bitan 47 General Manager, EMEA, Asia Pacific and JapanJoshua Siegel 53 Chief Financial OfficerRonen (Ron) Zoran 42 Vice President, Americas SalesNick Baglin 42 Vice President, EMEA SalesVincent Goh 45 Vice President, Asia Pacific and Japan SalesRoy Adar 45 Senior Vice President, Product ManagementDirectors Gadi Tirosh(1)(3)(4) 50 Lead Independent DirectorRon Gutler(1)(2)(3)(4) 59 DirectorRaphael (Raffi) Kesten(4) 63 DirectorKim Perdikou(1)(2)(3)(4) 59 DirectorDavid Schaeffer(4) 60 DirectorAmnon Shoshani(2)(4) 53 Director(1)Member of our compensation committee.(2)Member of our audit committee. (3)Member of our nominating and governance committee. (4)Independent director under the rules of the NASDAQ Stock Market. John Worrall served as our Chief Marketing Officer until March 15, 2017, following his notification to us earlier in the year that he would be leaving theCompany. Executive Officers Ehud (Udi) Mokady is one of our founders and serves as our Chief Executive Officer since 2005 and as chairman of the board since June 2016. He previouslyserved as our President from 2005 to 2016 and as our Chief Operating Officer from 1999 to 2005. Mr. Mokady has also served as a member of our board sinceNovember 2004. From 1997 to 1999, Mr. Mokady served as general counsel at Tadiran Spectralink Ltd., a producer of secure wireless communicationsystems. From 1986 to 1989, Mr. Mokady served in a military intelligence unit in the Israel Defense Forces. Mr. Mokady was honored by a panel ofindependent judges with the New England EY Entrepreneur Of The Year™ 2014 Award in the Technology Security category. Mr. Mokady holds a Bachelorof Laws (LL.B.) from Hebrew University in Jerusalem, Israel and a Master of Science Management (MSM) from Boston University in Massachusetts. Chen Bitan has served as our General Manager of EMEA, Asia Pacific and Japan since 2005 and as Head of Research & Development since 1999. FromMarch 1998 to April 1999, Mr. Bitan worked as Project Manager for Amdocs Software Ltd., leading the development of billing and customer care systems fortelecommunications providers. From 1995 to 1998, he worked for Magic Software Enterprises Ltd. as Research and Development Group Manager leading thedevelopment of their 4GL products for the Asia Pacific market. From 1988 to 1995, Mr. Bitan served in a software engineering unit in the Israel DefenseForces (IDF) in various research and development roles, finally leading the programming education department as Department Manager at the ComputerStudies Academy (Mamram). Mr. Bitan holds a Bachelor of Science in computer science and political science from Bar-Ilan University in Ramat-Gan, Israel. 59 Joshua Siegel has served as our Chief Financial Officer since May 2011. Prior to joining CyberArk, Mr. Siegel served as Chief Financial Officer for VoltaireLtd., a provider of InfiniBand and Ethernet connectivity solutions, from December 2005 to February 2011, and as Director of Finance and then Vice Presidentof Finance from April 2002 to December 2005. Voltaire completed an initial public offering and listing on NASDAQ in 2007 and was acquired by MellanoxTechnologies, Ltd. in 2011. From 2000 to 2002, he was Vice President of Finance at KereniX Networks Ltd., a terabit routing and transport system company.From 1995 to 2000, Mr. Siegel served in various positions at Lucent Technologies Networks Ltd. (formerly Lannet Ltd.). From 1990 to 1995, he served invarious positions at SLM Corporation (Sallie Mae—Student Loan Marketing Association). Mr. Siegel holds a Bachelor of Arts in economics and an MBAwith a concentration in finance from the University of Michigan in Ann Arbor. Ronen (Ron) Zoran has served as our Vice President of Americas Sales since January 2015 and has worked at CyberArk since our founding in 1999. Mr. Zoranhas held several sales leadership positions at the Company, including Vice President of North America Sales from July 2013 to December 2014, RegionalDirector and Senior Director of Channels from January 2005 to June 2013, as well as research and development positions, such as R&D Group Manager andDirector of Technical Services. From 1993 to 1999, Mr. Zoran served as an Officer and R&D Group Manager at the Technological Computer Center of theIsraeli Defense Forces. He holds an MBA from Northeastern University and a Bachelor of Arts in computer science from Bar-Ilan University, Israel. Nick Baglin has served as our Vice President of EMEA Sales since May 2012. Prior to joining CyberArk, Mr. Baglin worked for HP Enterprise SecurityServices, as EMEA General Manager and Global Sales Director from May 2011 to May 2012 and as Global Sales Director from December 2010 to May 2011.From January 2001 to December 2010, he worked for Vistorm Ltd., a provider of information assurance and managed security services, in various positions,including Director of Sales. Mr. Baglin holds a Bachelor of Science from the Manchester Metropolitan University in the United Kingdom. Vincent Goh has served as our Vice President of Asia Pacific and Japan Sales since January 2016. Prior to joining CyberArk, Mr. Goh worked for RSA, TheSecurity Division of EMC, as Vice President, Asia Pacific and Japan from July 2010 to October 2015 and Managing Director, South East Asia from February2008 to June 2010. From May 2001 to January 2008, Mr. Goh worked for EMC Corporation in various positions. Mr. Goh holds a Bachelor of Science ininformation technology from the National University of Ireland in Dublin and an executive certificate in Management and Leadership from the M.I.T. SloanSchool of Management in Cambridge, Massachusetts. Roy Adar has served as our Senior Vice President of Product Management since 2015 and previously served as our Vice President of Product Managementfrom 2006 to 2015. Prior to joining CyberArk, Mr. Adar held the position of Product Manager at NICE Systems Ltd., an Israeli software company, from 2002through 2005. From 1997 to 2001, he worked at Integrity Systems, Inc., an Israeli IT integrator, in several roles, including development group manager,technical consultant and product manager. Mr. Adar holds an MBA from the Kellogg School of Management at Northwestern University in Illinois and aBachelor of Arts in computer science from Open University in Tel Aviv, Israel. Directors Gadi Tirosh has served as a member of our board of directors since June 2011, as chairman of the board between July 2013 and June 2016 and as leadindependent director since July 2016. Since 2005, Mr. Tirosh has served as Managing Partner at Jerusalem Venture Partners, an Israeli venture capital firmthat focuses, among other things, on cyber-security companies and operates the JVP Cyber Labs incubator. From 1999 to 2005, he served as Corporate VicePresident of Product Marketing and as a member of the executive committee for NDS Group Ltd. ((NASDAQ:NNDS) later acquired by Cisco Systems, Inc. aprovider of end-to-end software solutions to the pay-television industry, including content protection and video security. Mr. Tirosh holds a Bachelor ofScience in computer science and mathematics and an Executive MBA from the Hebrew University in Jerusalem, Israel. 60 Ron Gutler has served as a member of our board of directors since July 2014 and served as an external director under the Companies Law between July 2014and May 2016. From May 2002 through February 2013, Mr. Gutler served as the Chairman of NICE Systems Ltd., a public company specializing in voicerecording, data security, and surveillance. Between 2000 and 2011, Mr. Gutler served as the Chairman of G.J.E. 121 Promoting Investment Ltd., a real estatecompany. Between 2000 and 2002, Mr. Gutler managed the Blue Border Horizon Fund, a global macro fund. Mr. Gutler is a former Managing Director and aPartner of Bankers Trust Company, which is currently part of Deutsche Bank. He also established and headed the Israeli office of Bankers Trust. Mr. Gutler iscurrently a director of Wix.com Ltd. (NASDAQ: WIX), Psagot Investment House, Psagot Securities and Hapoalim Securities USA (HSU), and serves aschairman of the board of the College of Management Academic Studies in Israel. Mr. Gutler holds a Bachelor of Arts in economics and international relationsand an MBA, both from the Hebrew University in Jerusalem, Israel. Raphael (Raffi) Kesten has served as a member of our board of directors since April 2014. Since February 2015, Mr. Kesten has served as Managing Partner atJerusalem Venture Partners as well as executive adviser to the Chairman and CEO of Cisco Systems, Inc. and to the Service Provider Video Security, Software& Solutions Group at Cisco Systems, Inc. He served as the Vice President of Service Provider Video Security, Software & Solutions Group at Cisco Systems,Inc. from 2012 to 2014. From 2000 to February 2015, Mr. Kesten served as a Venture Partner for Jerusalem Venture Partners. He served as Senior VicePresident and Chief Operating Officer at NDS Group Holdings Ltd. (later acquired by Cisco Systems, Inc.) from 2006 to 2012. From 1996 to 2006, Mr. Kestenworked as Vice President and General Manager of NDS Technologies Israel Limited. From 1991 to 1995, he served as Vice President of Operations andProduction of Imaging Products at Indigo N.V. (later acquired by Hewlett-Packard Company). Between 1982 and 1991, Mr. Kesten held several engineeringand managerial positions with Intel, Inc. Mr. Kesten holds a Bachelor of Science in chemical engineering from Ben-Gurion University of the Negev in Beer-Sheva, Israel and he completed the certificate program in Senior Business Management at the Hebrew University in Jerusalem, Israel. Kim Perdikou has served as a member of our board of directors since July 2014 and served as an external director under the Companies Law between July2014 and May 2016 Ms. Perdikou serves as Chairman of REBBL Inc., which she joined in June 2014, a private beverage company delivering taste, functionand nutrition. Ms. Perdikou served as the Juniper Networks, Inc. board observer on two of Juniper's portfolio companies from January 2013 to July 2014.From 2010 to August 2013, Ms. Perdikou served as the Executive Vice President for the Office of the Chief Executive Officer at Juniper Networks, Inc. Beforethat she served as the Executive Vice President and General Manager of Infrastructure Products Group and as Chief Information Officer at Juniper Networks,Inc. from 2006 to 2010 and from August 2000 to January 2006, respectively. Ms. Perdikou served on the board of directors and audit committee of LamResearch Corporation, a major provider of wafer fabrication equipment and services, from May 2011 to November 2012. Ms. Perdikou served in leadershippositions at Women.com, Readers Digest, Knight Ridder, and Dun & Bradstreet. Ms. Perdikou holds a Bachelor of Science degree in computing science withoperational research from Paisley University in Paisley, Scotland, a Post-Graduate degree in education from Jordanhill College in Glasgow, Scotland and aMaster's of Science in information systems from Pace University in New York, the United States. David Schaeffer has served as a member of our board of directors since May 2014. Mr. Schaeffer has served as the Chairman, Chief Executive Officer andPresident of Cogent Communications, Inc. (NASDAQ: CCOI), an internet service provider based in the United States that is listed on NASDAQ, since hefounded the company in August 1999. Mr. Schaeffer was the founder of Pathnet, Inc., a broadband telecommunications provider, where he served as ChiefExecutive Officer from 1995 until 1997 and as Chairman from 1997 until 1999. Mr. Schaeffer holds a Bachelor of Science in physics from the University ofMaryland, the United States. Amnon Shoshani has served as a member of our board of directors since November 2009. Since February 1995, Mr. Shoshani has served as the Founder andManaging Partner of Cabaret Holdings Ltd. and, since March 1999, he has also served as Managing Partner of Cabaret Security Ltd., Cabaret Holdings Ltd.and ArbaOne Inc. ventures activities where he had a lead role in managing the group's portfolio companies. Within that role, since June 2005 Mr. Shoshanihas served as the CEO and Chairman of TIP-The Industry Pivot Ltd., a company that provides game changing technologies to the industrial world. From 1994to April 2005, Mr. Shoshani owned a Tel-Aviv boutique law firm engaged in entrepreneurship, traditional industries and high tech, which he founded. Mr.Shoshani holds an LL.B. from Tel Aviv University, Israel. 61 B. Compensation Compensation of Directors and Executive Officers The aggregate compensation expensed, including share-based compensation and other compensation expensed by us and our subsidiaries, to our directorsand executive officers with respect to the year ended December 31, 2016 was $11.5 million. This amount includes approximately $0.6 million set aside oraccrued to provide pension, severance, retirement, or similar benefits. The table below sets forth the compensation paid to our five most highly compensated office holders (as defined in the Companies Law and described under"Board Practices—- Disclosure of Compensation of Executive Officers" below) during or with respect to the year ended December 31, 2016, in the disclosureformat of Regulation 21 of the Israeli Securities Regulations (Periodic and Immediate Reports), 1970. We refer to the five individuals for whom disclosure isprovided herein as our "Covered Executives." For purposes of the table and the summary below, and in accordance with the above mentioned securities regulations, "compensation" includes base salary,bonuses, equity-based compensation, retirement or termination payments, benefits and perquisites such as car, phone and social benefits and any undertakingto provide such compensation. Summary Compensation Table Information Regarding the Covered Executive(1) Name and Principal Position(2) BaseSalary Benefits andPerquisites(3) VariableCompensation(4) Equity-BasedCompensation(5) Total Ehud (Udi) Mokady, Chairman of the Board & CEO $375,000 $130,963 $475,082 $2,602,917 $3,583,962 Joshua Siegel, Chief Financial Officer 273,707 117,263 245,143 1,104,198 1,740,311 Ronen (Ron) Zoran, Vice President Sales, Americas 250,000 46,403 275,485 608,037 1,179,925 Chen Bitan, General Manager, EMEA, Asia Pacific andJapan 226,370 145,012 142,522 456,583 970,487 John Worrall, Chief Marketing Officer 250,000 41,493 137,916 413,395 842,804 (1)All amounts reported in the table are in terms of cost to our company, as recorded in our financial statements. (2)All current executive officers listed in the table are full-time employees. Cash compensation amounts denominated in currencies other than the U.S.dollar were converted into U.S. dollars at the average conversion rate for the year ended December 31, 2016. 62 (3)Amounts reported in this column include benefits and perquisites, including those mandated by applicable law. Such benefits and perquisites mayinclude, to the extent applicable to each executive, payments, contributions and/or allocations for savings funds, pension, severance, vacation, caror car allowance, medical insurances and benefits, risk insurances (such as life, disability and accident insurances), convalescence pay, payments forsocial security, tax gross-up payments and other benefits and perquisites consistent with our guidelines. (4)Amounts reported in this column refer to Variable Compensation such as commission, incentive and bonus payments as recorded in our financialstatements for the year ended December 31, 2016. (5)Amounts reported in this column represent the expense recorded in our financial statements for the year ended December 31, 2016 with respect toequity-based compensation. Assumptions and key variables used in the calculation of such amounts are described in paragraph c of Note 10 to ouraudited consolidated financial statements, which are included in this annual report. Employment Agreements with Executive Officers We have entered into written employment agreements with all of our executive officers. Most of these agreements contain provisions regarding non-competition and all of these agreements contain provisions regarding confidentiality of information and ownership of inventions. The non-competitionprovision applies for a period that is generally 12 months following termination of employment. The enforceability of covenants not to compete in Israel, theUnited States and the United Kingdom is subject to limitations. In addition, we are required to provide one to six months' notice prior to terminating theemployment of our executive officers, other than in the case of a termination for cause. Directors' Service Contracts Other than with respect to Ehud (Udi) Mokady, the Chairman of our Board who is also an executive officer, there are no arrangements or understandingsbetween us, on the one hand, and any of our directors, on the other hand, providing for benefits upon termination of their service as directors of our company,except that directors are permitted to exercise vested options for one year following the termination of their service. Equity Incentive Plans 2014 Share Incentive Plan The 2014 Share Incentive Plan, or the 2014 SIP, was adopted by our board of directors and became effective on June 10, 2014. The 2014 SIP was approved byour shareholders on July 10, 2014. The 2014 SIP provides for the grant of options, restricted shares, restricted share units and other share-based awards to ouremployees, directors, officers, consultants, advisors and any other person providing services to us or our affiliates, under varying tax regimes. The maximumaggregate number of shares that may be issued pursuant to awards under this 2014 SIP is the sum of (a) 422,000 shares plus (b) an increase of 1,220,054 sharesas of January 1, 2015 plus (c) on January 1 of each calendar year commencing in 2016, a number of shares equal to the lesser of: (i) an amount determined byour board of directors, if so determined prior to the January 1 of the calendar year in which the increase will occur, (ii) 4% of the total number of sharesoutstanding on December 31 of the immediately preceding calendar year, and (iii) 4,000,000 shares. Additionally, any share underlying an award that iscancelled or terminated or forfeited for any reason without having been exercised will automatically be available for grant under the 2014 SIP. As ofDecember 31, 2016, 2,129,436 ordinary shares underlying share-based awards were outstanding under the 2014 SIP and 725,620 ordinary shares werereserved for future grant under the 2014 SIP. On January 1, 2017, the aggregate number of ordinary shares reserved for issuance under the 2014 SIP wasincreased by 1,370,024 shares. Either our board or a committee established by our board administers the 2014 SIP. Such administrator may determine, among other things and subject toapplicable law, the grants of awards and the terms and provisions of such awards, as well as policies, guidelines, rules and regulations relating to and forcarrying out the 2014 SIP, and any amendment, supplement or rescission thereof, as it may deem appropriate. The board may, at any time, suspend, terminate,modify, or amend the 2014 SIP, whether retroactively or prospectively. 63 The board or the committee may grant awards intended to qualify as an incentive stock option, non-qualified stock option, Section 102 award, Section 3(9)award, or other designations under other regimes. Other than with respect to incentive stock options which are governed by the specific exercise priceprovisions of the 2014 SIP, the exercise price of any award will be determined by the committee or the board (as applicable). Unless otherwise stated in theapplicable award agreement, awards under the 2014 SIP vest and become exercisable as follows: 25% of the shares covered by the awards vest on the firstanniversary of the vesting commencement date, and 6.25% of the shares covered by the award vest at the end of each subsequent three-month period over thecourse of the following three years; provided that the grantee remains continuously as our or our affiliates service provider throughout such vesting dates.The exercise period of an award will be ten years from the date of grant of the award unless otherwise determined by the committee, subject to the vesting andthe early termination provisions. In the event of termination of the employment or service of a grantee, any unvested awards will be forfeited on the date ofsuch termination. In the event of termination by reason of death, disability or retirement, all of the grantee's vested awards may be exercised at any timewithin one year after such death or disability or within three months following retirement. In the event of termination for cause (as defined in the 2014 SIP),all awards granted to such grantee (whether vested or not) will be forfeited on the date of termination. In the event of termination for any other reason allvested and exercisable awards at the time of termination may, unless earlier terminated in accordance with their terms, be exercised within up to three monthsafter the date of termination (or such different period as the committee will prescribe). The committee and the board may grant restricted shares under the 2014 SIP. The award agreement for any restricted shares granted will set forth the vestingschedule and purchase price, if any, for the restricted shares. If a grantee's employment or services to the company or any affiliate thereof terminates for anyreason prior to the vesting of such grantee's restricted shares, any shares that remain subject to vesting will be forfeited by such grantee. The committee andthe board may grant restricted share units, or RSUs, under the 2014 SIP, which is an award covering a number of shares that is settled, if vested, by issuance ofthose shares. No payment of exercise price (subject to applicable law and the terms of the relevant award agreement) will be required as consideration forRSUs. The committee and the board may grant other awards under the 2014 SIP, including shares (which may, but need not, be restricted shares), cash, acombination of cash and shares, awards denominated in share units, share appreciation rights, and/or the opportunity to purchase our shares in connectionwith any public offerings of our securities.Awards granted to Israeli employees under the 2014 SIP may be granted pursuant to the provisions of Section 102 of the Israeli Income Tax Ordinance, or theOrdinance. In order to comply with the provisions of Section 102, all awards must be registered in the name of a trustee selected by the board and held in trustfor the benefit of the relevant grantee for the requisite period prescribed by the Ordinance or such longer period as set by the committee or the board. In the event of a "Change in Control" event (as defined in the 2014 SIP), any award then outstanding will be assumed or will be substituted by us or by thesuccessor corporation in such Change in Control or by any affiliate thereof, as determined by the committee in its discretion, under terms as determined bythe committee or the terms of the 2014 SIP applied by the successor corporation to such assumed or substituted award, unless otherwise determined by thesole and absolute discretion of the Committee. Regardless of whether or not awards are assumed or substituted the committee may (but will not be obligatedto), in its sole discretion: (1) provide for grantees to have the right to exercise their awards or otherwise for the acceleration of vesting of award in respect ofall or part of the shares covered by the awards which would not otherwise be exercisable or vested, under such terms and conditions as the committee willdetermine, including the cancellation of all unexercised awards (whether vested or unvested) upon or immediately prior to the closing of the Change inControl; and/or (2) provide for the cancellation of each outstanding and unexercised award at or immediately prior to the closing of the Change in Control,and payment to the grantees of an amount in cash, our shares, the acquirer or of a corporation or other business entity which is a party to the Change inControl or other property, as determined by the committee to be fair in the circumstances, and subject to such terms and conditions as determined by thecommittee. Notwithstanding the foregoing, in the event of a Change in Control, the committee may determine, in its sole discretion, that upon completion ofsuch Change in Control, the terms of any award be otherwise amended, modified or terminated, as the committee deems in good faith to be appropriate. Awards under the 2014 SIP are not transferable other than by will or by the laws of descent and distribution or to a grantee's designated beneficiary, unless, inthe case of awards other than incentive stock options, otherwise determined by our committee or under the 2014 SIP. Awards may be granted from time totime pursuant to the 2014 SIP, within a period of ten years from the effective date of the 2014 SIP, which period may be extended from time to time by ourboard. 64 2011 Share Incentive Plan The 2011 Share Incentive Plan, or the 2011 SIP, was adopted by our board of directors and became effective on July 14, 2011. The 2011 SIP was approved byour shareholders on December 20, 2011. The 2011 SIP provides for the grant of options, restricted shares and other share-based awards to our employees,directors, officers, consultants, advisors and any other person whose services are considered valuable to us or our affiliates, under varying tax regimes. The2011 SIP provides that the number of shares reserved for the grant of awards under the 2011 SIP will be such number as may be reserved for such purposes bythe board from time to time. Any share underlying an award that is cancelled or terminated or forfeited for any reason without having been exercised willautomatically be available for grant under the 2014 SIP. As of December 31, 2016, 1,286,406 options to purchase ordinary shares remained outstandingunder the 2011 SIP. No new awards may be granted under the 2011 SIP. Either our board or a committee established by our board administers the 2011 SIP. Option awards to purchase our ordinary shares that were granted under the 2011 SIP are designated in the applicable award agreement as an incentive stockoption, non-qualified stock option, Section 102 award (with such designation to include the relevant tax track), Section 3(i) award, or other designationsunder other regimes. Unless otherwise stated in the applicable award agreement, options under the 2011 SIP vest and become exercisable as follows: 25% ofthe shares covered by an option vest on the first anniversary of the date on which such option was granted, and 6.25% of the shares covered by the optionvest at the end of each subsequent quarter over the course of the following three years, subject to continued employment by or service to us or any subsidiaryor affiliate of ours. The exercise period of an option is ten years from the date of grant of the option unless otherwise determined by the committee. In theevent of termination of employment or service of a grantee, any unvested options are forfeited on the date of termination. In the event of termination byreason of death, disability or retirement, all of the grantee's vested options may be exercised at any time within one year after such death or disability orwithin three months following retirement. In the event of termination for cause (as defined in the 2011 SIP), all options granted to such grantee (whethervested or not) are forfeited on the date of termination. In the event of termination for any other reason all vested and exercisable options at the time oftermination may, unless earlier terminated in accordance with their terms, be exercised within up to 90 days after the date of terminationAwards granted to Israeli employees under the 2011 SIP may be granted pursuant to the provisions of Section 102 of the Ordinance. In order to comply withthe provisions of Section 102, all awards must be registered in the name of a trustee selected by the board and held in trust for the benefit of the relevantgrantee for the requisite period prescribed by the Ordinance or such longer period as set by the committee or the board. In the event of certain merger or sale events (as specified in the 2011 SIP), any award then outstanding will be assumed or an equivalent award will besubstituted by such successor corporation under substantially the same terms as such award. If such awards are not assumed or substituted by an equivalentaward, then the committee may (i) provide for grantees to have the right to exercise their awards or otherwise for the acceleration of vesting of such awards,under such terms and conditions as the committee will determine; and/or (ii) provide for the cancellation of each outstanding award at the closing of suchtransaction, and payment to the grantees of an amount in cash as determined by the committee to be fair in the circumstances, and subject to such terms andconditions as determined by the committee. Awards under the 2011 SIP are not transferable other than by will or by the laws of descent and distribution, unless otherwise determined by the board orunder the 2011 SIP, and generally expire ten years following the grant date. The 2011 SIP will terminate on the tenth anniversary of the effective date, otherthan with respect to those awards outstanding under the 2011 SIP at the time of such termination. 65 2001 Stock Option Plan and 2001 Section 102 Stock Option Plan The 2001 Stock Option Plan, or the 2001 SOP, and the 2001 Section 102 Stock Option Plan, as amended March 5, 2003, or the 2001 Section 102 SOP wereadopted by our board of directors and became effective on March 27, 2001. The 2001 SOP and the 2001 Section 102 SOP were approved by our shareholderson March 22, 2002. The 2001 SOP and the 2001 Section 102 SOP provides for the grant of options to our employees, officers, directors, consultants andadvisors of us or our affiliates. If an option granted under the 2001 SOP expires or terminates for any reason without having been exercised in full, theunpurchased shares subject to such option will be available for subsequent grants under the 2014 SIP. In the event an employee's rights in any options underthe 2001 Section 102 SOP do not vest, such options may be reissued under the 2014 SIP. As of December 31, 2016, a total of 352,220 options to purchaseordinary shares remained outstanding under the 2001 SOP and the 2001 Section 102 SOP. No new awards may be granted under the 2001 SOP or the 2001Section 102 SOP.The 2001 SOP and the 2001 Section 102 SOP are administered by a committee appointed by the board.With the consent of the affected grantee, the board or the committee may amend outstanding option agreements in a manner not inconsistent with the 2001SOP. The 2001 SOP provides for grants of incentive stock options and non-qualified stock options. The 2001 Section 102 SOP provides for grants of optionsonly to employees, officers and directors. Each option award agreement sets forth the tax track elected by the company. Pursuant to the May 30, 2013 boardresolution, the respective term of the options that were granted by us to certain employees of the company and of our UK subsidiary was extended from 10years to 15 years. The terms of the options granted under the 2001 SOP and the 2001 Section 102 SOP are generally set forth in the applicable award agreement, however anincentive stock option may be exercised for at least three months following termination of a grantee's employment (or for one year following a terminationdue to the grantee's death or disability). In the event of certain acquisition and similar events (as specified in the 2001 SOP and the 2001 Section 102 SOP),the board will take any one or more of the following actions with respect of the then outstanding options: (i) provide that such options shall be assumed, orequivalent options will be substituted, by the acquiring or succeeding corporation (or an affiliate thereof), (ii) upon written notice to the grantees, providethat all the then-unexercised options will become exercisable in full as of a specified time prior to the acquisition event and will terminate immediately priorto the consummation of such acquisition event, (iii) in the event of a merger under the terms of which holders of our outstanding ordinary shares will receiveupon consummation thereof a cash payment for each share surrendered in the merger, make or provide for a cash payment to the grantees equal to thedifference between (A) the merger price times the number of ordinary shares subject to such outstanding options and (B) the aggregate exercise price of allsuch outstanding options in exchange for the termination of such options, or (iv) upon written notice to the grantees, provide that all the then vested andunvested outstanding options will terminate immediately prior to the consummation of such acquisition event, and to the extent the vested options will havenot been exercised prior to the acquisition event, all such options will become null and void at the consummation of such acquisition event. Awards under the 2001 SOP and 2001 Section 102 SOP are generally not transferable other than by will or by the laws of descent and distribution, unlessotherwise determined by the board. Only the grantee may exercise options granted under the 2001 Section 102 SOP during his or her lifetime. The 2001 SOPand the 2001 Section 102 SOP terminated on March 27, 2011, other than with respect to those awards outstanding under the 2001 SOP and the 2001Section 102 SOP at the time of such termination. C. Board Practices Board of DirectorsUnder the Companies Law, the management of our business is vested in our board of directors. Our board of directors may exercise all powers and may takeall actions that are not specifically granted to our shareholders or to management. Our executive officers are responsible for our day-to-day management andhave individual responsibilities established by our board of directors. Our Chief Executive Officer is appointed by, and serves at the discretion of, our boardof directors, subject to the employment agreement that we have entered into with him. All other executive officers are also appointed by our board ofdirectors, and are subject to the terms of any applicable employment agreements that we may enter into with them.We comply with the rule of the NASDAQ Stock Market that a majority of our directors be independent. Our board of directors has determined that all of ourdirectors, other than our Chief Executive Officer, are independent under such rules. Directors serve for a period of three years pursuant to the staggered boardprovisions of our articles of association. Under our articles of association, our board of directors must consist of at least four and not more than 11 directors.Our board of directors currently consists of seven directors. Previously, two of our directors presided as "external directors", as such term is defined in theCompanies Law. See "Item 6.C. Board Practices—External Directors" for a description of the exemption from the requirements under the Companies Law toappoint such directors.66 Our directors are divided into three classes with staggered three-year terms. Each class of directors consists, as nearly as possible, of one-third of the totalnumber of directors constituting the entire board of directors. At each annual general meeting of our shareholders, the election or re-election of directorsfollowing the expiration of the term of office of the directors of that class of directors is for a term of office that expires on the third annual general meetingfollowing such election or re-election, such that at each annual general meeting, the term of office of only one class of directors will expire. Each director willhold office until the annual general meeting of our shareholders in which his or her term expires, unless he or she is removed by a vote of 65% of the totalvoting power of our shareholders at a general meeting of our shareholders or upon the occurrence of certain events, in accordance with the Companies Lawand our articles of association. Our directors are divided among the three classes as follows: (i) the Class I directors are Ehud (Udi) Mokady and David Schaeffer, and their term expires at the annual general meeting of shareholders to be held in 2018and when their successors are elected and qualified; (ii) the Class II directors, are Raphael (Raffi) Kesten and Amnon Shoshani, and their term expires at the annual general meeting of shareholders to be held in2019 and when their successors are elected and qualified; and (iii) the Class III directors are Gadi Tirosh, Ron Gutler and Kim Perdikou, and their term expires at the annual general meeting of shareholders to be held in2017 and when their successors are elected and qualified. In addition, our articles of association allow our board of directors to appoint directors, create new directorships or fill vacancies on our board of directors upto the maximum number of directors permitted under our articles of association. In case of an appointment by our board of directors to fill a vacancy on ourboard of directors due to a director no longer serving, the term of office shall be equal to the remaining period of the term of office of the director(s) whoseoffice(s) have been vacated, and in case of a new appointment where the number of directors serving is less than the maximum number stated in our articles ofassociation, our board of directors shall determine at the time of appointment the class to which the new director shall be assigned. Under the Companies Law and our articles of association, nominations for directors may be made by any shareholder(s) holding together at least 1% of ouroutstanding voting power. However, any such shareholder may make such a nomination only if a written notice of such shareholder's intent to make suchnomination has been timely and duly given to our Secretary (or, if we have no Secretary, our Chief Executive Officer), as set forth in our articles ofassociation. Any such notice must include certain information regarding the proposing shareholder and the proposed director nominee, the consent of theproposed director nominee(s) to serve as our director(s) if elected and a declaration signed by the proposed director nominee(s) as required by under theCompanies Law and that all of the information that is required to be provided to us in connection with such election under the Companies Law and under ourarticles of association has been provided. Under the Companies Law, our board of directors must determine the minimum number of directors who are required to have accounting and financialexpertise. A director with accounting and financial expertise is a director who, due to his or her education, experience and skills, possesses an expertise in,and an understanding of, financial and accounting matters and financial statements, such that he or she is able to understand the financial statements of thecompany and initiate a discussion about the presentation of financial data. In determining the number of directors required to have such expertise, a board of directors must consider, among other things, the type and size of thecompany and the scope and complexity of its operations. Our board of directors has determined that the minimum number of directors of our company whoare required to have accounting and financial expertise is one. Our board of directors has determined that each of Ron Gutler and Kim Perdikou possesses accounting and financial expertise as defined under theCompanies Law. 67 External Directors Pursuant to recently enacted regulations under the Companies Law, the board of directors of a company whose shares are listed on certain non-Israeli stockexchanges (including NASDAQ), which company does not have a controlling shareholder (as such term is defined in the Companies Law) may elect not tocomply with the requirements of the Companies Law relating to the election of external directors and to the composition of the audit committee andcompensation committee, provided that the company complies with the requirements as to director independence and audit committee and compensationcommittee composition applicable to companies that are incorporated in the jurisdiction in which its stock exchange is located. As our company does not have a controlling shareholder, and as we comply with the NASDAQ listing rules applicable to domestic U.S. companies withrespect to a majority of our directors being independent and with respect to the composition of our audit committee and compensation committee, our boardof directors determined in May 2016 to opt out of the requirement to appoint external directors. If in the future we were to have a controlling shareholder, wewould again be required to comply with the requirements relating to external directors and composition of the audit committee and compensation committee. Our two former external directors, Ron Gutler and Kim Perdikou, remained on our board of directors as independent directors. The term controlling shareholder, as used in the Companies Law for purposes of all matters related to external directors and for certain other purposes, meansa shareholder with the ability to direct the activities of the company, other than by virtue of being an office holder. A shareholder is presumed to be acontrolling shareholder if the shareholder holds 50% or more of the voting rights in a company or has the right to appoint the majority of the directors of thecompany or its general manager (chief executive officer). Lead Independent DirectorAs approved by our shareholders at the June 2016 meeting, for so long as the positions of the Chief Executive Officer and Chairman of the Board arecombined, the non-executive board members will select a Lead Independent Director from among the independent directors of the Board, who has served aminimum of one year as a director. If at any meeting of the Board the Lead Independent Director is not present, a majority of the independent members of theBoard present will select an independent member of the Board to act as Lead Independent Director for the purpose and duration of such meeting. Theauthorities and responsibilities of the Lead Independent Director include, but are not limited to, the following:☐ providing leadership to the Board if circumstances arise in which the role of the Chairman may be, or may be perceived to be, in conflict, andresponding to any reported conflicts of interest, or potential conflicts of interest, arising for any director;☐presiding as chairman of the meeting at all meetings of the Board at which the Chairman of the Board is not present, including executivesessions of the independent members of the Board;☐serving as liaison between the Chairman of the Board and the independent members of the Board;☐approving meeting agendas for the Board;☐approving information sent to the Board;☐approving meeting schedules to assure that there is sufficient time for discussion of all agenda items;☐having the authority to call meetings of the independent members of the Board of Directors;☐if requested by a major shareholder, ensuring that he or she is available for consultation and direct communication; and☐performing such other duties as the Board may from time to time delegate to assist the Board in the fulfillment of its duties. 68 Audit Committee Our audit committee consists of three independent directors, Ron Gutler (Chairperson), Kim Perdikou, and Amnon Shoshani.Audit Committee Composition Following recently enacted regulations described above, we may comply with the requirements of the Companies Law by appointing an audit committeewhose composition complies with NASDAQ corporate governance rules. Under NASDAQ corporate governance rules, we are required to maintain an audit committee consisting of at least three independent directors, each of whomis financially literate and one of whom has accounting or related financial management expertise. All members of our audit committee meet the requirements for financial literacy under the applicable rules and regulations of the SEC and NASDAQcorporate governance rules. Our board of directors has determined that Ron Gutler and Kim Perdikou are audit committee financial experts as defined by SECrules and have the requisite financial experience as defined by NASDAQ corporate governance rules. Each of the members of the audit committee is "independent" as such term is defined in Rule 10A-3(b)(1) under the Exchange Act, which is different from thegeneral test for independence of board members and members of other committees. Audit Committee Role Our board of directors has an audit committee charter that sets forth the responsibilities of the audit committee consistent with the rules of the SEC and thelisting requirements of the NASDAQ Stock Market, as well as the requirements for such committee under the Companies Law. The responsibilities of theaudit committee include the following: ☐ oversight of our independent registered public accounting firm and recommending the engagement, compensation or termination ofengagement of our independent registered public accounting firm to the board of directors in accordance with Israeli law; ☐recommending the terms of audit and non-audit services provided by the independent registered public accounting firm for pre-approval by ourboard of directors; ☐ establishing systems of internal controls over the financial reporting of the company including communication and implementation thereof andthe assessment of the internal controls in accordance with the Sarbanes-Oxley Act; ☐discussing and reviewing the financial reporting related matters of the company; ☐recommending the engagement or termination of the person filling the office of our internal auditor; ☐ determining whether there are deficiencies in the business management practices of our company, including in consultation with our internalauditor or the independent auditor, and making recommendations to the board of directors to improve such practices; ☐ determining whether to approve certain related party transactions (including transactions in which an office holder has a personal interest andwhether such transaction is material or extraordinary under the Companies Law) (see "Item 6.C. Board Practices —Approval of Related PartyTransactions under Israeli Law"); ☐where the board of directors approves the working plan of the internal auditor, to examine such working plan before its submission to the boardof directors and proposing amendments thereto; ☐examining our internal controls and internal auditor's performance, including whether the internal auditor has sufficient resources and tools todispose of its responsibilities; and ☐establishing procedures for the handling of employees' complaints as to the deficiencies in the management of our business and the protectionto be provided to such employees. 69 Compensation Committee Our compensation committee consists of Kim Perdikou (Chairperson), Gadi Tirosh and Ron Gutler. Compensation Committee Composition Following recently enacted regulations described above, we may comply with the requirements of the Companies Law by appointing a compensationcommittee, whose composition complies with the NASDAQ corporate governance rules. Under NASDAQ corporate governance rules, we are required tomaintain a compensation committee consisting of at least two independent directors. Each current member of the compensation committee (which currentlyincludes Kim Perdikou (Chairperson), Gadi Tirosh and Ron Gutler) is required to be independent under NASDAQ rules relating to compensation committeemembers, which are different from the general test for independence of board and committee members. Each of the members of our compensation committeesatisfies those requirements. Compensation Policy pursuant to the Israeli Companies Law The duties of the compensation committee include the recommendation to the company's board of directors of a policy regarding the terms of engagement ofoffice holders, to which we refer as a compensation policy. That policy must be adopted by the company's board of directors, after considering therecommendations of the compensation committee, and must be brought for approval by the company's shareholders, which approval requires a SpecialApproval for Compensation (as defined below under "—Approval of Related Party Transactions under Israeli Law— Disclosure of Personal Interests of anOffice Holder and Approval of Certain Transactions"). The compensation policy must serve as the basis for decisions concerning the financial terms of employment or engagement of office holders, includingexculpation, insurance, indemnification or any monetary payment, obligation of payment or other benefit in respect of employment or engagement. Thecompensation policy must relate to certain factors, including advancement of the company's objectives, the company's business plan and its long-termstrategy, and creation of appropriate incentives for office holders. It must also consider, among other things, the company's risk management, size and thenature of its operations. The compensation policy must include certain principles, such as: a link between variable compensation and long-term performance,which variable compensation shall, other than with respect to office holders who report to the CEO, be primarily based on measurable criteria; therelationship between variable and fixed compensation; and the minimum holding or vesting period for variable, equity-based compensation. Thecompensation committee is responsible for (a) recommending the compensation policy to a company's board of directors for its approval (and subsequentapproval by our shareholders) and (b) duties related to the compensation policy and to the compensation of a company's office holders (as described below).Accordingly, following the recommendation of our compensation committee, on November 12, 2014 and December 18, 2014, our board of directors andshareholders, respectively, approved our compensation policy. Compensation Committee Role Our board of directors has a compensation committee charter that sets forth the responsibilities of the committee. The responsibilities of the committee setforth in its charter and the Companies Law include: ☐ recommending whether a compensation policy should continue in effect, if the then-current policy has a term of greater than five years(approval of either a new compensation policy or the continuation of an existing compensation policy must in any case occur within five yearsof the date of a company's initial public offering, and every three years thereafter); ☐assessing implementation of the compensation policy and recommending periodic updates to the compensation policy; ☐reviewing, evaluating and making recommendations regarding the terms of office, compensation and benefits for our office holders, includingthe non-employee directors, taking into account the compensation policy. 70 ☐exempting certain compensation arrangements from the requirement to obtain shareholder approval under the Companies Law (including withrespect to the Chief Executive Officer); and ☐reviewing and approving the granting of options and other incentive awards to the extent such authority is delegated by our board of directors. Nominating and Governance Committee Our nominating and governance committee consists of Gadi Tirosh (Chairperson), Kim Perdikou and Ron Gutler. Nominating and Governance Committee Role Our board of directors has a nominating and governance committee charter that sets forth the responsibilities of the nominating and governance committee,which include: ☐overseeing and assisting our board of directors in reviewing and recommending nominees for election as directors and as members of thecommittees of the board of directors; ☐establishing procedures for, and administering the performance of the members of our board and its committees; ☐evaluating and making recommendations to our board of directors regarding the termination of membership of directors; ☐reviewing, evaluating and making recommendations regarding management succession and development; ☐reviewing and making recommendations to our board of directors regarding board member qualifications, composition and structure and thenature and duties of the committees and qualifications of committee members; and ☐ establishing and maintaining effective corporate governance policies and practices, including, but not limited to, developing andrecommending to our board of directors a set of corporate governance guidelines applicable to our company. Disclosure of Compensation of Executive Officers For so long as we qualify as a foreign private issuer, we are not required to comply with the proxy rules applicable to U.S. domestic companies, including therequirement applicable to certain domestic issuers that do not qualify as emerging growth companies to disclose on an individual, rather than an aggregate,basis, the compensation of our named executive officers as defined in Item 402 of Regulation S-K. Nevertheless, the Companies Law requires that we disclosethe annual compensation of our five most highly compensated office holders (as defined under the Companies Law) on an individual basis. Under theCompanies Law regulations, this disclosure is required to be included in the annual proxy statement for our annual meeting of shareholders each year, whichwe will furnish to the SEC under cover of a Report of Foreign Private Issuer on Form 6-K. Because of that disclosure requirement under Israeli law, we are alsoincluding such information in this annual report, pursuant to the disclosure requirements of Form 20-F. Compensation of Directors Under the Companies Law, compensation of directors requires the approval described below under "Approval of Related Party Transactions Under Israeli Law- Disclosure of Personal Interests of an Office Holder and Approval of Certain Transactions." The directors are also entitled to be paid reasonable travel, hotel and other expenses expended by them in attending board meetings and performing theirfunctions as directors of the company, all of which is to be determined by the board of directors. For additional information, see "Item 6B. Compensation—Compensation of Directors and Executive Officers." 71 Internal Auditor Under the Companies Law, the board of directors of an Israeli public company must appoint an internal auditor recommended by the audit committee. Aninternal auditor may not be: ☐a person (or a relative of a person) who holds more than 5% of the company's outstanding shares or voting rights; ☐a person (or a relative of a person) who has the power to appoint a director or the general manager of the company; ☐an office holder (including a director) of the company (or a relative thereof); or ☐a member of the company's independent accounting firm, or anyone on his or her behalf. The role of the internal auditor is to examine, among other things, our compliance with applicable law and orderly business procedures. The audit committeeis required to oversee the activities and to assess the performance of the internal auditor as well as to review the internal auditor's work plan. Chaikin, Cohen,Rubin & Co. serves as our internal auditor.Approval of Related Party Transactions under Israeli Law Fiduciary Duties of Directors and Executive Officers The Companies Law codifies the fiduciary duties that office holders owe to a company. The term "office holder" is defined under the Companies Law as ageneral manager, chief business manager, deputy general manager, vice general manager, any other person assuming the responsibilities of any of thesepositions (regardless of that person's title), a director and any other manager directly subordinate to the general manager. An office holder's fiduciary duties consist of a duty of care and a duty of loyalty. The duty of care requires an office holder to act with the level of care withwhich a reasonable office holder in the same position would have acted under the same circumstances. The duty of loyalty requires that an office holder act ingood faith and in the best interests of the company. The duty of care includes a duty to use reasonable means to obtain: ☐information on the advisability of a given action brought for his or her approval or performed by virtue of his or her position; and ☐all other important information pertaining to any such action. The duty of loyalty includes a duty to: ☐refrain from any conflict of interest between the performance of his or her duties to the company and his or her duties or personal affairs; ☐refrain from any action which competes with the company's business; ☐refrain from exploiting any business opportunity of the company in order to receive a personal gain for himself or herself or others; and ☐disclose to the company any information or documents relating to the company's affairs which the office holder received as a result of his or herposition as an office holder. 72 Disclosure of Personal Interests of an Office Holder and Approval of Certain Transactions The Companies Law requires that an office holder promptly disclose to the board of directors any personal interest that he or she may be aware of and allrelated material information or documents concerning any existing or proposed transaction with the company. An interested office holder's disclosure mustbe made promptly and in any event no later than the first meeting of the board of directors at which the transaction is considered. A personal interest includesan interest of any person in an act or transaction of a company, including a personal interest of such person's relative or of a corporate body in which suchperson or a relative of such person is a 5% or greater shareholder, director or general manager or in which he or she has the right to appoint at least onedirector or the general manager, but excluding a personal interest stemming from one's ownership of shares in the company. A personal interest furthermoreincludes the personal interest of a person for whom the office holder holds a voting proxy or the personal interest of the office holder with respect to his or hervote on behalf of a person for whom he or she holds a proxy even if such shareholder has no personal interest in the matter. An office holder is not, however,obliged to disclose a personal interest if it derives solely from the personal interest of his or her relative in a transaction that is not considered anextraordinary transaction. Under the Companies Law, an extraordinary transaction is defined as any of the following: ☐a transaction other than in the ordinary course of business; ☐a transaction that is not on market terms; or ☐a transaction that may have a material impact on a company's profitability, assets or liabilities.If it is determined that an office holder has a personal interest in a transaction, approval by the board of directors (and, in certain circumstances, of itsapplicable committee) is required for the transaction, unless the company's articles of association provide for a different method of approval. Further, so longas an office holder has disclosed his or her personal interest in a transaction and acted in good faith and the transaction or action does not harm the company'sbest interests, the board of directors may approve an action by the office holder that would otherwise be deemed a breach of duty of loyalty.The compensation of, or an undertaking to indemnify or insure, an office holder who is not a director requires approval first by the company's compensationcommittee, then by the company's board of directors, and, if such compensation arrangement or an undertaking to indemnify or insure is inconsistent with thecompany's stated compensation policy then such arrangement is subject to the approval of a majority vote of the shares present and voting at a shareholdersmeeting, provided that either: (a) such majority includes at least a majority of the shares held by all shareholders who do not have a personal interest in suchcompensation arrangement; or (b) the total number of shares of shareholders who do not have a personal interest in the compensation arrangement and whovote against the arrangement does not exceed 2% of the company's aggregate voting rights. We refer to this as the Special Approval for Compensation.Arrangements regarding the compensation, indemnification or insurance of a director require the approval of the compensation committee, board of directorsand shareholders by ordinary majority, in that order, and if such compensation, indemnification or insurance is inconsistent with the company's statedcompensation policy, a Special Approval for Compensation. Generally, a person who has a personal interest in a matter which is considered at a meeting of the board of directors or the audit committee may not bepresent at such a meeting or vote on that matter unless the chairman of the relevant committee or board of directors (as applicable) determines that he or sheshould be present in order to present the transaction that is subject to approval, in which case such person may do so but may not vote on the matter. If amajority of the members of the audit committee or the board of directors (as applicable) has a personal interest in the approval of a transaction, then alldirectors may participate in discussions of the audit committee or the board of directors (as applicable) on such transaction and the voting on approvalthereof. However, in the event that a majority of the members of the Board has a personal interest in a transaction, shareholder approval is also required forsuch transaction. Disclosure of Personal Interests of Controlling Shareholders and Approval of Certain Transactions We currently do not have a controlling shareholder. If in the future we would have a controlling shareholder, disclosure requirements regarding personalinterests will apply and shareholder approval (meeting a special majority requirement) will be required with respect to transactions specified in theCompanies Law involving the controlling shareholder, parties having certain relationships with the controlling shareholder and certain other specifictransactions. In such cases, the votes of a controlling shareholder and certain parties associated with it would be excluded for purposes of special majorityvoting requirements. Additionally, the Companies Law provides a different, broader definition of a controlling shareholder with respect to the provisionspertaining to the approval of related party transactions.73 Shareholder Duties Pursuant to the Companies Law, a shareholder has a duty to act in good faith and in a customary manner toward the company and other shareholders and torefrain from abusing his or her power in the company, including, among other things, in voting at a general meeting and at shareholder class meetings withrespect to the following matters: ☐an amendment to the company's articles of association; ☐an increase of the company's authorized share capital; ☐a merger; or ☐the approval of related party transactions and acts of office holders that require shareholder approval. In addition, a shareholder also has a general duty to refrain from discriminating against other shareholders. In addition, certain shareholders have a duty of fairness toward the company. These shareholders include any controlling shareholder, any shareholder whoknows that he or she has the power to determine the outcome of a shareholder vote and any shareholder who has the power to appoint or to prevent theappointment of an office holder of the company or other power towards the company. The Companies Law does not define the substance of the duty offairness, except to state that the remedies generally available upon a breach of contract will also apply in the event of a breach of the duty to act with fairness. Exculpation, Insurance and Indemnification of Directors and Officers Under the Companies Law, a company may not exculpate an office holder from liability for a breach of the duty of loyalty. An Israeli company mayexculpate an office holder in advance from liability to the company, in whole or in part, for damages caused to the company as a result of a breach of duty ofcare but only if a provision authorizing such exculpation is included in its articles of association. Our articles of association include such a provision. Thecompany may not exculpate in advance a director from liability arising out of a prohibited dividend or distribution to shareholders. Under the Companies Law, a company may indemnify an office holder in respect of the following liabilities and expenses incurred for acts performed by himor her as an office holder, either pursuant to an undertaking made in advance of an event or following an event, provided its articles of association include aprovision authorizing such indemnification: ☐ financial liability imposed on him or her in favor of another person pursuant to a judgment, including a settlement or arbitrator's awardapproved by a court. However, if an undertaking to indemnify an office holder with respect to such liability is provided in advance, then suchan undertaking must be limited to events which, in the opinion of the board of directors, can be foreseen based on the company's activities whenthe undertaking to indemnify is given, and to an amount or according to criteria determined by the board of directors as reasonable under thecircumstances, and such undertaking shall detail the abovementioned foreseen events and amount or criteria; ☐ reasonable litigation expenses, including attorneys' fees, incurred by the office holder (1) as a result of an investigation or proceeding institutedagainst him or her by an authority authorized to conduct such investigation or proceeding, provided that (i) no indictment was filed againstsuch office holder as a result of such investigation or proceeding; and (ii) no financial liability was imposed upon him or her as a substitute forthe criminal proceeding as a result of such investigation or proceeding or, if such financial liability was imposed, it was imposed with respect toan offense that does not require proof of criminal intent; and (2) in connection with a monetary sanction; and ☐ reasonable litigation expenses, including attorneys' fees, incurred by the office holder or imposed by a court in proceedings instituted againsthim or her by the company, on its behalf, or by a third party, or in connection with criminal proceedings in which the office holder wasacquitted, or as a result of a conviction for an offense that does not require proof of criminal intent. 74 Under the Companies Law, a company may insure an office holder against the following liabilities incurred for acts performed by him or her as an officeholder if and to the extent provided in the company's articles of association: ☐a breach of the duty of loyalty to the company, provided that the office holder acted in good faith and had a reasonable basis to believe that theact would not harm the company; ☐a breach of duty of care to the company or to a third party, to the extent such a breach arises out of the negligent conduct of the office holder;and ☐a financial liability imposed on the office holder in favor of a third party. Under the Companies Law, a company may not indemnify, exculpate or insure an office holder against any of the following: ☐ a breach of the duty of loyalty, except for indemnification and insurance for a breach of the duty of loyalty to the company to the extent that theoffice holder acted in good faith and had a reasonable basis to believe that the act would not prejudice the company; ☐a breach of duty of care committed intentionally or recklessly, excluding a breach arising out of the negligent conduct of the office holder; ☐an act or omission committed with intent to derive illegal personal benefit; or ☐a civil or criminal fine or forfeit levied against the office holder. Under the Companies Law, exculpation, indemnification and insurance of office holders in a public company must be approved by the compensationcommittee and the board of directors and, with respect to certain office holders or under certain circumstances, also by the shareholders. See "Item 6.C. BoardPractices—Approval of Related Party Transactions under Israeli Law." We have entered into indemnification agreements with our office holders to exculpate, indemnify and insure our office holders to the fullest extent permittedor to be permitted by our articles of association and applicable law (including without limitation), the Companies Law, the Israeli Securities Law, 5728-1968and the Israeli Restrictive Trade Practices Law, 5758-1988. We have obtained director and officer liability insurance for the benefit of our office holders and intend to continue to maintain such coverage and pay allpremiums thereunder to the fullest extent permitted by the Companies Law. D. Employees As of December 31, 2016, we had 823 employees and subcontractors with 324 located in Israel, 286 in the United States, 61 in the United Kingdom and 152across 29 other countries. The following table shows the breakdown of our global workforce of employees and subcontractors by category of activity as of thedates indicated: As of December 31, Department 2014 2015 2016 Sales and marketing 202 294 377 Research and development 119 176 205 Services and support 76 118 166 General and administrative 33 56 75 Total 430 644 823 With respect to our Israeli employees, Israeli labor laws govern the length of the workday, minimum wages for employees, procedures for hiring anddismissing employees, determination of severance pay, annual leave, sick days, advance notice of termination of employment, equal opportunity and anti-discrimination laws and other conditions of employment. Subject to certain exceptions, Israeli law generally requires severance pay upon the retirement,death or dismissal of an employee, and requires us and our employees to make payments to the National Insurance Institute, which is similar to the U.S. SocialSecurity Administration. Our employees have pension plans that comply with the applicable Israeli legal requirements and we make monthly contributions toseverance pay funds for all employees, which cover potential severance pay obligations. 75 None of our employees work under any collective bargaining agreements, except for our employees in Italy who work under the national collectivebargaining agreement for trade and commerce sector (CCNL Commercio) which affects matters such as length of working, annual holidays entitlement, sickleave, travel expenses and pension rights, and our employees in France who work under the collective bargaining agreement for offices of technical studies,offices of consulting engineers and consulting firms (SYNTEC CBA). Extension orders issued by the Israeli Ministry of Economy and Industry (formerly the Israeli Ministry of Industry, Trade and Labor) apply to our employeesis Israel and affect matters such as cost of living adjustments to salaries, length of working hours and week, recuperation pay, travel expenses, and pensionrights. We have never experienced labor-related work stoppages or strikes and believe that our relations with our employees are satisfactory. E. Share Ownership For information regarding the share ownership of our directors and executive officers, please refer to "Item 6.B. Compensation" and "Item 7.A. MajorShareholders." ITEM 7. MAJOR SHAREHOLDERS AND RELATED PARTY TRANSACTIONS A. Major Shareholders The following table sets forth information with respect to the beneficial ownership of our shares as of February 28, 2017 by: ·each person or entity known by us to own beneficially 5% or more of our outstanding shares; ·each of our directors and executive officers individually; and ·all of our executive officers and directors as a group.The beneficial ownership of ordinary shares is determined in accordance with the rules of the SEC and generally includes any ordinary shares over which aperson exercises sole or shared voting or investment power, or the right to receive the economic benefit of ownership. For purposes of the table below, wedeem shares subject to options that are currently exercisable or exercisable within 60 days of February 28, 2017, to be outstanding and to be beneficiallyowned by the person holding the options for the purposes of computing the percentage ownership of that person but we do not treat them as outstanding forthe purpose of computing the percentage ownership of any other person. The percentage of shares beneficially owned is based on 34,423,221 ordinary sharesoutstanding as of February 28, 2017. As of February 28, 2017, we had 10 holders of record of our ordinary shares in the United States, including Cede & Co., the nominee of The Depository TrustCompany. These shareholders held in the aggregate 34,068,842 of our outstanding ordinary shares, or 98.9% of our outstanding ordinary shares as ofFebruary 28, 2017. The number of record holders in the United States is not representative of the number of beneficial holders nor is it representative of wheresuch beneficial holders are resident since many of these ordinary shares were held by brokers or other nominees. All of our shareholders, including the shareholders listed below, have the same voting rights attached to their ordinary shares. See "Item 10.B. Memorandumand Articles of Association." None of our principal shareholders or our directors and executive officers have different or special voting rights with respect totheir ordinary shares. Unless otherwise noted below, each shareholder's address is CyberArk Software Ltd. 94 Em-Ha'moshavot Road, Park Ofer, P.O. Box3143, Petach Tikva 4970602, Israel. 76 A description of any material relationship that our principal shareholders have had with us or any of our predecessors or affiliates within the past three years isincluded under "Item 7B. Related Party Transactions." Shares Beneficially Owned Name of Beneficial Owner Number % Principal Shareholders (1) Entities affiliated with T. Rowe Price Associates, Inc. (2) 3,503,886 10.18%FMR LLC(3) 2,590,195 7.52%Executive Officers and Directors Ehud (Udi) Mokady(4) 799,263 2.32%Chen Bitan * * Joshua Siegel * * Ronen (Ron) Zoran * * Nick Baglin * * Vincent Goh * * Roy Adar * * Gadi Tirosh * * Ron Gutler * * Raphael (Raffi) Kesten * * Kim Perdikou * * David Schaeffer * * Amnon Shoshani(5) 374,962 1.09%All executive officers and directors as a group (13 persons) 1,755,719 5.10%* Less than 1%. (1)Certain shareholders that reported greater than 5% beneficial ownership on a Schedule 13G filed with respect to their share ownership as ofDecember 31, 2016 have not been included in the table as their percentage ownership is less than 5% based on the number of sharesoutstanding as of February 28, 2016.(2)Based on a Schedule 13G filed by T. Rowe Price Associates, Inc. ("TRP"), as of December 31, 2016, shares beneficially owned consist of3,503,886 shares beneficially owned by TRP, certain of its affiliates and subsidiaries. TRP has sole voting power over 594,326 shares andsole dispositive power over 3,503,886 shares. T. Rowe Price New Horizons Fund, Inc. has sole voting power over 1,649,300 shares. Theaddress of TRP is 100 E. Pratt Street, Baltimore, MD 21202(3)Based on a Schedule 13G filed by FMR LLC ("FMR"), as of December 31, 2016, shares beneficially owned consist of 2,590,195 sharesbeneficially owned by FMR LLC, certain of its affiliates and subsidiaries. FMR LLC has sole voting power over 597,847 shares and soledispositive power over 2,590,195 shares. Members of the Johnson family, including Abigail P. Johnson, are the predominant owners,directly or through trusts, of Series B voting common shares of FMR LLC, representing 49% of the voting power of FMR LLC. The Johnsonfamily group and all other Series B shareholders have entered into a shareholders' voting agreement under which all Series B votingcommon shares will be voted in accordance with the majority vote of Series B voting common shares. Accordingly, through their ownershipof voting common shares and the execution of the shareholders' voting agreement, members of the Johnson family may be deemed, underthe Investment Company Act of 1940, to form a controlling group with respect to FMR LLC. Neither FMR LLC nor Abigail P. Johnson hasthe sole power to vote or direct the voting of the shares owned directly by the various investment companies registered under theInvestment Company Act ("Fidelity Funds") advised by Fidelity Management & Research Company ("FMR Co"), a wholly ownedsubsidiary of FMR LLC, which power resides with the Fidelity Funds' Boards of Trustees. Fidelity Management & Research Companycarries out the voting of the shares under written guidelines established by the Fidelity Funds' Boards of Trustees. The address of FMR LLCis 245 Summer Street, Boston, MA 02210. 77 (4)Mr. Mokady's shares include 15,000 shares held in trust for family members over which Mr. Mokady is the beneficial owner.(5)Shares beneficially owned consist of 354,379 shares beneficially owned by Cabaret Security Ltd. over which Mr. Shoshani holds votingand investment power, as well as vested options to purchase 20,583 ordinary shares that are held directly by Mr. Shoshani. The address ofCabaret Security Ltd. is 7 Chalamish Street, PO Box 3557, Caesarea 30889, Israel.Significant Changes At the time of our September 2014 initial public offering, Jerusalem Venture Partners and its affiliates owned 11,182,562 ordinary shares. Based on aSchedule 13 G/A filed with the SEC on January 31, 2017, as of December 31, 2016, Jerusalem Venture Partners and its affiliates do not hold any ordinaryshares of the company. B. Related Party Transactions Our policy is to enter into transactions with related parties on terms that, on the whole, are no more favorable, or no less favorable, than those available fromunaffiliated third parties. Based on our experience in the business sectors in which we operate and the terms of our transactions with unaffiliated third parties,we believe that all of the transactions described below met this policy standard at the time they occurred. The following is a description of material transactions, or series of related material transactions, since January 1, 2016, to which we were or will be a party andin which the other parties included or will include our directors, executive officers, holders of more than 10% of our voting securities or any member of theimmediate family of any of the foregoing persons. Registration Rights Our investor rights agreement entitles our shareholders to certain registration rights. The only shareholder that is currently entitled to registration rights isCabaret Security Ltd., including Form F-3 demand rights and piggyback registration rights.Agreements with Directors and Officers Employment and Related Agreements. We have entered into written employment agreements with each of our executive officers. These agreements providefor notice periods of varying duration for termination of the agreement by us or by the relevant executive officer, during which time the executive officer willcontinue to receive base salary and benefits. These agreements also contain customary provisions regarding confidentiality of information and ownership ofinventions. Equity Awards. Since our inception we have granted options to purchase, and restricted share units underlying, our ordinary shares to our officers and certainof our directors. Such award agreements contain acceleration provisions upon certain merger, acquisition, or change of control transactions. We describe ouroption plans under "Item 6.B. Compensation—Equity Incentive Plans" and the equity-based compensation received by certain of our executive officers in"Item 6.B. Compensation—Compensation of Directors and Executive Officers." If the relationship between us and an executive officer, or a director, isterminated, except for cause (as defined in the various option plan agreements), all options that are vested will remain exercisable for ninety days after suchtermination in the case of our executive officers, or one year in the case of our directors. Exculpation, Indemnification and Insurance. Our articles of association permit us to exculpate, indemnify and insure certain of our office holders to thefullest extent permitted by Israeli law. We have entered into agreements with certain of our office holders, including our directors, exculpating them from abreach of their duty of care to us to the fullest extent permitted by law and undertaking to indemnify them to the fullest extent permitted by law, subject tocertain exceptions, including with respect to liabilities resulting from our initial public offering to the extent that these liabilities are not covered byinsurance. See "Item 6.C. Board Practices—Exculpation, Insurance and Indemnification of Directors and Officers." 78 C. Interests of Experts and Counsel Not applicable. ITEM 8. FINANCIAL INFORMATION A. Consolidated Statements and Other Financial Information Consolidated Financial Statements We have appended as part of this annual report our consolidated financial statements starting at page F-1. Legal Proceedings From time to time, we may be subject to legal proceedings and claims in the ordinary course of business. We are not currently a party to any materiallitigation. Regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of managementresources and other factors. Dividend Policy We have never declared or paid any cash dividends on our ordinary shares. We do not anticipate paying any cash dividends in the foreseeable future. Wecurrently intend to retain future earnings, if any, to finance operations and expand our business. Our board of directors has sole discretion whether to paydividends. If our board of directors decides to pay dividends, the form, frequency and amount will depend upon our future operations and earnings, capitalrequirements and surplus, general financial condition, contractual restrictions and other factors that our directors may deem relevant. The distribution ofdividends may also be limited by Israeli law, which permits the distribution of dividends only out of retained earnings or otherwise upon the permission of anIsraeli court.B. Significant Changes No significant changes have occurred since December 31, 2016, except as otherwise disclosed in this annual report. ITEM 9. THE OFFER AND LISTING A. Offer and Listing Details Our ordinary shares have been quoted on NASDAQ under the symbol "CYBR" since September 24, 2014. Prior to that date, there was no public tradingmarket for our ordinary shares. Our IPO was priced at $16.00 per share on September 24, 2014. The following table sets forth for the periods indicated thehigh and low sales prices per ordinary share as reported on NASDAQ: Low High Annual: 2016 $31.5 $59.28 2015 33.00 76.35 2014 (beginning September 24, 2014) 22.12 47.01 Quarterly: First Quarter 2017 (through February 28, 2017) $45.61 $55.65 Fourth Quarter 2016 44.57 56.25 Third Quarter 2016 47.82 59.28 Second Quarter 2016 37.00 51.06 First Quarter 2016 31.50 49.56 Fourth Quarter 2015 37.51 54.74 Third Quarter 2015 40.63 65.50 Second Quarter 2015 51.16 76.35 First Quarter 2015 33.00 70.48 Most Recent Six Months: February 2017 49.91 55.65 January 2017 45.61 53.20 December 2016 44.77 51.65 November 2016 44.69 56.25 October 2016 44.57 51.56 September 2016 48.77 59.28 79 B.Plan of Distribution Not applicable. C.Markets See "—Listing Details" above. D.Selling Shareholders Not applicable. E.Dilution Not applicable. F.Expenses of the Issue Not applicable. ITEM 10. ADDITIONAL INFORMATION A.Share Capital Not applicable. B.Memorandum and Articles of Association Certain information related to our articles of association and memorandum of association is disclosed in our Registration Statement on Form F-1, as amended(Registration No. 333-204516), and is incorporated by reference. Registration Number and Purposes of the Company. Our registration number with the Israeli Registrar of Companies is 51-229164-2. Our purpose, as set forthin article 3 of our articles of association, is to engage in any lawful activity. Voting Rights and Conversion. All ordinary shares have identical voting and other rights in all respects. 80 Transfer of Shares. Our fully paid ordinary shares are issued in registered form and may be freely transferred under our articles of association, unless thetransfer is restricted or prohibited by another instrument, applicable law or the rules of a stock exchange on which the shares are listed for trade. Theownership or voting of our ordinary shares by non-residents of Israel is not restricted in any way by our articles of association or the laws of the State of Israel,except for ownership by nationals of some countries that are, or have been, in a state of war with Israel. Election of Directors. Our ordinary shares do not have cumulative voting rights for the election of directors. As a result, the holders of a majority of thevoting power represented at a shareholders meeting have the power to elect all of our directors. Under our articles of association, our board of directors must consist of not less than four but no more than 11 directors. Pursuant to our articles of association,the vote required to appoint a director is a simple majority vote of holders of our voting shares, participating and voting at the relevant meeting. In addition,our directors are divided into three classes that are each elected at the third annual general meeting of our shareholders, in a staggered fashion (such that oneclass is elected each annual general meeting), and serve on our board of directors unless they are removed by a vote of 65% of the total voting power of ourshareholders at a general meeting of our shareholders or upon the occurrence of certain events, in accordance with the Companies Law and our articles ofassociation. In addition, our articles of association allow our board of directors to fill vacancies on the board of directors or to appoint new directors up to themaximum number of directors permitted under our articles of association. Such directors serve for a term of office equal to the remaining period of the term ofoffice of the directors(s) whose office(s) have been vacated or in the case of new directors, for a term of office according to the class to which such director wasassigned upon appointment. See "Item 6.C. Board Practices—External Directors" for a description of the exemption from the requirements under theCompanies Law to appoint external directors. Dividend and Liquidation Rights. We may declare a dividend to be paid to the holders of our ordinary shares in proportion to their respective shareholdings.Under the Companies Law, dividend distributions are determined by the board of directors and do not require the approval of the shareholders of a companyunless the company's articles of association provide otherwise. Our articles of association do not require shareholder approval of a dividend distribution andprovide that dividend distributions may be determined by our board of directors. Pursuant to the Companies Law, the distribution amount is limited to the greater of retained earnings or earnings generated over the previous two years,according to our then last reviewed or audited financial statements, provided that the date of the financial statements is not more than six months prior to thedate of the distribution, or we may distribute dividends that do not meet such criteria only with court approval. In each case, we are only permitted todistribute a dividend if our board of directors and the court, if applicable, determines that there is no reasonable concern that payment of the dividend willprevent us from satisfying our existing and foreseeable obligations as they become due. In the event of our liquidation, after satisfaction of liabilities to creditors, our assets will be distributed to the holders of our ordinary shares in proportion totheir shareholdings. This right, as well as the right to receive dividends, may be affected by the grant of preferential dividend or distribution rights to theholders of a class of shares with preferential rights that may be authorized in the future. Exchange Controls. There are currently no Israeli currency control restrictions on remittances of dividends on our ordinary shares, proceeds from the sale ofthe shares or interest or other payments to non-residents of Israel, except for shareholders who are subjects of countries that are, or have been, in a state of warwith Israel. Shareholder Meetings. Under Israeli law, we are required to hold an annual general meeting of our shareholders once every calendar year that must be held nolater than 15 months after the date of the previous annual general meeting. All meetings other than the annual general meeting of shareholders are referred toin our articles of association as special general meetings. Our board of directors may call special general meetings whenever it sees fit, at such time and place,within or outside of Israel, as it may determine. In addition, the Companies Law provides that our board of directors is required to convene a special generalmeeting upon the written request of (i) any two of our directors or one-quarter of the members of our board of directors or (ii) one or more shareholdersholding, in the aggregate, either (a) 5% or more of our outstanding issued shares and 1% of our outstanding voting power or (b) 5% or more of ouroutstanding voting power. 81 Subject to the provisions of the Companies Law and the regulations promulgated thereunder, shareholders entitled to participate and vote at generalmeetings are the shareholders of record on a date to be decided by the board of directors, which may be between four and 40 days prior to the date of themeeting. Furthermore, the Companies Law requires that resolutions regarding the following matters must be passed at a general meeting of our shareholders: ·amendments to our articles of association; ·appointment or termination of our auditors; ·approval of certain related party transactions; ·increases or reductions of our authorized share capital; ·certain merger transactions; and ·the exercise of our board of director's powers by a general meeting, if our board of directors is unable to exercise its powers and the exercise ofany of its powers is required for our proper management. The Companies Law requires that notice of any annual general meeting or special general meeting be provided to shareholders at least 21 days prior to themeeting and if the agenda of the meeting includes the appointment or removal of directors, the approval of transactions with office holders or interested orrelated parties, or an approval of a merger, notice must be provided at least 35 days prior to the meeting. Under the Companies Law, shareholders are not permitted to take action via written consent in lieu of a meeting.Voting Rights Quorum requirements. Pursuant to our articles of association, holders of our ordinary shares have one vote for each ordinary share held on all matterssubmitted to a vote before the shareholders at a general meeting. As a foreign private issuer, the quorum required for our general meetings of shareholdersconsists of at least two shareholders present in person or by proxy who hold or represent between them at least 25% of the total outstanding voting rights. Ameeting adjourned for lack of a quorum is generally adjourned to the same day in the following week at the same time and place, to such time and date if sospecified in the notice of the meeting, or to such time and date as the chairman of the general meeting shall determine (which may be earlier or later than theforgoing dates). At the reconvened meeting, any one shareholder present in person or by proxy shall constitute a lawful quorum, generally, regardless of thenumber of shares held by such shareholder. Vote Requirements. Our articles of association provide that all resolutions of our shareholders require a simple majority vote, unless otherwise required by theCompanies Law or by our articles of association. Under our articles of association, the alteration of the rights, privileges, preferences or obligations of anyclass of our shares requires the ordinary majority vote of all classes of shares voting together as a single class at a shareholder meeting. Our articles ofassociation also require that the removal of any director from office (other than external directors) or the amendment of the provisions of our articles ofassociation relating to our staggered board requires the vote of 65% of the total voting power of our shareholders. Another exception to the simple majorityvote requirement is a resolution for the voluntary winding up, or an approval of a scheme of arrangement or reorganization, of the company pursuant toSection 350 of the Companies Law, which requires the approval of holders of 75% of the voting rights represented at the meeting, in person, by proxy or byvoting deed and voting on the resolution. Access to Corporate Records. Under the Companies Law, shareholders are provided access to: minutes of our general meetings; our shareholders register andprincipal shareholders register, articles of association and annual financial statements; and any document that we are required by law to file publicly with theIsraeli Companies Registrar or the Israel Securities Authority. In addition, shareholders may request to be provided with any document related to an action ortransaction requiring shareholder approval under the related party transaction provisions of the Companies Law. We may deny this request if we believe ithas not been made in good faith or if such denial is necessary to protect our interest or protect a trade secret or patent. 82 Acquisitions under Israeli Law Full Tender Offer. A person wishing to acquire shares of an Israeli public company and who would as a result hold over 90% of the target company's issuedand outstanding share capital is required by the Companies Law to make a tender offer to all of the company's shareholders for the purchase of all of theissued and outstanding shares of the company. A person wishing to acquire shares of a public Israeli company and who would as a result hold over 90% of theissued and outstanding share capital of a certain class of shares is required to make a tender offer to all of the shareholders who hold shares of the relevantclass for the purchase of all of the issued and outstanding shares of that class. If the shareholders who do not accept the offer hold less than 5% of the issuedand outstanding share capital of the company or of the applicable class, and more than half of the shareholders who do not have a personal interest in theoffer accept the offer, all of the shares that the acquirer offered to purchase will be transferred to the acquirer by operation of law. However, a tender offer willalso be accepted if the shareholders who do not accept the offer hold less than 2% of the issued and outstanding share capital of the company or of theapplicable class of shares. Upon a successful completion of such a full tender offer, any shareholder that was an offeree in such tender offer, whether such shareholder accepted thetender offer or not, may, within six months from the date of acceptance of the tender offer, petition an Israeli court to determine whether the tender offer wasfor less than fair value and that the fair value should be paid as determined by the court. However, under certain conditions, the offeror may include in theterms of the tender offer that an offeree who accepted the offer will not be entitled to petition the Israeli court as described above.If (a) the shareholders who did not respond or accept the tender offer hold at least 5% of the issued and outstanding share capital of the company or of theapplicable class or the shareholders who accept the offer constitute less than a majority of the offerees that do not have a personal interest in the acceptance ofthe tender offer, or (b) the shareholders who did not accept the tender offer hold 2% or more of the issued and outstanding share capital of the company (or ofthe applicable class), the acquirer may not acquire shares of the company that will increase its holdings to more than 90% of the company's issued andoutstanding share capital or of the applicable class from shareholders who accepted the tender offer. Special Tender Offer. The Companies Law provides that an acquisition of shares of an Israeli public company must be made by means of a special tenderoffer if as a result of the acquisition the purchaser would become a holder of 25% or more of the voting rights in the company. This requirement does notapply if there is already another holder of at least 25% of the voting rights in the company. Similarly, the Companies Law provides that an acquisition ofshares in a public company must be made by means of a special tender offer if as a result of the acquisition the purchaser would become a holder of more than45% of the voting rights in the company, if there is no other shareholder of the company who holds more than 45% of the voting rights in the company,subject to certain exceptions. A special tender offer must be extended to all shareholders of a company but the offeror is not required to purchase shares representing more than 5% of thevoting power attached to the company's outstanding shares, regardless of how many shares are tendered by shareholders. A special tender offer may beconsummated only if (i) at least 5% of the voting power attached to the company's outstanding shares will be acquired by the offeror and (ii) the number ofshares tendered in the offer exceeds the number of shares whose holders objected to the offer (excluding the purchaser, controlling shareholders, holders of25% or more of the voting rights in the company or any person having a personal interest in the acceptance of the tender offer). If a special tender offer isaccepted, then the purchaser or any person or entity controlling it or under common control with the purchaser or such controlling person or entity may notmake a subsequent tender offer for the purchase of shares of the target company and may not enter into a merger with the target company for a period of oneyear from the date of the offer, unless the purchaser or such person or entity undertook to effect such an offer or merger in the initial special tender offer. Merger. The Companies Law permits merger transactions if approved by each party's board of directors and, unless certain requirements described under theCompanies Law are met, by a majority vote of each party's shares, and, in the case of the target company, a majority vote of each class of its shares, voted onthe proposed merger at a shareholders meeting. For purposes of the shareholder vote, unless a court rules otherwise, the merger will not be deemed approved if a majority of the votes of shares represented atthe shareholders meeting that are held by parties other than the other party to the merger, or by any person (or group of persons acting in concert) who holds(or hold, as the case may be) 25% or more of the voting rights or the right to appoint 25% or more of the directors of the other party, vote against the merger.If, however, the merger involves a merger with a company's own controlling shareholder or if the controlling shareholder has a personal interest in the merger,then the merger is instead subject to the same special majority approval that governs all extraordinary transactions with controlling shareholders (asdescribed under "Management—Approval of related party transactions under Israeli law—Disclosure of personal interests of controlling shareholders andapproval of certain transactions"). 83 If the transaction would have been approved by the shareholders of a merging company but for the separate approval of each class or the exclusion of thevotes of certain shareholders as provided above, a court may still approve the merger upon the request of holders of at least 25% of the voting rights of acompany, if the court holds that the merger is fair and reasonable, taking into account the value of the parties to the merger and the consideration offered tothe shareholders of the company. Upon the request of a creditor of either party to the proposed merger, the court may delay or prevent the merger if it concludes that there exists a reasonableconcern that, as a result of the merger, the surviving company will be unable to satisfy the obligations of the merging entities, and may further giveinstructions to secure the rights of creditors.In addition, a merger may not be consummated unless at least 50 days have passed from the date on which a proposal for approval of the merger was filed byeach party with the Israeli Registrar of Companies and at least 30 days have passed from the date on which the merger was approved by the shareholders ofeach party. Anti-takeover Measures under Israeli Law The Companies Law allows us to create and issue shares having rights different from those attached to our ordinary shares, including shares providing certainpreferred rights with respect to voting, distributions or other matters and shares having preemptive rights. No preferred shares are authorized under our articlesof association. In the future, if we do authorize, create and issue a specific class of preferred shares, such class of shares, depending on the specific rights thatmay be attached to it, may have the ability to frustrate or prevent a takeover or otherwise prevent our shareholders from realizing a potential premium overthe market value of their ordinary shares. The authorization and designation of a class of preferred shares will require an amendment to our articles ofassociation, which requires the prior approval of the holders of a majority of the voting power attaching to our issued and outstanding shares at a generalmeeting. The convening of the meeting, the shareholders entitled to participate and the majority vote required to be obtained at such a meeting will besubject to the requirements set forth in the Companies Law as described above in "—Voting Rights." Transfer Agent and Registrar The transfer agent and registrar for our ordinary shares is American Stock Transfer & Trust Company, LLC. Its address is 6201 15th Avenue, Brooklyn, NewYork 11219, and its telephone number is (800) 937-5449. Listing Our ordinary shares are listed on the NASDAQ Global Select Market under the symbol "CYBR." C.Material Contracts For a description of the registration rights that we granted under our Fourth Amended Investor Rights Agreement, please refer to "Item 7.B. Related PartyTransaction—Registration Rights." We entered into an underwriting agreement between us, Goldman, Sachs & Co. and Deutsche Bank Securities Inc., as representatives of the underwriters, withrespect to the ordinary shares sold by certain of our shareholders in a public offering of ordinary shares, on March 11, 2015. We also entered into anunderwriting agreement between us, Goldman, Sachs & Co., Deutsche Bank Securities Inc. and Barclays Capital Inc., as representatives of the underwriters,with respect to the ordinary shares sold by us and certain of our shareholders in a public offering of ordinary shares, on June 10, 2015. Under each of the underwriting agreements described above, we have agreed to indemnify the underwriters covered by the corresponding agreement againstcertain liabilities, including liabilities under the Securities Act, and to contribute to payments such underwriters may be required to make in respect of suchliabilities. For a description of our leases, see Item 4.B.—Business Overview—Properties. 84 D.Exchange Controls In 1998, Israeli currency control regulations were liberalized significantly, so that Israeli residents generally may freely deal in foreign currency and foreignassets, and non-residents may freely deal in Israeli currency and Israeli assets. There are currently no Israeli currency control restrictions on remittances ofdividends on the ordinary shares or the proceeds from the sale of the shares provided that all taxes were paid or withheld; however, legislation remains ineffect pursuant to which currency controls can be imposed by administrative action at any time. Non-residents of Israel may freely hold and trade our securities. Neither our articles of association nor the laws of the State of Israel restrict in any way theownership or voting of ordinary shares by non-residents, except that such restrictions may exist with respect to citizens of countries which are in a state of warwith Israel. Israeli residents are allowed to purchase our ordinary shares.E.Taxation The following description is not intended to constitute a complete analysis of all tax consequences relating to the acquisition, ownership and disposition ofour ordinary shares. You should consult your own tax advisor concerning the tax consequences of your particular situation, as well as any tax consequencesthat may arise under the laws of any state, local, foreign or other taxing jurisdiction. This summary does not discuss all of the aspects of Israeli tax law thatmay be relevant to a particular investor in light of his or her personal investment circumstances or to some types of investors subject to special treatmentunder Israeli law. Examples of such investors include residents of Israel or traders in securities who are subject to special tax regimes not covered in thisdiscussion. Certain Israeli Tax Consequences Capital Gains Taxes Applicable to Non-Israeli Resident Shareholders A non-Israeli resident who derives capital gains from the sale of shares in an Israeli resident company that were purchased after the company was listed fortrading on a stock exchange outside of Israel should be exempt from Israeli tax so long as the shares were not held through a permanent establishment that thenon-resident maintains in Israel and that such shareholders are not subject to the Israeli Income Tax Law (Inflationary Adjustments) 5745-1985. However,non-Israeli corporations will not be entitled to the foregoing exemption if Israeli residents: (i) have a controlling interest of more than 25% in such non-Israelicorporation or (ii) are the beneficiaries of, or are entitled to, 25% or more of the revenues or profits of such non-Israeli corporation, whether directly orindirectly. Such exemption is not applicable to a person whose gains from selling or otherwise disposing of the shares are deemed to be a business income. Additionally, a sale of shares by a non-Israeli resident may be exempt from Israeli capital gains tax under the provisions of an applicable tax treaty. Forexample, under the United States-Israel Tax Treaty, the disposition of shares by a shareholder who (i) is a U.S. resident (for purposes of the treaty), (ii) holdsthe shares as a capital asset, and (iii) is entitled to claim the benefits afforded to such person by the treaty, is generally exempt from Israeli capital gains tax.Such exemption will not apply if: (i) the capital gain arising from the disposition can be attributed to a permanent establishment of the shareholder which ismaintained in Israel; (ii) the shareholder holds, directly or indirectly, shares representing 10% or more of the voting capital during any part of the 12-monthperiod preceding such sale, exchange or disposition, subject to certain conditions; or (iii) such U.S. resident is an individual and was present in Israel for aperiod or periods aggregating to 183 days or more during the relevant taxable year. In such case, the sale, exchange or disposition of our ordinary shareswould be subject to Israeli tax, to the extent applicable; however, under the United States-Israel Tax Treaty, a U.S. resident would be permitted to claim acredit for such taxes against the U.S. federal income tax imposed with respect to such sale, exchange or disposition, subject to the limitations under U.S. lawapplicable to foreign tax credits. The United States-Israel Tax Treaty does not relate to U.S. state or local taxes. In some instances where our shareholders may be liable for Israeli tax on the sale of their ordinary shares, the payment of the consideration may be subject tothe withholding of Israeli tax at source. Shareholders may be required to demonstrate that they are exempt from tax on their capital gains in order to avoidwithholding at source at the time of sale. Specifically, in transactions involving a sale of all of the shares of an Israeli resident company, in the form of amerger or otherwise, the Israel Tax Authority may require from shareholders who are not liable for Israeli tax to sign declarations in forms specified by thisauthority or obtain a specific exemption from the Israel Tax Authority to confirm their status as non-Israeli resident, and, in the absence of such declarationsor exemptions, may require the purchaser of the shares to withhold taxes at source.85 Taxation of Non-Israeli Shareholders on Receipt of Dividends Non-Israeli residents are generally subject to Israeli income tax on the receipt of dividends paid on our ordinary shares at the rate of 25%, unless relief isprovided in a treaty between Israel and the shareholder's country of residence. With respect to a person who is a "substantial shareholder" at the time ofreceiving the dividend or on any time during the preceding twelve months, the applicable tax rate is 30%. A "substantial shareholder" is generally a personwho alone or together with such person's relative or another person who collaborates with such person on a permanent basis, holds, directly or indirectly, atleast 10% of any of the "means of control" of the corporation. "Means of control" generally include the right to vote, receive profits, nominate a director or anexecutive officer, receive assets upon liquidation, or order someone who holds any of the aforesaid rights how to act, regardless of the source of such right.Dividends paid on publicly traded shares, which are registered with and held by a nominee company, to non-Israeli residents are generally subject to Israeliwithholding tax at a rate of 25% (whether the recipient is a substantial shareholder or not), unless a reduced tax rate is provided under an applicable taxtreaty, provided that a certificate from the Israel Tax Authority allowing for a reduced withholding tax rate is obtained in advance. However, a distribution ofdividends to non-Israeli residents is subject to withholding tax at source at a rate of 15% if the dividend is distributed from income attributed to an ApprovedEnterprise or a Benefited Enterprise or 20% if the dividend is distributed from income attributed to a Preferred Enterprise, unless a reduced tax rate isprovided under an applicable tax treaty(subject to the receipt in advance of a valid certificate from the Israel Tax Authority allowing for a reduced tax rate).Under the United States-Israel Tax Treaty, the maximum rate of tax withheld at source in Israel on dividends paid to a holder of our ordinary shares who is aU.S. resident (for purposes of the United States-Israel Tax Treaty) is 25%. However, the maximum rate of withholding tax on dividends, not generated from anApproved Enterprise or Benefited Enterprise, that are paid to a United States corporation holding 10% or more of the outstanding voting capital throughoutthe tax year in which the dividend is distributed as well as during the previous tax year, is 12.5%, provided that no more than 25% of the gross income forsuch preceding year consists of certain types of dividends and interest. Notwithstanding the foregoing, a distribution of dividends to non-Israeli residents issubject to withholding tax at source at a rate of 15% if the dividend is distributed from income attributed to an Approved Enterprise or a Benefited Enterprisefor such U.S. corporation shareholder, provided that the condition related to our gross income for the previous year (as set forth in the previous sentence) ismet. We cannot assure you that in the event we declare a dividend we will designate the income out of which the dividend is paid in a manner that willreduce shareholders' tax liability. If the dividend is attributable partly to income derived from an Approved Enterprise, Benefited Enterprise or Preferred Enterprise, and partly to other sourcesof income, the withholding rate will be a blended rate reflecting the relative portions of the two types of income. U.S. residents who are subject to Israeliwithholding tax on a dividend may be entitled to a credit or deduction for United States federal income tax purposes in the amount of the taxes withheld,subject to detailed rules contained in U.S. tax legislation. Excess Tax Individuals who are subject to tax in Israel (whether any such individual is an Israeli resident or non-Israeli resident) are also subject to an additional tax atthe rate of 2% on annual taxable income exceeding NIS 803,520 in 2016 (and as of 2017, the additional tax will be at a rate of 3% on annual incomeexceeding NIS 640,000) which amount is linked to the annual change in the Israeli consumer price index, including, but not limited to, dividends, interestand capital gain. Estate and Gift Tax Israeli law presently does not impose estate or gift taxes. 86 Certain United States Federal Income Tax Consequences The following is a description of certain United States federal income tax consequences relating to the acquisition, ownership and disposition of our ordinaryshares by a U.S. Holder (as defined below). This description addresses only the United States federal income tax consequences to U.S. Holders that hold suchordinary shares as capital assets. This description does not address tax considerations applicable to U.S. Holders that may be subject to special tax rules,including, without limitation: ·banks, financial institutions or insurance companies; ·real estate investment trusts, regulated investment companies or grantor trusts; ·brokers, dealers or traders in securities, commodities or currencies; ·tax-exempt entities or organizations, including an "individual retirement account" or "Roth IRA" as defined in Section 408 or 408A of theCode, respectively; ·certain former citizens or long-term residents of the United States; ·persons that receive our shares as compensation for the performance of services; ·persons that hold our shares as part of a "hedging," "integrated" or "conversion" transaction or as a position in a "straddle" for United Statesfederal income tax purposes; ·partnerships (including entities classified as partnerships for United States federal income tax purposes) or other pass-through entities, orindirect holders that hold our shares through such an entity; ·S corporations; ·holders that acquire ordinary shares as a result of holding or owning our preferred shares; ·holders whose "functional currency" is not the U.S. Dollar; or ·holders that own directly, indirectly or through attribution 10.0% or more of the voting power or value of our shares. Moreover, this description does not address the United States federal estate, gift or alternative minimum tax consequences, or any state, local or foreign taxconsequences, of the acquisition, ownership and disposition of our ordinary shares. This description is based on the Code, existing, proposed and temporary United States Treasury Regulations and judicial and administrative interpretationsthereof, in each case as in effect and available on the date hereof. All of the foregoing is subject to change, which change could apply retroactively and couldaffect the tax consequences described below. There can be no assurances that the U.S. Internal Revenue Service, or IRS, will not take a different positionconcerning the tax consequences of the ownership and disposition of our ordinary shares or that such a position would not be sustained. Holders shouldconsult their own tax advisors concerning the U.S. federal, state, local and foreign tax consequences of acquiring, owning and disposing of our ordinaryshares in their particular circumstances. For purposes of this description, a "U.S. Holder" is a beneficial owner of our ordinary shares that, for United States federal income tax purposes, is: ·a citizen or individual resident of the United States; ·a corporation (or other entity treated as a corporation for United States federal income tax purposes) created or organized in or under the laws ofthe United States or any state thereof, including the District of Columbia; ·an estate the income of which is subject to United States federal income taxation regardless of its source; or ·a trust if such trust has validly elected to be treated as a United States person for United States federal income tax purposes or if (1) a courtwithin the United States is able to exercise primary supervision over its administration and (2) one or more United States persons have theauthority to control all of the substantial decisions of such trust. If a partnership (or any other entity treated as a partnership for United States federal income tax purposes) holds our ordinary shares, the tax treatment of apartner in such partnership will generally depend on the status of the partner and the activities of the partnership. Such a partner or partnership should consultits tax advisor as to the particular United States federal income tax consequences of acquiring, owning and disposing of our ordinary shares in its particularcircumstance. 87 You should consult your tax advisor with respect to the United States federal, state, local and foreign tax consequences of acquiring, owning anddisposing of our ordinary shares. Distributions Subject to the discussion below under "Passive Foreign Investment Company Considerations," if you are a U.S. Holder, the gross amount of any distributionmade to you with respect to our ordinary shares before reduction for any Israeli taxes withheld therefrom, other than certain distributions, if any, of ourordinary shares distributed pro rata to all our shareholders, generally will be includible in your income as dividend income to the extent such distribution ispaid out of our current or accumulated earnings and profits as determined under United States federal income tax principles. We do not expect to maintaincalculations of our earnings and profits under United States federal income tax principles. Therefore, if you are a U.S. Holder you should expect that the entireamount of any distribution generally will be reported as dividend income to you. Subject to applicable limitations, dividends paid to certain non-corporateU.S. Holders may qualify for the preferential rates of taxation with respect to dividends on ordinary shares if certain requirements, including stock holdingperiod requirements, are satisfied by the recipient and we are eligible for the benefits of the United States-Israel Tax Treaty. However, such dividends will not be eligible for the dividends received deduction generally allowed to corporate U.S. Holders. To the extent that the amountof any distribution by us exceeds our current and accumulated earnings and profits as determined under United States federal income tax principles, it will betreated first as a return of your adjusted tax basis in our ordinary shares and thereafter as either long-term or short-term capital gain depending upon whetherthe U.S. Holder has held our ordinary shares for more than one year as of the time such distribution is received. Subject to certain conditions and limitations, Israeli tax withheld on dividends may be deducted from your taxable income or credited against your UnitedStates federal income tax liability. If you are a U.S. Holder, dividends paid to you with respect to our ordinary shares will generally be treated as foreignsource income, which may be relevant in calculating your foreign tax credit limitation. However, for periods in which we are a "United Stated-owned foreigncorporation," a portion of dividends paid by us may be treated as U.S. source solely for purposes of the foreign tax credit. We would be treated as a UnitedStates-owned foreign corporation if 50% or more of the total value or total voting power of our stock is owned, directly, indirectly or by attribution, byUnited States persons. To the extent any portion of our dividends is treated as U.S. source income pursuant to this rule, the ability of a U.S. Holder to claim aforeign tax credit for any Israeli withholding taxes payable in respect of our dividends may be limited. A U.S. Holder entitled to benefits under the UnitedStates-Israel Tax Treaty may, however, elect to treat any dividends as foreign source income for foreign tax credit purposes if the dividend income isseparated from other income items for purposes of calculating the U.S. Holder's foreign tax credit. U.S. Holders should consult their own tax advisors aboutthe impact of, and any exception available to, the special sourcing rule described in this paragraph, and the desirability of making, and the method ofmaking, such an election. The limitation on foreign taxes eligible for credit is calculated separately with respect to specific classes of income. For this purpose, dividends that wedistribute generally should constitute "passive category income," or, in the case of certain U.S. Holders, "general category income." A foreign tax credit forforeign taxes imposed on distributions may be denied if you do not satisfy certain minimum holding period requirements. The rules relating to thedetermination of the foreign tax credit are complex, and you should consult your tax advisor to determine whether and to what extent you will be entitled tothis credit. Sale, Exchange or Other Taxable Disposition of Ordinary Shares Subject to the discussion below under "Passive Foreign Investment Company Considerations," if you are a U.S. Holder, you generally will recognize gain orloss on the sale, exchange or other taxable disposition of our ordinary shares equal to the difference between the amount realized on such sale, exchange orother taxable disposition and your adjusted tax basis in our ordinary shares, and such gain or loss will be capital gain or loss. The adjusted tax basis in anordinary share generally will be equal to the cost of such ordinary share. If you are a non-corporate U.S. Holder, capital gain from the sale, exchange or othertaxable disposition of ordinary shares is generally eligible for a preferential rate of taxation applicable to capital gains, if your holding period for suchordinary shares exceeds one year (i.e., such gain is long-term capital gain). The deductibility of capital losses for United States federal income tax purposes issubject to limitations under the Code. Any such gain or loss that a U.S. Holder recognizes generally will be treated as U.S. source income or loss for foreigntax credit limitation purposes.88 Passive Foreign Investment Company Considerations If we were to be classified as a "passive foreign investment company," or PFIC, in any taxable year, a U.S. Holder would be subject to special rules generallyintended to reduce or eliminate any benefits from the deferral of U.S. federal income tax that a U.S. Holder could derive from investing in a non-U.S. companythat does not distribute all of its earnings on a current basis. A non-U.S. corporation will be classified as a PFIC for federal income tax purposes in any taxable year in which, after applying certain look-through ruleswith respect to the income and assets of subsidiaries, either: ·at least 75% of its gross income is "passive income"; or ·at least 50% of the average quarterly value of its total gross assets (which may be measured in part by the market value of our ordinary shares,which is subject to change) is attributable to assets that produce "passive income" or are held for the production of passive income. Passive income for this purpose generally includes dividends, interest, royalties, rents, gains from commodities and securities transactions, the excess of gainsover losses from the disposition of assets which produce passive income, and includes amounts derived by reason of the temporary investment of funds raisedin offerings of our ordinary shares. If a non-U.S. corporation owns directly or indirectly at least 25% by value of the stock of another corporation, the non-U.S.corporation is treated for purposes of the PFIC tests as owning its proportionate share of the assets of the other corporation and as receiving directly itsproportionate share of the other corporation's income. If we are classified as a PFIC in any year with respect to which a U.S. Holder owns our ordinary shares,we will continue to be treated as a PFIC with respect to such U.S. Holder in all succeeding years during which the U.S. Holder owns our ordinary shares,regardless of whether we continue to meet the tests described above.Based on the composition of our gross income and the fair market value of our assets, and the nature of our business, we believe that we were not classified asa PFIC for the taxable year ended December 31, 2016. Because PFIC status is determined annually based on our income, assets and activities for the entiretaxable year, it is not possible to determine whether we will be characterized as a PFIC for the taxable year ending December 31, 2017, or for any subsequentyear, until we finalize our financial statements for that year. Furthermore, because the value of our gross assets is likely to be determined in large part byreference to our market capitalization, a decline in the value of our ordinary shares may result in our becoming a PFIC. Accordingly, there can be noassurance that we will not be considered a PFIC for any taxable year. Under certain attribution rules, as a PFIC, U.S. Holders may be deemed to own their proportionate share of our PFIC subsidiaries, such subsidiaries referred toas "lower-tier PFICs," and will be subject to U.S. federal income tax in the manner discussed below on (1) a distribution to us on the shares of a "lower-tierPFIC" and (2) a disposition by us of shares of a "lower-tier PFIC," both as if the holder directly held the shares of such "lower-tier PFIC." If an entity is treated as a PFIC for any taxable year during which a U.S. Holder holds (or, as discussed in the previous paragraph, is deemed to hold) itsordinary shares, such holder will be subject to adverse U.S. federal income tax rules. In general, if a U.S. Holder disposes of shares of a PFIC (including anindirect disposition or a constructive disposition of shares of a "lower-tier PFIC"), gain recognized or deemed recognized by such holder would be allocatedratably over such holder's holding period for the shares. The amounts allocated to the taxable year of disposition and to years before the entity became aPFIC, if any, would be treated as ordinary income. The amount allocated to each other taxable year would be subject to tax at the highest rate in effect for such taxable year for individuals or corporations, asappropriate, and an interest charge would be imposed on the tax attributable to such allocated amounts. Further, any distribution in respect of shares of aPFIC (or a distribution by a lower-tier PFIC to its shareholders that is deemed to be received by a U.S. Holder) in excess of 125% of the average of the annualdistributions on such shares received or deemed to be received during the preceding three years or the U.S. Holder's holding period, whichever is shorter,would be subject to taxation in the manner described above. In addition, dividend distributions made to you will not qualify for the preferential rates oftaxation applicable to long-term capital gains discussed above under "Distributions." 89 Where a company that is a PFIC meets certain reporting requirements, a U.S. Holder can avoid certain adverse PFIC consequences described above by makinga "qualified electing fund", or QEF, election to be taxed currently on its proportionate share of the PFIC's ordinary income and net capital gains. If we are a PFIC and our ordinary shares are "regularly traded" on a "qualified exchange," a U.S. Holder may make a mark-to-market election with respect toour ordinary shares (but not the shares of any lower-tier PFICs), which may help to mitigate the adverse tax consequences resulting from our PFIC status (butnot that of any lower-tier PFICs). Our ordinary shares will be treated as "regularly traded" in any calendar year in which more than a de minimis quantity ofthe ordinary shares are traded on a qualified exchange on at least 15 days during each calendar quarter (subject to the rule that trades that have as one of theirprincipal purposes the meeting of the trading requirement are disregarded). The NASDAQ Global Select Market is a qualified exchange for this purpose and,consequently, if the ordinary shares are regularly traded, the mark-to-market election will be available to a U.S. Holder; however, there can be no assurancethat trading volumes will be sufficient to permit a mark-to-market election. In addition, because a mark-to-market election with respect to us does not applyto any equity interests in "lower-tier PFICs" that we own, a U.S. Holder generally will continue to be subject to the PFIC rules with respect to its indirectinterest in any investments held by us that are treated as equity interests in a PFIC for U.S. federal income tax purposes. If a U.S. Holder makes the mark-to-market election, for each year in which we are a PFIC, the holder will generally include as ordinary income the excess, ifany, of the fair market value of ordinary shares at the end of the taxable year over their adjusted tax basis, and will be permitted an ordinary loss in respect ofthe excess, if any, of the adjusted tax basis of our ordinary shares over their fair market value at the end of the taxable year (but only to the extent of the netamount of previously included income as a result of the mark-to-market election). A U.S. Holder that makes a valid mark-to-market election will not includemark-to-market gain or loss in income for any taxable year that we are not classified as a PFIC (although cessation of our status as a PFIC will not terminatethe mark-to-market election). Thus, if we are classified as a PFIC in a taxable year after a year in which we are not classified as a PFIC, the U.S. Holder'soriginal election (unless revoked or terminated) continues to apply and the U.S. Holder must include any mark-to-market gain or loss in such year. If a U.S.Holder makes the election, the holder's tax basis in our ordinary shares will be adjusted to reflect any such income or loss amounts. Any gain recognized on asale or other disposition of our ordinary shares will be treated as ordinary income. Any losses recognized on a sale or other disposition of our ordinary shareswill be treated as ordinary loss to the extent of any net mark-to-market gains for prior years. U.S. Holders should consult their own tax advisors regarding theavailability and consequences of making a mark-to-market election in their particular circumstances. In particular, U.S. Holders should consider carefully theimpact of a mark-to-market election with respect to our ordinary shares if we have "lower-tier PFICs" for which such election is not available. Once made, themark-to-market election cannot be revoked without the consent of the IRS unless our ordinary shares cease to be "regularly traded." If a U.S. Holder owns ordinary shares during any year in which we are a PFIC, the U.S. Holder generally will be required to file an IRS Form 8621 (InformationReturn by a Shareholder of a Passive Foreign Investment Company or Qualified Electing Fund) with respect to the company (regardless of whether a QEF ormark-to-market election is made), generally with the U.S. Holder's federal income tax return for that year. If our company were a PFIC for a given taxable year,then you should consult your tax advisor concerning your annual filing requirements. U.S. Holders should consult their tax advisors regarding whether we are a PFIC and the potential application of the PFIC rules. Medicare Tax Certain U.S. Holders that are individuals, estates or trusts are subject to a 3.8% tax on all or a portion of their "net investment income," which may include allor a portion of their dividend income and net gains from the disposition of ordinary shares. Each U.S. Holder that is an individual, estate or trust is urged toconsult its tax advisors regarding the applicability of the Medicare tax to its income and gains in respect of its investment in our ordinary shares. 90 Backup Withholding Tax and Information Reporting Requirements United States backup withholding tax and information reporting requirements may apply to certain payments to certain holders of stock. Informationreporting generally will apply to payments of dividends on, and to proceeds from the sale or redemption of, our ordinary shares made within the UnitedStates, or by a United States payor or United States middleman, to a holder of our ordinary shares, other than an exempt recipient (including a payee that isnot a United States person that provides an appropriate certification and certain other persons). A payor will be required to withhold backup withholding taxfrom any payments of dividends on, or the proceeds from the sale or redemption of, ordinary shares within the United States, or by a United States payor orUnited States middleman, to a holder, other than an exempt recipient, if such holder fails to furnish its correct taxpayer identification number or otherwisefails to comply with, or establish an exemption from, such backup withholding tax requirements. Any amounts withheld under the backup withholding ruleswill be allowed as a credit against the beneficial owner's United States federal income tax liability, if any, and any excess amounts withheld under the backupwithholding rules may be refunded, provided that the required information is timely furnished to the IRS. Foreign Asset Reporting Certain U.S. Holders who are individuals are required to report information relating to an interest in our ordinary shares, subject to certain exceptions(including an exception for shares held in accounts maintained by U.S. financial institutions) by filing IRS Form 8938 (Statement of Specified ForeignFinancial Assets) with their federal income tax return. U.S. Holders are urged to consult their tax advisors regarding their information reporting obligations, ifany, with respect to their ownership and disposition of our ordinary shares. The above description is not intended to constitute a complete analysis of all tax consequences relating to acquisition, ownership and disposition of ourordinary shares. You should consult your tax advisor concerning the tax consequences of your particular situation. F.Dividends and Paying Agents Not applicable. G.Statement by Experts Not applicable. H.Documents on Display We are subject to the informational requirements of the Exchange Act that are applicable to foreign private issuers, and under those requirements file reportswith the SEC. Those other reports or other information may be inspected without charge at the locations described above. As a foreign private issuer, we areexempt from the rules under the Exchange Act related to the furnishing and content of proxy statements, and our officers, directors and principal shareholderswill be exempt from the reporting and short-swing profit recovery provisions contained in Section 16 of the Exchange Act. In addition, we are not requiredunder the Exchange Act to file annual, quarterly and current reports and financial statements with the SEC as frequently or as promptly as United Statescompanies whose securities are registered under the Exchange Act. However, we will file with the SEC, within 120 days after the end of each subsequentfiscal year, or such applicable time as required by the SEC, an annual report on Form 20-F containing financial statements audited by an independentregistered public accounting firm, and will submit to the SEC reports on Form 6-K containing unaudited quarterly financial information. You may read and copy any document we file with the SEC without charge at the SEC's public reference room at 100 F Street, N.E., Room 1580, Washington,D.C. 20549. You may also obtain copies of the documents at prescribed rates by writing to the Public Reference Section of the SEC at 100 F Street, N.E.,Room 1580, Washington, D.C. 20549. Please call the SEC at 1-800-SEC-0330 for further information on the public reference room. The SEC also maintainsan internet website that contains reports and other information regarding issuers that file electronically with the SEC. Our filings with the SEC are alsoavailable to the public through the SEC's website at http://www.sec.gov.I. Subsidiary Information Not applicable. 91 ITEM 11. QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK We are exposed to a variety of risks, including foreign currency exchange fluctuations, changes in interest rates and inflation. We regularly assess currency,interest rate and inflation risks to minimize any adverse effects on our business as a result of those factors. Foreign Currency Risk Our results of operations and cash flows are affected by fluctuations due to changes in foreign currency exchange rates. In 2016, the majority of our revenueswere denominated in U.S. dollars and the remainder in other currencies, primarily euros and British pounds sterling. In 2016, the majority of our cost ofrevenues and operating expenses were denominated in U.S. dollars and NIS and the remainder in other currencies, primarily euros and British pounds sterling.Our foreign currency-denominated expenses consist primarily of personnel, rent and other overhead costs. Since a significant portion of our expenses isincurred in NIS and is substantially greater than our revenues in NIS, any appreciation of the NIS relative to the U.S. dollar would adversely impact our netincome. In addition, since the portion of our revenues generated in euros and British pounds sterling is greater than our expenses incurred in euros and Britishpounds sterling, respectively, any depreciation of the euro or British pounds sterling relative to the U.S. dollar would adversely impact our net income. The following table presents information about the changes in the exchange rates of the NIS against the U.S. dollar: Period Change in Average ExchangeRate of the NISAgainst the U.S. dollar (%) 2016 (1.1)2015 8.6 2014 (0.9) The figures above represent the change in the average exchange rate in the given period compared to the average exchange rate in the immediately precedingperiod. Negative figures represent depreciation of the U.S. dollar compared to the NIS. A 10% strengthening or weakening in the value of the NIS against theU.S. dollar would have decreased or increased, respectively, our net income by approximately $4.0 million in 2016. We estimate that a 10% strengthening orweakening in the value of the euro against the U.S. dollar would have increased or decreased, respectively, our net income by approximately $1.1 million in2016. We estimate that a 10% strengthening or weakening in the value of the British pounds sterling against the U.S. dollar would have increased ordecreased, respectively, our net income by approximately $0.3 million in 2016. These estimates of the impact of fluctuations in currency exchange rates onour historic results of operations may be different from the impact of fluctuations in exchange rates on our future results of operations since the mix ofcurrencies comprising our revenues and expenses may change. For purposes of our consolidated financial statements, local currency assets and liabilities are translated at the rate of exchange to the U.S. dollar on thebalance sheet date and local currency revenues and expenses are translated at the exchange rate at the date of the transaction or the average exchange ratedollar during the reporting period to the United States. To protect against the increase in value of forecasted foreign currency cash flow resulting from expenses paid in NIS during the year, we have instituted aforeign currency cash flow hedging program. We hedge portions of the anticipated payroll of our Israeli employees in NIS for a period of one to twelvemonths with forward contracts and other derivative instruments. In addition, from time to time we enter into foreign exchange forward transactions toeconomically hedge a portion of account receivables in Euros and British pounds sterling. We do not use derivative financial instruments for speculative ortrading purposes.92 Interest Rate Risk The primary objectives of our investment activities are to preserve principal, support liquidity requirements, and maximize income without significantlyincreasing risk. Our investments are subject to market risk due to changes in interest rates, which may affect our interest income and fair market value of ourinvestments. To minimize this risk, we maintain our portfolio of cash, cash equivalents and short and long-term investments in a variety of securities, includingcommercial paper, money market funds, U.S. government and agency securities, and corporate debt securities. We do not believe that a 10% increase ordecrease in interest rates would have a material impact on our operating results, cash flows or the fair value of our portfolio. Other Market Risks We do not believe that we have any material exposure to inflationary risks. ITEM 12. DESCRIPTION OF SECURITIES OTHER THAN EQUITY SECURITIES Not applicable.93 PART II ITEM 13. DEFAULTS, DIVIDEND ARREARAGES AND DELINQUENCIES None. ITEM 14.MATERIAL MODIFICATIONS TO THE RIGHTS OF SECURITY HOLDERS AND USE OF PROCEEDS Initial Public Offering The effective date of the registration statement (File no. 333-196991) for our IPO of ordinary shares, par value NIS 0.01, was September 23, 2014. Our IPOcommenced on September 10, 2014 and was closed on September 29, 2014. J.P. Morgan Securities LLC, Deutsche Bank Securities Inc. and Barclays CapitalInc. were joint book-running managers for the IPO, with J.P. Morgan Securities LLC and Deutsche Bank Securities Inc. acting as representatives of theunderwriters. William Blair & Company, L.L.C., Nomura Securities International, Inc. and Oppenheimer & Co. Inc. were co-managers for the IPO. As a result, we issued and sold a total of 6,164,000 ordinary shares at a price per share of $16.00 with aggregate gross proceeds of approximately $98.6million (including the over-allotment option to purchase 804,000 additional shares, which was exercised in full), resulting in net proceeds to us ofapproximately $88.4 million. From the effective date of the registration statement and until December 31, 2016, we used $54.1 million of the net proceeds of the IPO for the acquisitions ofCybertinel, Viewfinity and certain assets of Agata Ltd., which we completed in 2015. None of the net proceeds of the IPO was paid directly or indirectly to any director or officer of ours or to their associates, persons owning 10% or more of anyclass of our equity securities, or to any of our affiliates. ITEM 15. CONTROLS AND PROCEDURES Disclosure controls and procedures Our Chief Executive Officer and Chief Financial Officer, after evaluating the effectiveness of our disclosure controls and procedures (as defined in Rule 13a-15(e) and 15d-15(e) of the Exchange Act) as of December 31, 2016, have concluded that, based on such evaluation, as of such date, our disclosure controlsand procedures were effective such that information required to be disclosed by us in reports that we file or submit under the Exchange Act is accumulatedand communicated to our management, including our Chief Executive Officer and Chief Financial Officer, to allow timely decisions regarding requireddisclosure and is recorded, processed, summarized and reported within the time periods specified by the SEC's rules and forms. Management annual report on internal control over financial reporting and attestation report of the registered public accounting firm Our management, under the supervision of our Chief Executive Officer and Chief Financial Officer, is responsible for establishing and maintaining adequateinternal control over financial reporting as defined in Rules 13a-15(f) and 15d-15(f) under the Exchange Act. Our internal control over financial reporting is aprocess to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes inaccordance with generally accepted accounting principles. Our internal control over financial reporting includes those policies and procedures that: ·pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of our assets; ·provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance withgenerally accepted accounting principles, and that our receipts and expenditures are being made only in accordance with authorizations of ourmanagement and directors; and ·provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of our assets that couldhave a material effect on the financial statements. 94 Our management assessed the effectiveness of internal control over financial reporting as of December 31, 2016 based on the criteria established in "InternalControl-Integrated Framework (2013)" published by the Committee of Sponsoring Organizations of the Treadway Commission. Based on this assessment,management has concluded that our internal control over financial reporting was effective as of December 31, 2016. Our independent registered public accounting firm, Kost Forer Gabbay & Kasierer, a member of Ernst & Young Global, has audited the consolidated financialstatements included in this annual report on Form 20-F, and as part of its audit, has issued its audit report on the effectiveness of our internal control overfinancial reporting as of December 31, 2016. The report of Kost Forer Gabbay & Kasierer is included with our consolidated financial statements includedelsewhere in this annual report and is incorporated herein by reference. Changes in internal control over financial reporting There were no changes in our internal control over financial reporting (as such term is defined in Rules 13a-15(f) and 15d-15(f) under the Exchange Act) thatoccurred during the period covered by this annual report that have materially affected, or that are reasonably likely to materially affect, our internal controlover financial reporting. ITEM 16. [RESERVED]ITEM 16A. AUDIT COMMITTEE FINANCIAL EXPERT Our board of directors has determined that Ron Gutler and Kim Perdikou are audit committee financial experts as defined by the SEC rules, have the requisitefinancial experience as defined by NASDAQ corporate governance rules and are "independent" as such term is defined in Rule 10A-3(b)(1) under theExchange Act. ITEM 16B. CODE OF ETHICSWe have adopted a corporate code of business conduct applicable to our executive officers, directors and all other employees. A copy of the code is deliveredto every employee of CyberArk Software Ltd. and all of its subsidiaries, and is available to investors and others on our website athttp://investors.cyberark.com or by contacting our investor relations department. The corporate code of business conduct includes our code of ethics whichis applicable to our chief executive officer, our chief financial officer and all other senior financial officers. Pursuant to Item 16B of Form 20-F, if a waiver oramendment of the code of conduct (including the code of ethics) applies to our chief executive officer, chief financial officer or other persons performingsimilar functions and relates to standards promoting any of the values described in Item 16B(b) of Form 20-F, we will disclose such waiver or amendment (i)on our website within five business days following the date of amendment or waiver in accordance with the requirements of Instruction 4 to such Item 16B or(ii) through the filing of a Form 6-K. We granted no waivers under our code in 2016.ITEM 16C. PRINCIPAL ACCOUNTANT FEES AND SERVICES Principal Accountant Fees and Services We have recorded the following fees for professional services rendered by Kost Forer Gabbay & Kasierer, a member of Ernst & Young Global, an independentregistered public accounting firm, for the years ended December 31, 2015 and 2016: 2015 2016 (in thousands) Audit Fees $886 $504 Audit-Related Fees 75 110 Tax Fees 171 133 All Other Fees 95 - Total $1,227 $747 95 "Audit fees" are the aggregate fees billed for the audit of our annual financial statements. This category also includes services that generally the independentaccountant provides, such as consents and assistance with and review of documents filed with the SEC as well as fees related to audits in connection with ourpublic offerings of our ordinary shares in March 2015 and June 2015. "Audit-related fees" are the aggregate fees billed for assurance and related services that are reasonably related to the performance of the audit and are notreported under audit fees. These fees primarily include accounting consultations regarding the accounting treatment of matters that occur in the regularcourse of business, implications of new accounting pronouncements and other accounting issues that occur from time to time. "Tax fees" include fees for professional services rendered by our independent registered public accounting firm for tax compliance and tax advice on actualor contemplated transactions. "All other fees" include fees for services rendered by our independent registered public accounting firm with respect to government incentives and othermatters. Our audit committee has adopted a pre-approval policy for the engagement of our independent accountant to perform certain audit and non-audit services.Pursuant to this policy, which is designed to assure that such engagements do not impair the independence of our auditors, the audit committee pre-approveseach type of audit, audit-related, tax and other permitted service. The audit committee has delegated the pre-approval authority with respect to audit, audit-related, tax and permitted non-audit services up to a maximum of $25,000 to its chairperson and may in the future delegate such authority to one or moreadditional members of the audit committee, provided that all decisions by that member to pre-approve any such services must be subsequently reported, forinformational purposes only, to the full audit committee. All audit and non-audit services provided by our auditors in 2016 were approved in accordancewith our policy. ITEM 16D. EXEMPTIONS FROM THE LISTING STANDARDS FOR AUDIT COMMITTEES Not applicable. ITEM 16E. PURCHASES OF EQUITY SECURITIES BY THE ISSUER AND AFFILIATED PURCHASERS Not applicable. ITEM 16F. CHANGE IN REGISTRANT'S CERTIFYING ACCOUNTANT Not applicable. ITEM 16G. CORPORATE GOVERNANCE As a foreign private issuer, we are permitted to comply with Israeli corporate governance practices instead of the NASDAQ Listing Rules, provided that wedisclose those NASDAQ Listing Rules with which we do not comply and the equivalent Israeli requirements that we follow instead. We currently rely on this"foreign private issuer exemption" with respect to the quorum requirement for meetings of our shareholders and NASDAQ requirements relating todistribution of our annual report to shareholders. As permitted under the Companies Law, pursuant to our articles of association, the quorum required for anordinary meeting of shareholders consists of at least two shareholders present in person or by proxy who hold or represent between them at least 25% of thevoting power of our shares (and, with respect to an adjourned meeting, generally one or more shareholders who hold or represent any number of shares),instead of 33 1/3% of the issued share capital provided under the NASDAQ Listing Rules. Further, as opposed to NASDAQ Listing Rule 5250(d), whichrequires listed issuers to make annual reports available to shareholders in one of a number of specific manners, Israeli law does not require us to distributesuch reports directly to shareholders, and the generally accepted business practice in Israel is not to distribute such reports to shareholders but to make suchreports available through a public website. In addition, we will make our annual report containing audited financial statements available to our shareholdersat our offices (in addition to a public website). Otherwise, we comply with the Nasdaq corporate governance rules requiring that listed companies have amajority of independent directors and maintain a compensation and nominating committee composed entirely of independent directors. ITEM 16H. MINE SAFETY DISCLOSURE Not applicable.96 PART III ITEM 17. FINANCIAL STATEMENTS Not applicable.ITEM 18. FINANCIAL STATEMENTS See pages F-2 through F-41 of this annual report. ITEM 19. EXHIBITS See exhibit index incorporated herein by reference. 97 CYBERARK SOFTWARE LTD. AND ITS SUBSIDIARIES CONSOLIDATED FINANCIAL STATEMENTS AS OF DECEMBER 31, 2016 INDEX Page Reports of Independent Registered Public Accounting FirmF-2- F-3 Consolidated Balance SheetsF-4 – F-5 Consolidated Statements of Comprehensive IncomeF-6 Statements of Changes in Shareholders' EquityF-7 - F- 8 Consolidated Statements of Cash FlowsF-9 - F- 10 Notes to Consolidated Financial StatementsF-11 – F-41 Kost Forer Gabbay &Kasierer3 Aminadav St.Tel-Aviv 6706703, IsraelTel: +972-36232525Fax: +972-35622555ey.com Report of Independent Registered Public Accounting FirmTo the Board of Directors and Shareholders ofCYBERARK SOFTWARE LTD. We have audited the accompanying consolidated balance sheets of CyberArk Software Ltd. and its subsidiaries (the “Company”) as of December 31,2015 and 2016, and the related consolidated statements of comprehensive income, changes in shareholders' equity and cash flows for each of the three yearsin the period ended December 31, 2016. These consolidated financial statements are the responsibility of the Company's management. Our responsibility isto express an opinion on these consolidated financial statements based on our audits. We conducted our audits in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standardsrequire that we plan and perform the audit to obtain reasonable assurance about whether the consolidated financial statements are free of materialmisstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit alsoincludes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statementpresentation. We believe that our audits provide a reasonable basis for our opinion. In our opinion, the consolidated financial statements referred to above present fairly, in all material respects, the consolidated financial position ofthe Company as of December 31, 2015 and 2016, and the consolidated results of their operations and their cash flows for each of the three years in the periodended December 31, 2016, in conformity with U.S. generally accepted accounting principles.We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the Company's internalcontrol over financial reporting as of December 31, 2016, based on criteria established in Internal Control-Integrated Framework issued by the Committee ofSponsoring Organizations of the Treadway Commission (2013 framework) and our report dated March 16, 2017 expressed an unqualified opinion thereon. /S/ Kost Forer Gabbay & KasiererTel-Aviv, IsraelKOST FORER GABBAY & KASIERERMarch 16, 2017A Member of Ernst & Young GlobalF - 2 Kost Forer Gabbay &Kasierer3 Aminadav St.Tel-Aviv 6706703, IsraelTel: +972-36232525Fax: +972-35622555ey.com Report of Independent Registered Public Accounting FirmTo the Board of Directors and Shareholders ofCYBERARK SOFTWARE LTD.We have audited CyberArk Software Ltd. and its subsidiaries (the “Company”) internal control over financial reporting as of December 31, 2016,based on criteria established in Internal Control-Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission(2013 framework) (the COSO criteria). The Company's management is responsible for maintaining effective internal control over financial reporting and forits assessment of the effectiveness of internal control over financial reporting included in the accompanying management's report on internal control overfinancial reporting. Our responsibility is to express an opinion on the Company's internal control over financial reporting based on our audit.We conducted our audit in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards requirethat we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in allmaterial respects. Our audit included obtaining an understanding of internal control over financial reporting, assessing the risk that a material weaknessexists, testing and evaluating the design and operating effectiveness of internal control based on the assessed risk, and performing such other procedures aswe considered necessary in the circumstances. We believe that our audit provides a reasonable basis for our opinion.A company's internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financialreporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company's internalcontrol over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately andfairly reflect the transactions and dispositions of the assets of the company; (2) provide reasonable assurance that transactions are recorded as necessary topermit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the companyare being made only in accordance with authorizations of management and directors of the company; and (3) provide reasonable assurance regardingprevention or timely detection of unauthorized acquisition, use, or disposition of the company's assets that could have a material effect on the financialstatements.Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of anyevaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degreeof compliance with the policies or procedures may deteriorate.In our opinion, the Company maintained in all material respects, effective internal control over financial reporting as of December 31, 2016, based onthe COSO criteria.We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the consolidated balancesheets of the Company as of December 31, 2015 and 2016, and the related consolidated statements of comprehensive income, changes in shareholders' equityand cash flows for each of the three years in the period ended December 31, 2016, and our report dated March 16, 2017, expressed an unqualified opinionthereon. /S/ Kost Forer Gabbay & KasiererTel-Aviv, IsraelKOST FORER GABBAY & KASIERERMarch 16, 2017A Member of Ernst & Young GlobalF - 3 CYBERARK SOFTWARE LTD. CONSOLIDATED BALANCE SHEETSU.S. dollars in thousands December 31, 2015 2016 ASSETS CURRENT ASSETS: Cash and cash equivalents $234,539 $172,957 Short-term bank deposits 3,713 86,829 Marketable securities - 15,246 Trade receivables 20,410 33,330 Prepaid expenses and other current assets 3,293 4,804 Total current assets 261,955 313,166 LONG-TERM ASSETS: Property and equipment, net 3,584 4,760 Intangible assets, net 18,558 14,035 Goodwill 35,145 35,145 Marketable securities - 20,443 Severance pay fund 3,230 3,332 Prepaid expenses and other long-term assets 1,954 1,761 Deferred tax assets 9,998 10,389 Total long-term assets 72,469 89,865 TOTAL ASSETS $334,424 $403,031 The accompanying notes are an integral part of the consolidated financial statements. F - 4 CYBERARK SOFTWARE LTD. CONSOLIDATED BALANCE SHEETSU.S. dollars in thousands (except share and per share data) December 31, 2015 2016 LIABILITIES AND SHAREHOLDERS' EQUITY CURRENT LIABILITIES: Trade payables $2,530 $2,699 Employees and payroll accruals 15,860 18,470 Accrued expenses and other current liabilities 9,366 6,876 Deferred revenues 37,104 50,111 Total current liabilities 64,860 78,156 LONG-TERM LIABILITIES: Deferred revenues 17,285 23,395 Other long-term liabilities 188 229 Accrued severance pay 4,667 5,035 Deferred tax liabilities 754 - Total long-term liabilities 22,894 28,659 TOTAL LIABILITIES 87,754 106,815 COMMITMENTS AND CONTINGENCIES SHAREHOLDERS' EQUITY: Ordinary shares of NIS 0.01 par value – Authorized: 250,000,000 shares at December 31, 2015 and 2016; Issuedand outstanding: 33,289,839 shares and 34,250,590 shares at December 31, 2015 and 2016, respectively 86 88 Additional paid-in capital 200,107 221,609 Accumulated other comprehensive loss (93) (175)Retained earnings 46,570 74,694 Total shareholders' equity 246,670 296,216 TOTAL LIABILITIES AND SHAREHOLDERS' EQUITY $334,424 $403,031 The accompanying notes are an integral part of the consolidated financial statements. F - 5 CYBERARK SOFTWARE LTD. CONSOLIDATED STATEMENTS OF COMPREHENSIVE INCOMEU.S. dollars in thousands (except per share data) Year endedDecember 31, 2014 2015 2016 Revenues: License $61,320 $100,113 $131,530 Maintenance and professional services 41,679 60,699 85,083 102,999 160,812 216,613 Cost of revenues: License 2,654 5,088 4,726 Maintenance and professional services 12,053 17,572 25,425 14,707 22,660 30,151 Gross profit 88,292 138,152 186,462 Operating expenses: Research and development 14,400 21,734 34,614 Sales and marketing 44,943 66,206 93,775 General and administrative 8,495 16,990 22,117 Total operating expenses 67,838 104,930 150,506 Operating income 20,454 33,222 35,956 Financial income (expenses), net (5,988) (1,479) 245 Income before taxes on income 14,466 31,743 36,201 Taxes on income (4,512) (5,949) (8,077) Net income $9,954 $25,794 $28,124 Basic net income per ordinary share $0.46 $0.80 $0.83 Diluted net income per ordinary share $0.34 $0.73 $0.78 Other comprehensive income (loss) Change in unrealized losses on marketable securities: Unrealized loss arising during the year - - (141) - - (141)Change in unrealized gain (loss) on cash flow hedges: Unrealized gain (loss) arising during the period (575) 1 249 Loss (gain) reclassified into earnings 87 239 (190) Other comprehensive income (loss), net of taxes of $93, $(46) and $16 for the years 2014, 2015 and2016, respectively (488) 240 (82) Total comprehensive income $9,466 $26,034 $28,042 The accompanying notes are an integral part of the consolidated financial statements. F - 6 CYBERARK SOFTWARE LTD. STATEMENTS OF CHANGES IN SHAREHOLDERS' EQUITYU.S. dollars in thousands (except share data) Accumulated othercomprehensiveincome (loss) Preferred shares Ordinary shares Additionalpaid-in Retained Totalshareholders' Shares Amount Shares Amount capital earnings equity Balance as of January 1,2014 15,958,290 $41 7,019,352 $17 $34,811 $155 $10,822 $45,846 Exercise of optionsgranted to employees - - 255,562 1 189 - - 190 Other comprehensive loss,net of tax - - - - - (488) - (488)Share-basedcompensation expense - - - - 1,573 - - 1,573 Exercise of warrants forpreferred shares 493,360 1 - - 7,194 - - 7,195 Conversion of preferredshares (16,451,650) (42) 17,062,438 44 (2) - - - Issuance of ordinaryshares upon initialpublic offering, net - - 6,164,000 17 88,451 - - 88,468 Tax benefit related toshare-basedcompensation andissuance expenses - - - - 2,270 - - 2,270 Net income - - - - - - 9,954 9,954 Balance as ofDecember 31, 2014 - $- 30,501,352 $79 $134,486 $(333) $20,776 $155,008 The accompanying notes are an integral part of the consolidated financial statements. F - 7 CYBERARK SOFTWARE LTD.STATEMENTS OF CHANGES IN SHAREHOLDERS' EQUITYU.S. dollars in thousands (except share data) Accumulatedothercomprehensive income (loss) Preferred shares Ordinary shares Additionalpaid-in Retained Totalshareholders' Shares Amount Shares Amount capital earnings equity Balance as ofDecember 31, 2014 - $- 30,501,352 $79 $134,486 $(333) $20,776 $155,008 Exercise of options andvested RSU's granted toemployees - - 1,888,487 5 1,819 - - 1,824 Other comprehensiveincome, net of tax - - - - - 240 - 240 Share-based compensationexpense - - - - 7,049 - - 7,049 Issuance of ordinary sharesupon public offering, net - - 900,000 2 52,573 - - 52,575 Tax benefit related toshare-basedcompensation andissuance expenses - - - - 4,180 - - 4,180 Net income - - - - - - 25,794 25,794 Balance as ofDecember 31, 2015 - $- 33,289,839 $86 $200,107 $(93) $46,570 $246,670 Exercise of options and vestedRSU's granted to employees - - 960,751 2 2,501 - - 2,503 Other comprehensive loss, netof tax - - - - - (82) - (82)Share-based compensationexpense - - - - 17,535 - - 17,535 Tax benefit related to share-based compensation - - - - 1,466 - - 1,466 Net income - - - - - - 28,124 28,124 Balance as of December 31,2016 - $- 34,250,590 $88 $221,609 $(175) $74,694 $296,216 The accompanying notes are an integral part of the consolidated financial statements. F - 8 CYBERARK SOFTWARE LTD. CONSOLIDATED STATEMENTS OF CASH FLOWSU.S. dollars in thousands Year endedDecember 31, 2014 2015 2016 Cash flows from operating activities: Net income $9,954 $25,794 $28,124 Adjustments to reconcile net income to net cash provided by operating activities: Depreciation and amortization 746 2,254 6,488 Share-based compensation expense 1,573 7,049 17,535 Amortization of premium on marketable securities - - 275 Tax benefit related to share-based compensation (645) (3,808) (1,466)Deferred income taxes, net 45 (4,093) (1,130)Increase in trade receivables (6,535) (187) (12,920)Increase in prepaid expenses and other current and long-term assets (159) (1,183) (1,485)Increase (decrease) in trade payables (145) 322 (177)Changes in fair value of warrants to purchase preferred shares 4,309 - - Increase in short-term and long-term deferred revenues 7,682 21,254 19,117 Increase in employees and payroll accruals 3,501 5,011 2,610 Increase (decrease) in accrued expenses and other current and long-term liabilities 2,827 6,353 (927)Increase in accrued severance pay, net 42 394 266 Net cash provided by operating activities 23,195 59,160 56,310 Cash flows from investing activities: Proceeds from short and long-term deposits 2,533 49,329 - Investment in short and long-term deposits (52,570) (619) (82,940)Investment in marketable securities - - (40,433)Proceeds from maturities of marketable securities - - 4,307 Purchase of property and equipment (1,408) (2,066) (2,795)Payments for business acquisitions, net of cash acquired (Schedule A) - (53,656) - Net cash used in investing activities (51,445) (7,012) (121,861) Cash flows from financing activities: Issuance of shares, net 88,468 52,575 - Tax benefit related to share-based compensation 645 3,808 1,466 Proceeds from exercise of stock options and warrants 942 1,824 2,503 Net cash provided by financing activities 90,055 58,207 3,969 Increase (decrease) in cash and cash equivalents 61,805 110,355 (61,582)Cash and cash equivalents at the beginning of the year 62,379 124,184 234,539 Cash and cash equivalents at the end of the year $124,184 $234,539 $172,957 Non-cash activities: Purchase of property and equipment on credit $304 $338 $683 Supplemental disclosure of cash flow activities: Cash paid during the year for taxes $981 $4,760 $10,577 The accompanying notes are an integral part of the consolidated financial statements. F - 9 CYBERARK SOFTWARE LTD. CONSOLIDATED STATEMENTS OF CASH FLOWSU.S. dollars in thousandsSchedule A - payments for business acquired (See note 1.e.)Estimated fair value of assets acquired and liabilities assumed at the date of Viewfinity's acquisition was as follows: Year endedDecember 31, 2015 Working capital, net (excluding cash and cash equivalents) $497 Property and equipment, net 124 Other long-term assets 62 Goodwill 20,765 Other intangible assets 9,990 Deferred revenues (931) $30,507 Estimated fair value of assets acquired and liabilities assumed at the date of Cybertinel's acquisition was as follows: Year endedDecember 31, 2015 Working capital, net (excluding cash and cash equivalents) $(245)Property and equipment, net 340 Other long-term assets 34 Goodwill 13,201 Other intangible assets 7,760 Deferred tax (1,009)Deferred revenues (44) $20,037 Estimated fair value of assets acquired and liabilities assumed at the date of Agata's acquisition was as follows: Year endedDecember 31, 2015 Goodwill $1,179 Other intangible assets 1,933 $3,112 The accompanying notes are an integral part of the consolidated financial statements. F - 10 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data)NOTE 1:GENERALa.CyberArk Software Ltd. (together with its subsidiaries, the “Company”) is an Israeli company that develops, markets and sells software-based security solutions. The Company's solutions enable organizations to safeguard and monitor their privileged accounts, which arethose accounts within an organization that have access to the organization's high value assets and are located across its ITinfrastructure. The Company's software provides customers with the ability to protect, detect, monitor and control access to privilegedaccounts in order to break the lifecycle of a targeted cyber attack before it can cause damage to an organization.b.In September 2014, the Company completed its initial public offering (“IPO”) in which the Company issued and sold 6,164,000ordinary shares at a public offering price of $16.00 per share (including pursuant to the underwriters' option to purchase additionalordinary shares). The net proceeds received from the IPO were $88,468 after deducting underwriting discounts of $6,904 and otheroffering expenses of $3,846.c.In March 2015, the Company completed a public offering in which certain shareholders sold 4,600,000 ordinary shares (includingpursuant to the underwriters option to purchase additional ordinary shares) at a public offering price of $51.00 per share. The Companydid not receive any proceeds from the sale of ordinary shares by the selling shareholders and the related offering expenses were recordedin the statement of comprehensive income.d.In June 2015, the Company completed an additional public offering in which the Company issued and sold 900,000 ordinary shares at apublic offering price of $61.00 per share. The total net proceeds received were $52,575 after deducting underwriting discounts of $2,196and other offering expenses of $129. Another 4,000,000 shares were sold by certain selling shareholders. The Company did not receiveany of the proceeds from the sales of shares by the selling shareholders and the related offering expenses were recorded in the statementof comprehensive income.e.In August 2015, the Company acquired all of the share capital of Cybertinel Ltd. (“Cybertinel”) for total consideration of $20,515.Cybertinel, an Israeli company, specializes in cyber threat detection technology. In September 2015, the Company acquired certainassets of Agata Ltd (“Agata”) for total consideration of $3,112. The Company accounted for the acquisition of Agata as a purchase of abusiness. In October 2015, the Company acquired all of the share capital of Viewfinity, Inc. (“Viewfinity”) for total consideration of$30,500. Viewfinity is a provider of Windows least privilege management and application control. The Company expensed the relatedacquisitions costs of $677 in general and administrative expenses.F - 11 December 31, 2014 2015 Pro forma revenue $108,517 $165,924 Pro forma net income $76 $18,725 Basic net income (loss) per ordinary share $(0.28) $0.58 Diluted net income (loss) per ordinary share $(0.28) $0.53 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data)NOTE 1:GENERAL (Cont.)f.Unaudited pro forma results of operations:The following table presents unaudited pro forma revenue, net income and basic and diluted net income (loss) for periods presentedassuming the acquisitions of Cybertinel, Viewfinity and Agata occurred on January 1, 2014. The pro forma information is notnecessarily indicative of the results of operations, which actually would have occurred had the acquisitions been consummated on thosedates, nor does it purport to represent the results of operations for future periods: NOTE 2: SIGNIFICANT ACCOUNTING POLICIESThe consolidated financial statements have been prepared in accordance with U.S. generally accepted accounting principles (“U.S. GAAP”).a.Use of estimates:The preparation of financial statements in conformity with U.S. GAAP requires management to make estimates, judgments andassumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. The Company evaluateson an ongoing basis its assumptions, including those related to contingencies, income taxes, deferred taxes, share-based compensation,value of intangible assets and goodwill as well as in estimates used in applying the revenue recognition policy. The Company'smanagement believes that the estimates, judgment and assumptions used are reasonable based upon information available at the timethey are made. These estimates, judgments and assumptions can affect the reported amounts of assets and liabilities and disclosure ofcontingent assets and liabilities at the dates of the consolidated financial statements, and the reported amounts of revenue and expensesduring the reporting periods. Actual results could differ from those estimates.b.Principles of consolidation:The consolidated financial statements include the accounts of CyberArk Software Ltd. and its wholly-owned subsidiaries. Intercompanytransactions and balances, have been eliminated upon consolidation.F - 12 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)c.Financial statements in U.S. dollars:A majority of the Company's revenues are generated in U.S. dollars. In addition, the equity investments were in U.S. dollars and asubstantial portion of the Company's costs are incurred in U.S. dollars and New Israeli Shekels (“NIS”). The Company's managementbelieves that the U.S. dollar is the currency of the primary economic environment in which the Company operates. Thus, the functionaland reporting currency of the Company is the U.S. dollar.Accordingly, monetary accounts maintained in currencies other than the U.S. dollar are re-measured into U.S. dollars in accordance withStatement of the Accounting Standard Codification ("ASC") No. 830 "Foreign Currency Matters" ("ASC No. 830"). All transaction gainsand losses of the re-measured monetary balance sheet items are reflected in the statement of comprehensive income as financial incomeor expenses, as appropriate.The functional currency of the Company's foreign subsidiaries is the U.S. dollar as these subsidiaries' revenues, intercompanytransactions, budgets and financing are denominated in U.S. dollars.d.Cash and cash equivalents:Cash equivalents are short-term highly liquid deposits that are readily convertible to cash with original maturities of three months orless, at the date acquired.e. Short-term bank deposits:Short-term bank deposits are deposits with maturities of up to one year. As of December 31, 2015 and 2016, the Company's bankdeposits are denominated in U.S. dollars, Euros and NIS and bear interest at weighted average deposits rates of 0.4% and 1.26%,respectively. Short-term bank deposits are presented at their cost, including accrued interest. A portion of these deposits is used assecurity for the rental of premises and as a security for the Company's hedging activities.f. Investments in marketable securities:The Company accounts for investments in marketable securities in accordance with ASC No. 320, “Investments - Debt and EquitySecurities”. Management determines the appropriate classification of its investments in debt securities at the time of purchase and re-evaluates such determinations at each balance sheet date. The Company classifies all of its marketable securities as available-for-sale.Available-for-sale securities are carried at fair value, with the unrealized gains and losses, net of tax, reported in accumulated othercomprehensive income (loss) in shareholders' equity. Realized gains and losses on sale of investments are included in financial income(expenses), net and are derived using the specific identification method for determining the cost of securities sold. The amortized cost ofdebt securities is adjusted for amortization of premiums and accretion of discounts to maturity. Such amortization together with intereston securities is included in financial income (expenses), net. F - 13 % Computers and related equipment 25 - 33Office furniture and equipment 7 - 20Leasehold improvements Over the shorter of therelated lease period or thelife of the assetCYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)The Company's securities are reviewed for impairment in accordance with ASC 320-10-35. If such assets are considered to be impaired,the impairment charge is recognized in earnings when a decline in the fair value of its investments below the cost basis is judged to beOther-Than-Temporary Impairment (OTTI). Factors considered in making such a determination include the duration and severity of theimpairment, the reason for the decline in value, the potential recovery period and the Company's intent to sell, including whether it ismore likely than not that the Company will be required to sell the investment before recovery of cost basis. Based on the above factors,the Company concluded that unrealized losses on its available-for-sale securities, for the year ended December 31, 2016 were not OTTI.g.Property and equipment:Property and equipment are stated at cost, net of accumulated depreciation. Depreciation is calculated using the straight-line methodover the estimated useful lives of the assets at the following annual rates:h.Long-lived assets:The long-lived assets of the Company are reviewed for impairment in accordance with ASC No. 360, “Property, Plant and Equipment”(“ASC No. 360”), whenever events or changes in circumstances indicate that the carrying amount of an asset may not be recoverable.The recoverability of assets to be held and used is measured by a comparison of the carrying amount of an asset to the futureundiscounted cash flows expected to be generated by the assets. If such assets are considered to be impaired, the impairment to berecognized is measured by the amount by which the carrying amount of the assets exceeds the fair value of the assets. During the yearsended December 31, 2014, 2015 and 2016, no impairment losses have been identified.i.Business Combination:The Company accounts for its business acquisitions in accordance with Accounting Standards Codification ASC No. 805, “BusinessCombinations”. The Company uses its best estimates and assumptions as part of the purchase price allocation process to value assetsacquired and liabilities assumed at the business combination date. The total purchase price allocated to the tangible assets acquired isassigned based on the fair values as of the date of the acquisition.F - 14 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)j.Goodwill and other intangible assets:Goodwill and certain other purchased intangible assets have been recorded in the Company's financial statements as a result ofacquisitions. Goodwill represents excess of the costs over the net tangible and intangible assets acquired of businesses acquired underASC No. 350, “Intangible—Goodwill and other” (“ASC 350”), according to which goodwill is not amortized. In addition, the costs ofintangible assets that were purchased from others for use in research and development activities were recorded as assets to the extent thatthey have alternative future use.ASC 350 requires goodwill to be tested for impairment at least annually and, in certain circumstances, between annual tests. TheCompany operates as one reporting unit. Therefore, goodwill is tested for impairment by comparing the fair value of the reporting unitwith its carrying value. The Company elects to perform an annual impairment test of goodwill as of October 1 of each year, or morefrequently if impairment indicators are present.Purchased intangible assets with finite lives are carried at cost, less accumulated amortization. Amortization is computed over theestimated useful lives of the respective assets which range from one to 13 years. Acquired customer relationship and backlog areamortized over their estimated useful lives in proportion to the economic benefits realized. Other intangible assets consist primarily oftechnology are amortized over their estimated useful lives on a straight-line basis.For the years ended December 31, 2015 and 2016, no impairment losses were identified.k.Derivative instruments:ASC No. 815, “Derivative and Hedging”, requires companies to recognize all of their derivative instruments as either assets or liabilitiesin the statement of financial position at fair value.For those derivative instruments that are designated and qualify as hedging instruments, a company must designate the hedginginstrument, based upon the exposure being hedged, as a fair value hedge, cash flow hedge or a hedge of a net investment in a foreignoperation.For derivative instruments that are designated and qualify as a cash flow hedge (i.e., hedging the exposure to variability in expectedfuture cash flows that is attributable to a particular risk), the effective portion of the gain or loss on the derivative instrument is reportedas a component of other comprehensive income and reclassified into earnings in the same period or periods during which the hedgedtransaction affects earnings. The remaining gain or loss on the derivative instrument in excess of the cumulative change in the presentvalue of future cash flows of the hedged item, if any, is recognized in current earnings during the period of change.F - 15 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)To hedge against the risk of changes in cash flows resulting from foreign currency salary payments during the year, the Company hasinstituted a foreign currency cash flow hedging program. The Company hedges portions of its forecasted expenses denominated in NIS.These forward and option contracts are designated as cash flow hedges, as defined by ASC 815, and are all effective, as their criticalterms match underlying transactions being hedged.As of December 31, 2015 and 2016, the amount recorded in accumulated other comprehensive loss from the Company's currencyforward and option transactions was $93 (net of tax of $18) and $34 (net of tax of $6), respectively. At December 31, 2016, the notionalamounts of foreign exchange forward contracts into which the Company entered were $17,800. The foreign exchange forward contractswill expire by December 2017. The fair value of derivative instruments assets balance as of December 31, 2015 and 2016, totaled $16and $32, respectively. The fair value of derivative instruments liabilities balance as of December 31, 2015 and 2016, totaled $130 and$72, respectively.In addition to the derivatives that are designated as hedges as discussed above, the Company enters into certain foreign exchangeforward transactions to economically hedge certain account receivables in Euros and GBP. Gains and losses related to such derivativeinstruments are recorded in financial expenses, net. As of December 31, 2016, the notional amounts of foreign exchange forwardcontracts into which the Company entered were $6,698. The foreign exchange forward contracts will expire by December 2017. The fairvalue of derivative instruments assets balance as of December 31, 2015 and 2016, totaled $139 and $347, respectively. The fair value ofderivative instruments liabilities balance as of December 31, 2015 and 2016 totaled $13 and $6, respectively.For the years ended December 31, 2014, 2015 and 2016, the Company recorded financial income, net from hedging transactions of $35,$260 and $270, respectively.F - 16 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)l.Severance pay:The Israeli Severance Pay Law, 1963 (“Severance Pay Law”), specifies that employees are entitled to severance payment, following thetermination of their employment. Under the Severance Pay Law, the severance payment is calculated as one month salary for each yearof employment, or a portion thereof.Part of the Company's liability for severance pay is covered by the provisions of Section 14 of the Severance Pay Law (“Section 14”).Under Section 14 employees are entitled to monthly deposits, at a rate of 8.33% of their monthly salary, made on behalf of the employeewith insurance companies. Payments in accordance with Section 14 release the Company from any future severance payments in respectof those employees. As a result, the Company does not recognize any liability for severance pay due to these employees and the depositsunder Section 14 are not recorded as an asset in the Company's balance sheet.For the Company's employees in Israel who are not subject to Section 14, the Company calculated the liability for severance paypursuant to the Severance Pay Law based on the most recent salary of these employees multiplied by the number of years of employmentas of the balance sheet date. The Company's liability for these employees is fully provided for via monthly deposits with severance payfunds, insurance policies and an accrual. The value of these deposits is recorded as an asset on the Company's balance sheet. Severanceexpense for the years ended December 31, 2014, 2015 and 2016, amounted to $1,187, $1,794 and $2,503, respectively.m. U.S. defined contribution plan:The U.S. subsidiary has a 401(k) defined contribution plan covering certain full time employees in the U.S. All eligible employees mayelect to contribute up to an annual maximum, of the lesser of 60% of their annual compensation to the plan through salary deferrals,subject to Internal Revenue Service limits, but not greater than $18 per year (for certain employees over 50 years of age the maximumcontribution is $24 per year).The U.S. subsidiary matches amount equal to 100% of the first 3% of the employees compensation that they contribute to the definedcontribution plan and 50% of the next 2% of their compensation that they contribute to the defined contribution plan with a limit of$10.6 per year. For the years ended December 31, 2014, 2015 and 2016, the U.S. subsidiary recorded expenses for matchingcontributions of $544, $907 and $1,259 respectively.F - 17 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)n.Revenue recognition:The Company generates revenues from licensing the rights to use its software products, maintenance and professional services. TheCompany sells its products through its direct sales force and indirectly through resellers.The Company accounts for its software licensing sales in accordance with ASC 985-605, “Software Revenue Recognition”. ASC 985-605 generally requires revenue earned on software arrangements involving multiple elements to be allocated to each element based onthe relative fair value of the elements when Vendor Specific Objective Evidence (“VSOE”) of fair value exists for all elements and to beallocated to the different elements in the arrangement under the “residual method” when VSOE of fair value exists for all undeliveredelements and no VSOE exists for the delivered elements.Maintenance and professional services are sold separately and therefore the selling price (VSOE) is based on stand-alone transactions.Under the residual method, at the outset of the arrangement with the customer, the Company defers revenue for the fair value of itsundelivered elements and recognizes revenue for the remainder of the arrangement fee attributable to the elements initially delivered inthe arrangement (software element) when all other criteria in ASC 985-605 have been met. Any discount in the arrangement is allocatedto the delivered element.Software license revenues are recognized when persuasive evidence of an arrangement exists, the software license has been delivered,there are no uncertainties surrounding product acceptance, there are no significant future performance obligations, the license fees arefixed or determinable and collection of the license fee is considered probable. Fees for arrangements with payment terms extendingbeyond customary payment terms are considered not to be fixed or determinable, in which case revenue is deferred and recognized whenpayments become due from the customer provided that all other revenue recognition criteria have been met.Revenues from maintenance and support contracts are recognized ratably, on a straight-line basis over the term of the related contractand revenues from professional services consist mostly of time and material services which are recognized as the services are performed.Professional services are not considered to be essential to the functionality of the software.The Company does not grant a right of return to its customers.The Company's software license, maintenance and professional services sold through resellers are non-exchangeable, non-refundable,non-returnable and without any rights of price protection. Accordingly, the Company considers resellers as customers.F - 18 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)In transactions where a customer's contractual terms include a substantive provision for customer acceptance, revenues are recognizedwhen such acceptance has been obtained or when the acceptance provision has lapsed.Deferred revenue includes unearned amounts received under maintenance and support contracts, professional services and amountsreceived from customers for licenses that do not meet the revenue recognition criteria as of the balance sheet date.o.Research and development costs:Research and development costs are charged to the statements of comprehensive income as incurred. ASC 985-20, “Software - Costs ofSoftware to Be Sold, Leased, or Marketed”, requires capitalization of certain software development costs subsequent to theestablishment of technological feasibility.Based on the Company's product development process, technological feasibility is established upon completion of a working model.Costs incurred by the Company between completion of the working model and the point at which the product is ready for generalrelease, have been insignificant. Therefore, all research and development costs are expensed as incurred.p.Marketing expenses:Marketing expenses consist primarily of marketing campaigns and tradeshows. Marketing expenses are charged to the statement ofcomprehensive income, as incurred. Marketing expenses for the years ended December 31, 2014, 2015 and 2016, amounted to $5,896,$7,498 and $10,622, respectively.q.Share-based compensation:The Company accounts for share-based compensation in accordance with ASC 718, “Compensation - Stock Compensation” (“ASC No.718”). ASC No. 718 requires companies to estimate the fair value of equity-based payment awards on the date of grant using an option-pricing model. The value of the portion of the award that is ultimately expected to vest is recognized as an expense over the requisiteservice periods in the Company's consolidated statements of comprehensive income.The Company recognizes compensation expenses for the value of its awards granted based on the straight-line method over the requisiteservice period of each of the awards, net of estimated forfeitures. ASC No. 718 requires forfeitures to be estimated at the time of grant andrevised, if necessary, in subsequent periods if actual forfeitures differ from those estimates.F - 19 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)The Company has selected the Black-Scholes-Merton option-pricing model as the most appropriate fair value method for its optionawards. The option-pricing model requires a number of assumptions, of which the most significant are the expected share price,volatility and the expected option term.The fair value of ordinary share underlying the options has historically been determined by management and approved by theCompany's board of directors. Prior to September 24, 2014, because there had been no public market for the Company's ordinary shares,management determined fair value of an ordinary share at the time of grant of the option by considering a number of objective andsubjective factors including financing investment rounds, operating and financial performance, the lack of liquidity of share capital andgeneral and industry specific economic outlook, amongst other factors. The Company's management determined the fair value ofordinary shares based on valuations performed using the Option Pricing Method (“OPM”) for the period from January 1, 2014 toSeptember 24, 2014. Since September 24, 2014, the Company's ordinary shares are publicly traded.r.Income taxes:The Company accounts for income taxes in accordance with ASC No. 740-10, “Income Taxes” (“ASC No. 740-10”). ASC No. 740-10prescribes the use of the asset and liability method whereby deferred tax asset and liability account balances are determined based ontemporary differences between financial reporting and tax bases of assets and liabilities and are measured using the enacted tax rates andlaws that will be in effect when the differences are expected to reverse. The Company provides a valuation allowance, if necessary, toreduce deferred tax assets to their estimated realizable value if it is more likely than not that some portion or all of the deferred tax assetwill not be realized. Deferred taxes are presented as long-term assets.The Company established reserves for uncertain tax positions based on the evaluation of whether or not the Company's uncertain taxposition is “more likely than not” to be sustained upon examination. The Company records interest and penalties pertaining to itsuncertain tax positions in the financial statements as income tax expense.s.Basic and diluted net income per share:The Company applies the two class method as required by ASC No. 260-10, “Earnings Per Share” (“ASC No. 260-10”). ASC 260-10requires the income per share for each class of shares (ordinary and preferred shares) to be calculated assuming 100% of the Company'searnings are distributed as dividends to each class of shares based on their contractual rights. No dividends were declared or paid duringthe reported periods.Basic and diluted net income per share is computed based on the weighted-average number of ordinary shares outstanding during eachyear. Diluted income per share is computed based on the weighted average number of ordinary shares outstanding during the period,plus dilutive potential shares considered outstanding during the period, in accordance with ASC 260-10. The total weighted averagenumber of shares related to outstanding options, RSU's, warrants and preferred shares that have been excluded from the calculation ofdiluted net earnings per share was 437,176, 484,726 and 1,381,114 for the years ended December 31, 2014, 2015 and 2016,respectively. F - 20 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)t.Comprehensive income (loss):The Company accounts for comprehensive income (loss) in accordance with Accounting Standards Codification No. 220,“Comprehensive Income” (“ASC No. 220”). This statement establishes standards for the reporting and display of comprehensive income(loss) and its components in a full set of general purpose financial statements. Comprehensive income (loss) generally represents allchanges in shareholders' equity during the period, except changes resulting from investments by, or distributions to, shareholders.u.Concentration of credit risks:Financial instruments that potentially subject the Company to concentrations of credit risk consist principally of cash and cashequivalents, short-term bank deposits, marketable securities, trade receivables and derivative instruments.The majority of the Company's cash and cash equivalents and short-term bank deposits are invested with major banks in Israel and theUnited States. Such investments in the United States are primarily in excess of insured limits and are not insured in other jurisdictions.Generally, these investments may be redeemed upon demand and the Company believes that banks are financially sounds and,accordingly, bear minimal risk.The Company's marketable securities consist of investments, which are highly rated by credit agencies, in government, corporate andgovernment sponsored enterprises debentures. The Company's investment policy limits the amount that the Company may invest in anyone type of investment or issuer, in order to reduce credit risk concentrations.The trade receivables of the Company are mainly derived from sales to diverse set of customers located primarily in the United States,Europe and Asia. The Company performs ongoing credit evaluations of its customers and, to date, has not experienced any significantlosses.The Company has entered into forward contracts with major banks in Israel to protect against the risk of changes in exchange rates. Thederivative instruments hedge a portion of the Company's non-dollar currency exposure.F - 21 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)v.Fair value of financial instruments:The estimated fair value of financial instruments has been determined by the Company using available market information andvaluation methodologies. Considerable judgment is required in estimating fair values. Accordingly, the estimates may not be indicativeof the amounts the Company could realize in a current market exchange.The following methods and assumptions were used by the Company in estimating the fair value of their financial instruments:The carrying values of cash and cash equivalents, short-term bank deposits, trade receivables, prepaid expenses and other current assets,trade payables, employees and payroll accruals and accrued expenses and other current liabilities approximate fair values due to theshort-term maturities of these instruments.The Company applies ASC No. 820, “Fair Value Measurements and Disclosures” (“ASC No. 820”), with respect to fair valuemeasurements of all financial assets and liabilities.The fair value of foreign currency contracts (used for hedging purposes) is estimated by obtaining current quotes from banks and thirdparty valuations.Fair value is an exit price, representing the amount that would be received to sell an asset or paid to transfer a liability in an orderlytransaction between market participants at the measurement date. As such, fair value is a market-based measurement that should bedetermined based on assumptions that market participants would use in pricing an asset or a liability. A three-tier fair value hierarchy isestablished as a basis for considering such assumptions and for inputs used in the valuation methodologies in measuring fair value: Level 1 -Inputs are unadjusted quoted prices in active markets for identical assets or liabilities. Level 2 -Inputs are quoted prices for similar assets and liabilities in active markets or inputs that are observable for the assets orliabilities, either directly or indirectly through market corroboration, for substantially the full term of the financialinstruments. Level 3 -Inputs are unobservable inputs based on the Company's own assumptions used to measure assets and liabilities at fairvalue. The inputs require significant management judgment or estimation.The fair value hierarchy also requires an entity to maximize the use of observable inputs and minimize the use of unobservable inputswhen measuring fair value.F - 22 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)In accordance with ASC 820, the Company measures its foreign currency derivative instruments, at fair value using the market approachvaluation technique. Foreign currency derivative contracts as detailed in note 2.k are classified within Level 2 value hierarchy, as thevaluation inputs are based on quoted prices and market observable data of similar instruments.w. Warrants to purchase preferred shares:The Company accounted for freestanding warrants to purchase its preferred shares as a liability on its consolidated balance sheet at fairvalue. The warrants to purchase preferred shares were recorded as a liability as the underlying preferred shares were contingentlyredeemable (upon a deemed liquidation event) and, therefore, could have obligated the Company to transfer assets in the future. Thewarrants were subject to re-measurement to fair value at each balance sheet date and any change in fair value was recognized as acomponent of financial expense, net, on the consolidated statements of comprehensive income. During the year ended December 31,2014, the Company recorded financial expenses from change in the warrants' fair value of $4,309.Upon the IPO, the warrants were exercised to Series B3 preferred shares which were later converted into ordinary shares. The Companyre-measured the warrants as of the conversion date using the intrinsic value based on the IPO price. x.Legal contingencies:The Company is not currently a party, as plaintiff or defendant, to any legal proceedings that, individually or in the aggregate areexpected by the Company to have a material effect on its consolidated financial statements. The Company reviews the status of eachmatter and assesses its potential financial exposure. If the potential loss from any claim or legal proceeding is considered probable andthe amount can be reasonably estimated, the Company accrues a liability for the estimated loss. These accruals are reviewed at leastquarterly and adjusted to reflect the impact of negotiations, settlements, rulings, advice of legal counsel and other information andevents pertaining to a particular matter.F - 23 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)y.The impact of recently issued accounting standards still not effective for the Company as of December 31, 2016 is as follows: In May 2014, the Financial Accounting Standards Board (“FASB”) issued Accounting Standards Update (“ASU”) 2014-09, RevenueRecognition – Revenue from Contracts with Customers (Topic 606), which will replace substantially all current revenue recognitionguidance once it becomes effective. In August 2015, the FASB issued ASU 2015-14, Revenue from Contracts with Customers: Deferralof the Effective Date, which deferred the effective date of the new revenue standard for periods beginning after December 15, 2016 toDecember 15, 2017, with early adoption permitted but not earlier than the original effective date. The Company does not currentlyintend to adopt the provisions of the new standard early. The FASB issued subsequent amendments to the initial guidance in March2016, April 2016, May 2016 and December 2016 within ASU 2016-08, 2016-10, 2016-12, 2016-20, respectively. The new standardprovides accounting guidance for all revenue arising from contracts with customers and affects all entities that enter into contracts toprovide goods or services to their customers unless the contracts are in the scope of other standards. The new standard is less prescriptiveand may require software entities to use more judgment and estimates in the revenue recognition process than are required under existingrevenue guidance. The new standard allows the option of modified retrospective adoption with certain reliefs according to which the new standard will beapplied to existing contracts from the initial period of adoption and thereafter with no restatement of comparative data. Under thisoption, the Company will recognize the cumulative effect of the initial adoption of the new standard as an adjustment to the openingbalance of retained earnings (or another component of equity, as applicable) as of the date of initial application. Alternatively, the newstandard permits full retrospective adoption with certain reliefs. The Company expects to adopt the standard under the modifiedretrospective method. However, the Company is continuing to evaluate the impact of the standard, and its adoption method is subject tochange. The Company is in the process of analyzing its contracts to quantify the impact that the adoption of the standard will have onrevenue. The Company is also continuing to evaluate the impact of the standard on its costs related to obtaining customer contracts(mainly sales commissions).In February 2016, the FASB issued ASU 2016-02. ASU 2016-02 changes the current lease accounting standard by requiring therecognition of lease assets and lease liabilities for all leases, including those currently classified as operating leases. This new guidanceis to be applied under a modified retrospective application to the earliest reporting period presented for reporting periods beginningafter December 15, 2018. Early adoption is permitted. The Company is currently evaluating the potential impact of this new guidanceon its financial statements.F - 24 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)In March 2016, the FASB issued ASU 2016-09 Compensation-Stock Compensation (Topic 718): Improvements to Employee Share-Based Payment Accounting. This standard simplifies various aspects related to how share-based payments are accounted for andpresented in the financial statements, including income taxes, forfeitures and statutory tax withholding requirements. The guidance iseffective for the Company beginning in the first quarter of 2017. The Company adopted the updated standard in the first quarter of fiscalyear 2017. As a result, the Company's deferred taxes and retained earnings increased by approximately $12,200. In June 2016, the FASB Issued ASU 2016-13, Financial Instruments—Credit Losses (Topic 326): Measurement of Credit Losses onFinancial Instruments. The new standard requires financial assets measured at amortized cost be presented at the net amount expected tobe collected, through an allowance for credit losses that is deducted from the amortized cost basis. The standard will be effective for theCompany beginning January 1, 2020, with early application permitted. The Company is evaluating the impact of adopting this newaccounting guidance on its consolidated financial statements.In August 2016, the FASB issued ASU 2016-15, Statement of Cash Flows (Topic 230): Classification of Certain Cash Receipts and CashPayments. The new standard will address eight specific cash flow issues with the objective of reducing the existing diversity in practicein how certain transactions are presented and classified in the statement of cash flows. The standard will be effective for the Companybeginning January 1, 2018, with early application permitted. The standard will require adoption on a retrospective basis unless it isimpracticable to apply, in which case the Company would be required to apply the amendments prospectively as of the earliest datepracticable. The Company is evaluating the impact of adopting this new accounting guidance on its consolidated financial statements. In October 2016, the FASB issued ASU 2016-16, Income Taxes (Topic 740); Intra-Entity Transfers of Assets Other than Inventory. Thisguidance was issued to improve the accounting for income tax consequences of intra-entity transfers of assets other than inventory.Under the amendment an entity should recognize the income tax consequences of an intra-entity transfer of an asset other than inventorywhen the transfer occurs. The update is effective for annual periods beginning after December 15, 2017, and interim periods thereafter.Early adoption is permitted. The Company is currently evaluating the impact of this ASU on its consolidated financial statements.In January 2017, FASB issued ASU 2017-01, Business Combinations (Topic 805) Clarifying the Definition of Business. ASU 2017-01clarifies the definition of a business with the objective of adding guidance to assist entities with evaluating whether transactions shouldbe accounted for as acquisitions (or disposals) of assets or businesses. The update to the standard is effective for interim and annualperiods beginning after December 15, 2017, and applied prospectively. The Company is currently evaluating the impact of the adoptionof ASU 2017-01 on its consolidated financial statements.F - 25 December 31, 2016 Amortized cost Grossunrealizedlosses *) Fair value Corporate debentures $32,734 $(154) $32,580 U.S. Agencies debentures 2,457 (14) 2,443 Government treasuries 666 - 666 Total $35,857 $(168) $35,689 December 31, 2016 Amortized cost Fair value Due within one year $15,269 $15,246 Due between one and four years 20,588 20,443 $35,857 $35,689 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 2: SIGNIFICANT ACCOUNTING POLICIES (Cont.)In January 2017, the FASB issued ASU 2017-04, simplifying the Test for Goodwill Impairment (Topic 350). This standard eliminatesStep 2 from the goodwill impairment test, instead requiring an entity to recognize a goodwill impairment charge for the amount bywhich the goodwill carrying amount exceeds the reporting unit's fair value. This guidance is effective for interim and annual goodwillimpairment tests in fiscal years beginning after December 15, 2019 with early adoption permitted. This guidance must be applied on aprospective basis. The Company is currently evaluating the potential effect of the guidance on its consolidated financial statements. NOTE 3:MARKETABLE SECURITIESThe following table summarizes the amortized cost, unrealized gains and losses, and fair value of available-for-sale marketable securities as ofDecember 31, 2016: *) Less than one year The following table summarizes the amortized cost and fair value of available-for-sale marketable securities as of ended December 31, 2016, bycontractual years-to maturity:F - 26 December 31, 2015 2016 Prepaid expenses $2,154 $3,169 Hedging transaction assets 155 379 Government authorities 694 947 Other current assets 290 309 $3,293 $4,804 December 31, 2015 2016 Cost: Computers and related equipment $3,712 $5,792 Leasehold improvements 1,092 1,621 Office furniture and equipment 1,095 1,353 5,899 8,766 Less - accumulated depreciation 2,315 4,006 Depreciated cost $3,584 $4,760 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 4: PREPAID EXPENSES AND OTHER CURRENT ASSETS NOTE 5: PROPERTY AND EQUIPMENT, NETThe composition of property and equipment is as follows: Depreciation expense amounted to $746, $1,129 and $1,965 for the years ended December 31, 2014, 2015 and 2016, respectively.F - 27 December 31, 2015 2016 Original amount: Technology $14,073 $14,073 Customer relationships 5,120 5,120 Other 490 490 19,683 19,683 Accumulated amortization: Technology 1,053 4,211 Customer relationships 2 1,137 Other 70 300 1,125 5,648 Intangible assets, net $18,558 $14,035 2017 $4,355 2018 4,064 2019 3,083 2020 1,408 2021 326 Thereafter 799 $14,035 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 6: INTANGIBLE ASSETS, NETThe composition of intangible assets is as follows: Amortization expense amounted to $1,125 and $4,523 for the years ended December 31, 2015 and 2016, respectively.The estimated future amortization expense of intangible assets as of December 31, 2016 is as follows:F - 28 December 31, 2015 2016 Government authorities $7,131 $3,722 Accrued expenses 1,730 2,602 Unrecognized tax benefits 362 474 Hedging transaction liabilities 143 78 $9,366 $6,876 Lease of premises Lease ofmotor vehicles 2017 $3,940 $268 2018 3,920 193 2019 4,042 105 2020 4,050 - 2021 4,057 Thereafter 2,632 - $22,641 $566 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 7: ACCRUED EXPENSES AND OTHER CURRENT LIABILITIES NOTE 8:COMMITMENTS AND CONTINGENT LIABILITIESa.Lease commitments:The Company leases its facilities under various operating lease agreements, which expire through 2022. In addition, the Company leasescertain motor vehicles under certain car operating lease agreements which expire through 2019. The minimum lease payments underoperating leases as of December 31, 2016 are as follows:Total lease expense for the years ended December 31, 2014, 2015 and 2016 was $2,309, $2,653 and $3,649, respectively.Total motor vehicle lease expense for the years ended December 31, 2014, 2015 and 2016 was $369, $435 and $511, respectively.b.Pledges and bank guarantees:The Company pledged a bank deposit of $1,236 mainly in respect of an office lease agreement and hedging transactions. This balance ispresented as part of short-term bank deposits and other long-term assets.The Company obtained bank guarantees of $1,045, primarily in connection with an office lease agreement.F - 29 December 31, 2016 Level 1 Level 2 Total Cash equivalents: Money market funds $1,906 $- $1,906 Marketable securities: Corporate debentures - 32,580 32,580 U.S. Agencies debentures - 2,443 2,443 Government treasuries - 666 666 Total assets measured at fair value $1,906 $35,689 $37,595 December 31, 2015 December 31, 2016 Authorized Issued and outstanding Authorized Issued andoutstanding Number of shares Ordinary shares of NIS 0.01 par value each 250,000,000 33,289,839 250,000,000 34,250,590 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 9:FAIR VALUE MEASUREMENTSThe following tables present the fair value of money market funds and marketable securities for the year ended December 31, 2016: NOTE 10: SHAREHOLDERS' EQUITYa.Composition of share capital of the Company:b.Ordinary shares:The ordinary shares of the Company confer upon the holders the right to receive notices of and to participate and vote in generalmeetings of the Company, rights to receive dividends and rights to participate in distribution of assets upon liquidation after all thepreferred shares received their preference amount in full.c.Share-based compensation:Under the Company's 2001 equity incentive plan, as amended March 5, 2003, and its 2011 and 2014 equity incentive plans(collectively, the “Plans”), options and restricted share units (“RSUs”) may be granted to employees, officers, non-employee consultantsand directors of the Company.Under the Plans, as of December 31, 2016, an aggregate of 725,620 shares were still available for future grant. Each option granted underthe Plans expires no later than ten years from the date of grant. The vesting period of the options is generally four years, unless the Boardof Directors or the Board's Compensation Committee determines otherwise. Any option which is forfeited or cancelled before expirationbecomes available for future grants. F - 30 Year endedDecember 31, 2014 2015 2016 Cost of revenues $137 $499 $1,386 Research and development 172 1,507 4,660 Sales and marketing 347 2,214 5,765 General and administrative 917 2,829 5,724 Total share-based compensation expense $1,573 $7,049 $17,535 Amountofoptions Weightedaverageexerciseprice Weighted averageremainingcontractualterm(in years) Aggregateintrinsic value Balance as of December 31, 2015 3,358,875 $14.27 6.54 $111,093 Granted 569,300 $43.39 Exercised (837,835) $2.99 Forfeited (51,983) $28.91 Balance as of December 31, 2016 3,038,357 $22.58 6.70 $77,346 Exercisable as of December 31, 2016 1,924,816 $11.00 5.52 $69,420 Vested and expected to vest as of December 31, 2016 3,005,577 $22.36 6.68 $77,144 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 10:SHAREHOLDERS' EQUITY (Cont.)The total share-based compensation expense related to all of the Company's equity-based awards, recognized for the years endedDecember 31, 2014, 2015 and 2016 is comprised as follows: The total unrecognized compensation cost amounted to $46,059 as of December 31, 2016, and is expected to be recognized over aweighted average period of 2.59 years. In March 2015, 15,000 warrants to purchase ordinary shares with an exercise price of $2.21 which were donated to “Tmura”, a non-profitorganization, were exercised.d.Options granted to employees:A summary of the activity in options granted to employees for the year ended December 31, 2016 is as follows: F - 31 Year endedDecember 31, 2014 2015 2016 Expected volatility 45% 45% 45%Expected dividends 0 0 0 Expected term (in years) 5.81-6.11 5.78-6.12 5.25-6.10 Risk free rate 1.55%-2.02% 1.37%-1.68% 1.30%- 1.70% Year endedDecember 31, 2014 2015 2016 Weighted-average grant date fair value of options granted $6.95 $24.56 $19.16 Total intrinsic value of the options exercised $9,943 $110,191 $37,618 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 10:SHAREHOLDERS' EQUITY (Cont.)The computation of expected volatility is based on actual historical share price volatility of comparable companies. The expectedoption term represents the period of time that options granted are expected to be outstanding. For stock-option awards which were at themoney when granted (plain vanilla stock-options), it is determined based on the simplified method in accordance with SAB No. 110, asadequate historical experience is not available to provide a reasonable estimate. The simplified method will continue to apply untilenough historical experience is available to provide a reasonable estimate of the expected term. The Company has historically not paiddividends and has no foreseeable plans to pay dividends and, therefore, uses an expected dividend yield of zero in the option pricingmodel. The risk-free interest rate is based on the yield of U.S. treasury bonds with equivalent terms. The following table set forth the parameters used in computation of the options compensation to employees for the years endedDecember 31, 2014, 2015 and 2016:A summary of options data for the years ended December 31, 2014, 2015 and 2016, is as follows:The aggregate intrinsic value is calculated as the difference between the per-share exercise price and the deemed fair value of anordinary share for each share subject to an option multiplied by the number of shares subject to options at the date of exercise. The fairvalue of the Company's ordinary shares was $45.50 per share as of December 31, 2016.F - 32 Exercise price Options outstandingas ofDecember31, 2016 Weighted average remainingcontractual term Options exercisable as ofDecember 31,2016 Weighted averageremainingcontractual term (years) (years) $0.20 – 2.21 1,297,621 4.36 1,284,815 4.34 $6.47 – 14.00 495,676 7.24 343,650 7.24 $37.44 – 44.37 264,180 9.08 14,886 8.31 $45.58 – 51.86 517,244 9.23 90,832 9.01 $55.30 – 64.93 463,636 8.50 190,633 8.49 3,038,357 6.70 1,924,816 5.52 AmountofRSU's Weightedaveragegrant datefair value Unvested as of December 31, 2015 396,910 $53.44 Granted 487,600 $44.96 Vested (122,916) $52.59 Forfeited (31,889) $48.43 Unvested as of December 31, 2016 729,705 $48.14 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 10:SHAREHOLDERS' EQUITY (Cont.)The following tables summarize information about the Company's outstanding and exercisable options granted to employees as ofDecember 31, 2016: e.A summary of RSU activity for the year ended December 31, 2016, is as follows:The total fair value of RSU’s vested (based on fair value of the Company's ordinary shares at vesting date) during the years endedDecember 31, 2015 and 2016 was $998 and $5,981, respectively.F - 33 Year endedDecember 31, 2014 2015 2016 Domestic $13,194 $28,285 $32,077 Foreign 1,272 3,458 4,124 $14,466 $31,743 $36,201 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 11: INCOME TAXESCyberArk Software Ltd.'s subsidiaries are separately taxed under the domestic tax laws of the jurisdiction of incorporation of each entity.a. Corporate tax in Israel:Taxable income of the Company is subject to a corporate tax rate as follows: 2014 and 2015– 26.5% and 2016 – 25%.On January 5, 2016, the Israeli Parliament officially published the Law for the Amendment of the Israeli Tax Ordinance (Amendment216), that reduced the corporate tax rate from 26.5% to 25%.In December 2016, the Israeli Parliament approved the Economic Efficiency Law (Legislative Amendments for Applying the EconomicPolicy for the 2017 and 2018 Budget Years), which reduces the corporate income tax rate to 24% effective from January 1, 2017 and to23% effective from January 1, 2018.b.Income before taxes on income is comprised as follows:F - 34 December 31, 2015 2016 Deferred tax assets: Net operating loss carry-forwards $5,584 $1,956 Capital losses carry-forwards 52 50 Research and development expenses 2,945 4,119 Deferred revenues 3,760 4,222 Issuance expenses 790 124 Share-based compensation 549 2,979 Accruals and other 1,590 1,612 Deferred tax assets before valuation allowance 15,270 15,062 Valuation allowance 52 50 Deferred tax asset $15,218 $15,012 Deferred tax liabilities: Intangible assets $5,761 $3,961 Property and equipment depreciation and other 213 662 Deferred tax liabilities $5,974 $4,623 Year endedDecember 31, 2014 2015 2016 Current $4,467 $10,042 $9,207 Deferred 45 (4,093) (1,130) $4,512 $5,949 $8,077 Year endedDecember 31, 2014 2015 2016 Domestic $2,485 $5,208 $4,906 Foreign 2,027 741 3,171 $4,512 $5,949 $8,077 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 11: INCOME TAXES (Cont.)c.Deferred income taxes:Deferred taxes reflect the net tax effect of temporary differences between the carrying amounts of assets and liabilities for financialreporting purposes and the amounts recorded for tax purposes. Significant components of the Company's deferred tax assets andliabilities are as follows: d.Income taxes are comprised as follows: F - 35 Year endedDecember 31, 2014 2015 2016 Income before income taxes $14,466 $31,743 $36,201 Statutory tax rate 26.5% 26.5% 25.0% Theoretical income tax expense 3,833 8,412 9,050 Utilization of tax losses and deferred taxes for which valuation allowance wasprovided, net (143) (771) (72)Deferred taxes on losses for which valuation allowance was provided, net 834 (1,713) - Non-deductible expenses 1,165 2,295 2,569 Unrecognized tax expense 19 8 81 Foreign and preferred enterprise tax rates differential (838) (2,303) (3,468)Other (358) 21 (83) Income tax expense $4,512 $5,949 $8,077 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 11: INCOME TAXES (Cont.)e.A reconciliation of the Company's theoretical income tax expense to actual income tax expense is as follows: f.Net operating loss carry-forwards:As of December 31, 2016, the Company had net operating and capital tax losses totaling approximately $36,227 and $219, respectively,out of which approximately $2,727 and $219 of losses, respectively, were attributed to Israel and can be carried forward indefinitely and$33,500 (including $30,041 of excess tax benefits related to share based compensation) and none, respectively, were attributed to theU.S. subsidiary and can be carried forward for up to 20 years. Utilization of some of U.S. net operating losses are subject to annuallimitation due to the “change in ownership” provisions of the Internal Revenue Code of 1986 and similar state provisions. The annuallimitation may result in the expiration of net operating losses before utilization.g.Tax benefits under the Law for the Encouragement of Capital Investments, 1959:The Company has been granted “Approved Enterprise” Status, under the above Law. The Company has elected the alternative benefitsprogram, waiver of grants in return for tax exemptions. Pursuant thereto, the income of the Company derived from the “ApprovedEnterprise” program is tax-exempt for two years and will enjoy a reduced tax rate of 10%-25% for up to a total of eight years (subject toan adjustment based upon the foreign investors' ownership of the Company).The period of tax benefits detailed above is subject to limits of 12 years from the year of commencement of production, or 14 years fromgranting of approval, whichever is earlier.F - 36 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 11: INCOME TAXES (Cont.)The tax-exempt income attributable to the “Approved Enterprise” can be distributed to shareholders, without subjecting the Companyto taxes, only upon the complete liquidation of the Company. If these retained tax-exempt profits are distributed, they would be taxed atthe corporate tax rate applicable to such profits as if the Company had not elected the alternative tax benefits program (currentlybetween 10% to 25% for an “Approved Enterprise”).Entitlement to the above benefits is conditional upon the Company fulfilling the conditions stipulated by the above law, regulationspublished thereunder and the letters of approval for the specific investments in “approved enterprises”. In the event of failure to complywith these conditions, the benefits may be canceled and the Company may be required to refund the amount of the benefits, in whole orin part, including interest and CPI linkage.Income not eligible for “approved enterprise” benefits mentioned above is taxed at the regular rate.On April 1, 2005, an amendment to the Investment Law came into effect (“the Amendment”) and significantly changed the provisions ofthe Investment Law. However, the Investment Law provides that terms and benefits included in any letter of approval already granted will remain subject tothe provisions of the law as they were on the date of such approval. Therefore, the Company's existing Approved Enterprise willgenerally not be subject to the provisions of the Amendment.Such an enterprise is a “Beneficiary Enterprise”, rather than the previous terminology of Approved Enterprise. The period of tax benefitsfor a new Beneficiary Enterprise commences in the “Year of Commencement”. This year is the later of: (1) the year in which taxableincome is first generated by the company, or (2) the Year of Election.The Company has elected the status of a Beneficiary Enterprise for the years ended in 2006 and 2008.As of December 31, 2016, approximately $13,077 was derived from tax exempt profits earned by the Company's “Approved Enterprises”and “Beneficiary Enterprise”. The Company and its Board of Directors have determined that such tax-exempt income will not bedistributed as dividends and intends to reinvest the amount of its tax exempt income earned by the Company. Accordingly, no provisionfor deferred income taxes has been provided on income attributable to the Company's “Approved Enterprises” and “BeneficiaryEnterprise” as such income is essentially permanently reinvested.If the Company's retained tax-exempt income is distributed, the income would be taxed at the applicable corporate tax rate as if it hadnot elected the alternative tax benefits under the Investment Law and an income tax liability of up to $3,211 would be incurred as ofDecember 31, 2016.F - 37 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 11: INCOME TAXES (Cont.) On December 29, 2010, the Knesset approved an additional amendment to the Law for the Encouragement of Capital Investments, 1959.According to the amendment, a reduced uniform corporate tax rate for exporting industrial enterprises (over 25%) was established. Thereduced tax rate will not be program dependent and will apply to the "Preferred Enterprise's" (as such term is defined in the InvestmentLaw) entire income. Pursuant to the amendment, a "Preferred Enterprise" is entitled to a reduced corporate tax rate of 15% in 2011 and2012, unless the Preferred Enterprise is located in a specified development zone, in which case the rate will be 10%. Such corporate taxrate was reduced from 15% and 10%, respectively, to 12.5% and 7%, respectively in 2013, and then increased to 16% and 9%,respectively, in 2014 until 2016. On March 2013, the Company notified the Israeli Tax Authorities that it had transferred from Beneficiary Enterprise status to PreferredEnterprise status.Amendment to the Law for the Encouragement of Capital Investments, 1959 (Amendment 73):In December 2016, the Economic Efficiency Law (Legislative Amendments for Applying the Economic Policy for the 2017 and 2018Budget Years), 2016 which includes Amendment 73 to the Law for the Encouragement of Capital Investments (“the Amendment”) waspublished. According to the Amendment, a preferred enterprise located in development area A will be subject to a tax rate of 7.5%instead of 9% effective from January 1, 2017 and thereafter (the tax rate applicable to preferred enterprises located in other areas remainsat 16%).The Amendment also prescribes special tax tracks for technological enterprises, which are subject to rules that are to be issued by theMinister of Finance by March 31, 2017.The new tax track under the Amendment is relevant to the Company as follows:Technological preferred enterprise is defined as an enterprise for which total consolidated revenues of its parent company and allsubsidiaries are less than NIS 10 billion. A technological preferred enterprise, as defined in the Amendment, which is located in thecenter of Israel will be subject to tax at a rate of 12% on profits deriving from intellectual property (in development area A - a tax rate of7.5%).Any dividends distributed to “foreign companies”, as defined in the Amendment, deriving from income from the technologicalenterprises will be subject to tax at a rate of 4%.Since as of December 31, 2016 definitive criteria to determine the tax benefits had not yet been established, it cannot be concluded thatthe legislation in respect of technological enterprises had been enacted or substantively enacted as of that date. Accordingly, the abovechanges in the tax rates relating to technological enterprises were not taken into account in the computation of deferred taxes as ofDecember 31, 2016.F - 38 Year endedDecember 31, 2015 2016 Opening balance $322 $362 Increase related to prior year tax positions 4 53 Increase related to current year tax positions 36 59 Closing balance $362 $474 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 11: INCOME TAXES (Cont.)h. Tax benefits under the Law for the Encouragement of Industry (Taxation), 1969:Management believes that the Company currently qualifies as an “industrial company” under the above law and as such, is entitled tocertain tax benefits including accelerated depreciation, deduction of public offering expenses in three equal annual installments andamortization of other intangible property rights for tax purposes.i.Tax assessments:CyberArk Software Ltd. tax years until December 31, 2012 are subject to statutes of limitation as of December 31, 2016. The U.K.subsidiary's tax years until December 31, 2012 are subject to statutes of limitation as of December 31, 2016. The U.S. subsidiary's taxyears ended from December 31, 2002, 2004, 2005, 2006, 2008, 2011 and 2013 through 2016 are still open, as the statutes of limitationhave not yet expired.j.Uncertain tax benefits:A reconciliation of the opening and closing amounts of total unrecognized tax benefits is as follows:F - 39 Year endedDecember 31, 2014 2015 2016 Bank charges $(63) $(86) $(144)Changes in fair value of warrants to purchase preferred shares (4,309) - - Exchange rate loss, net (1,817) (1,723) (969) Total expenses (6,189) (1,809) (1,113) Interest income 201 330 1,358 Financial income (expenses), net $(5,988) $(1,479) $245 Year endedDecember 31, 2014 2015 2016 Numerator: Net income $9,954 $25,794 $28,124 Dividends accumulated for the period (3,815) - - Net income available to shareholders of ordinary shares $6,139 $25,794 $28,124 Denominator: Shares used in computing net income per ordinary shares, basic 13,335,059 32,124,772 33,741,359 Year endedDecember 31, 2014 2015 2016 Numerator: Net income available to shareholders of ordinary shares $9,954 $25,794 $28,124 Denominator: Shares used in computing net income per ordinary shares, diluted 29,704,730 35,322,716 35,838,863 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 12: FINANCIAL INCOME (EXPENSES), NET NOTE 13: BASIC AND DILUTED NET INCOME PER SHAREF - 40 Year endedDecember 31, 2014 2015 2016 United States $60,761 $92,034 $125,749 Israel 4,234 5,203 6,818 United Kingdom 12,220 16,746 21,699 EMEA *) 16,744 28,695 39,577 Other 9,040 18,134 22,770 $102,999 $160,812 $216,613 December 31, 2015 2016 United States $929 $1,421 Israel 2,418 3,014 United Kingdom 155 90 EMEA *) 22 24 Other 60 211 $3,584 $4,760 CYBERARK SOFTWARE LTD.NOTES TO CONSOLIDATED FINANCIAL STATEMENTSU.S. dollars in thousands (except share and per share data) NOTE 14: SEGMENTS, CUSTOMERS AND GEOGRAPHIC INFORMATIONa.The Company applies ASC Topic 280, “Segment Reporting” (“ASC No. 280”). The Company operates in one reportable segment.b.The following tables present total revenues for the years ended December 31, 2014, 2015 and 2016 and long-lived assets as of December31, 2015 and 2016:Revenues: For the years ended December 31, 2014 and 2015, no single customer contributed more than 10% to the Company's total revenues. Forthe year ended December 31, 2016, 12.1% of the Company's total revenues was derived from one channel partner.Long-lived assets: *)Europe, the Middle East and Africa, excluding United Kingdom and IsraelF - 41 SIGNATURES The registrant hereby certifies that it meets all of the requirements for filing on Form 20-F and that it has duly caused and authorized the undersigned to signthis annual report on its behalf. CyberArk Software Ltd. Date: March 16, 2017By:/s/ Ehud Mokady Ehud Mokady Chairman of the Board & Chief Executive Officer 98 INDEX OF EXHIBITS Exhibit No. Description 1.1 Articles of Association of the Registrant (incorporated by reference to Exhibit 3.4 to the Registrant's Registration Statement on Form F-1, as amended (Registration No. 333-196991)) 2.1 Specimen share certificate (incorporated by reference to Exhibit 4.1 to the Registrant's Registration Statement on Form F-1, as amended(Registration No. 333-196991)) 2.2 Fourth Amended Investor Rights Agreement, dated July 10, 2014, by and among the Registrant and the other parties thereto(incorporated by reference to Exhibit 10.1 to the Registrant's Registration Statement on Form F-1, as amended (Registration No. 333-196991)) 4.1 Form of Indemnification Agreement (incorporated by reference to Exhibit 10.2 to the Registrant's Registration Statement on Form F-1,as amended (Registration No. 333-196991)) 4.2 Summary of Office Lease Agreement, dated May 30, 2004, between the Registrant and Azorei Melal Industries Ltd., as amended ∞ 4.3 Office Lease Agreement, dated October 28, 2013, between Cyber-Ark Software, Inc. and Wells 60 Realty LLC (incorporated byreference to Exhibit 10.4 to the Registrant's Registration Statement on Form F-1, as amended (Registration No. 333-196991)) 4.4 First Amendment of Lease, dated October 23, 2014, between Cyber-Ark Software, Inc. and Wells 60 Realty LLC (incorporated byreference to Exhibit 10.6 to the Registrant's Registration Statement on Form F-1, as amended (Registration No. 333-202329)) 4.5 Summary of Office Lease Agreement, dated February 26, 2015, between the Registrant and Azorei Melal Industries Ltd., as amended ∞ 4.6 2001 Stock Option Plan (incorporated by reference to Exhibit 10.5 to the Registrant's Registration Statement on Form F-1, as amended(Registration No. 333-196991)) 4.7 Section 102 2001 Stock Option Plan (incorporated by reference to Exhibit 10.6 to the Registrant's Registration Statement on Form F-1,as amended (Registration No. 333-196991)) 4.8 First Amendment to Section 102 2001 Stock Option Plan (incorporated by reference to Exhibit 10.7 to the Registrant's RegistrationStatement on Form F-1, as amended (Registration No. 333-196991)) 4.9 2011 Share Incentive Plan (incorporated by reference to Exhibit 10.8 to the Registrant's Registration Statement on Form F-1, asamended (Registration No. 333-196991)) 4.10 CyberArk Software Ltd. 2014 Share Incentive Plan, as amended (incorporated by reference to Exhibit 4.10 to the Registrant's AnnualReport on Form 20-F for the year ended December 31, 2015) 4.11 CyberArk Executive Compensation Policy (incorporated by reference to Appendix A of Exhibit 99.1 to the Registrant's Report ofForeign Private Issuer on Form 6-K filed with the SEC on November 20, 2014) 8.1 List of subsidiaries of the Registrant99 12.1 Certification of Principal Executive Officer required by Rule 13a-14(a) and Rule 15d-14(a) (Section 302 Certifications) 12.2 Certification of Principal Financial Officer required by Rule 13a-14(a) and Rule 15d-14(a) (Section 302 Certifications) 13.1 Certification of Principal Executive Officer required by Rule 13a-14(b) and Rule 15d-14(b) (Section 906 Certifications), furnishedherewith 13.2 Certification of Principal Financial Officer required by Rule 13a-14(b) and Rule 15d-14(b) (Section 906 Certifications), furnishedherewith 15.1 Consent of Kost Forer Gabbay & Kasierer (a member of Ernst & Young Global) 101.INS XBRL Document 101.SCH XBRL Taxonomy Extension Schema Document 101.CAL XBRL Taxonomy Extension Calculation Linkbase Document 101.DEF XBRL Taxonomy Definition Linkbase Document 101.LAB XBRL Taxonomy Extension Label Linkbase Document 101.PRE XBRL Taxonomy Extension Presentation Linkbase Document ∞English summary of original Hebrew document 100 Exhibit 4.2 English Summary of the Office Lease Agreement dated as of May 30, 2004 by and between Azorei Mallal Industries Ltd. (the "Landlord") and CyberArkSoftware Ltd. (the "Company") (the "Original Lease"), as amended by those certain Addendums dated May 3, 2007, March 29, 2009, September 16, 2009,January 11, 2010, March 16, 2010, August 5, 2012, December 7, 2010, March 7, 2011, May 25, 2011, January 9, 2012, February 16, 2012, September 10,2012, October 11, 2012, January 29, 2013, December 12, 2013, November 15, 2015, January 7, 2016, May 30, 2016, December 4, 2016, January 15, 2017,January 28, 2017 and February 19, 2017 (collectively, the "Lease Agreement"). ·Subject Matter of the Lease Agreement: Unprotected tenancy lease of office and parking spaces for the purpose of conducting the Company'sbusiness. Premises are located in Petach-Tikva, Israel. ·Term of Original Lease: ·The term of the Original Lease was thirty-six (36) months commencing on July 1, 2004, with the Company's right for early termination (whichwas not exercised by the Company). Under the Original Lease, the Company was given two options to extend the term of the lease, each by atwelve (12)-month period (subject to certain prior notices to the Landlord). ·The term of the lease was extended several times over the years. Currently, the lease is set to expire on the later of June 30, 2017 and the date onwhich the Company receives control of the new premises it is leasing from the Landlord (with no right for early termination by the Company). ·The term of the lease of all parking spaces leased by the Company from time to time is linked to the lease term of the main premises. ·Premises Covered by the Lease Agreement: ·Property – Under the Original Lease, the Company leased 843 square meters (gross) (approximately 9,074 square feet). Since then the Companyhas leased additional premises as follows: 550 square meters (gross) (approximately 5,920 square feet) under the May 3, 2007 Addendum, 630square meters (gross) (approximately 6,781 square feet) under the February 16, 2012 Addendum, 867 square meters (gross) (approximately 9,332square feet) under the January 29, 2013 Addendum, 670 square meters (gross) (approximately 7,212 square feet) under the December 12, 2013Addendum, 250 square meters (gross) (approximately 2,691 square feet) under the November 15, 2015 Addendum, 579 square meters (gross)(approximately 6,232 square feet) under the January 7, 2016 Addendum, and 1,540 square meters (gross) (approximately 16,576 square feet)under the December 4, 2016 Addendum. In total, the Company currently leases 5,929 square meters (gross) (approximately 64,000 square feet). ·Parking – The Company originally leased ten (10) parking spaces, and currently leases two hundred and thirty (230) parking spaces. ·Rental Fees: ·Property – Under the Original Lease, during the original lease term the Company was to pay monthly rental fees of US $10 per square meter(gross). Such rental fees were to increase to US $10.75 for the two option periods under the Original Lease. All rental fees under the OriginalLease were based on a fixed 4.587 NIS/Dollar exchange rate, exclusive of VAT and index-linked to the Consumer Price Index published by theCentral Bureau of Statistics (the "Index"); provided that the rental fees shall not be less than the nominal values listed above. Currently, the monthly rental fee for the premises leased by the Company is NIS 67.87 per square meter (gross), plus VAT and linked to theConsumer Price Index published by the Central Bureau of Statistics and known on December 6, 2012 (and shall not be reduced below suchamount); provided that the rental fees per square meter shall not be less than the nominal values listed above and provided further that, withrespect to the premises leased under the November 15, 2015 Addendum, the monthly rental fee is NIS 71.00 per square meter, with respect topremises leased under the January 7, 2016 Addendum, the monthly rental fee is NIS 65.00 per square meter and with respect to premises leasedunder the December 4, 2016 Addendum, the monthly rental fee is NIS 72.00 per square meter. In the event that the lease is extended untilDecember 31, 2018, the monthly rental fee shall be increased by 5% compared to the monthly rental fee actually paid by the Company for theDecember 2017 lease. ·Parking – The monthly rental fee for the parking spaces currently leased by the Company ranges from NIS 360 to NIS 480 per parking space, ineach case plus VAT and Index-linked. ·Management Fees – The management fees currently being paid by the Company with respect of an aggregate of 2,023 square meters (gross)(approximately, 21,775 square feet) equal to NIS 15.5 per square meter (gross) and with respect of the remaining 3,906 square meters (gross)(approximately, 25,467 square feet) paid on a cost plus 15% basis (approximately NIS 20 per square meter), in each case plus VAT and Index-linked. ·Guarantees – ·An autonomous un-conditioned bank guarantee, for three (3) months' rental fee plus VAT, to be extended from time to time by the Company toremain in effect for the duration of the term of lease and for thirty (30) days thereafter. ·Dispute Resolution – ·The Lease Agreement shall be governed by an agreed-upon arbitrator, the identity of which shall be determined between the parties (and withrespect to legal disputes – by the parties' legal counsels). In the lack of such agreement, the identity of the arbitrator shall be decided by theChairman of the Israeli Bar Association or the Chairman of the Engineers and Architects' Association, as applicable. ·Other Terms under the Lease Agreement: ·The Company has a right to sub-lease the premises (or any portion thereof), subject to the Landlord's prior written consent (not to beunreasonably withheld). The Company may also transfer its rights to the premises to an affiliate, subject to the Landlord's prior written consent(not to be unreasonably withheld). ·Similar to other lease agreements, the Company agreed to assume responsibility for all fees, municipal or local taxes, utility payments,etc.; provided that the Landlord shall bear any and all taxes and fees, which by their nature are levied on property owners. ·Similar to other lease agreements, each party has agreed to assume responsibility for any damage, injury or loss (bodily or otherwise) resultingfrom any act, omission or negligence on its part, and with respect of the Company – relating to its use of the property being leased. ·The Lease Agreement further includes terms concerning the following non-material matters: ·Renovations – Generally, the Company may not perform any major renovations on the premises without prior written authorization fromthe Landlord. Subject to such advance approval by the Landlord, the Company may invest certain amounts on renovations for which theLandlord has agreed to reimburse the Company for a certain percentage of the costs. ·Late Rental Fees – In the event the Company fails to pay any of its rental fees on time, the amount overdue accrues interest based on BankHapoalim Ltd.'s standard rate for unauthorized overdrafts starting from the tenth day following the payment due date until the actual date ofpayment. If the amount due is for rental, management or electricity fees, the Landlord is entitled to stop any of these services other thandisconnecting water and power, provided it shall notify the Company in writing seven days in advance.- 2 - ·Utilities – The Company is responsible for paying for water, power and telephone utility bills, in addition to any taxes or fees, tolls, levies,property taxes and any other payments owed to governmental or local authorities relating to the property during the term of the LeaseAgreement, unless such fees are specifically designated for the property owner. ·No Right of set-off – The parties have agreed that any amounts owed shall not be subject to a set-off right. ·Termination of the lease, vacating of premises and fixtures – Upon the termination of the Lease Agreement, the Company shall vacate thepremises from any person or object which is not owned by the Landlord and return it to the Landlord in an undamaged, usable state. TheCompany has sole discretion to remove any fixtures, provided such removal does not damage the premises and provided that the Landlordwill have no duty to compensate the Company for fixtures which it decides to leave. ·Early termination rights and taxes with respect to parking spaces – The Company is entitled to park its vehicles on the premises during theterm of the Lease Agreement, although the Landlord may terminate such right at any time upon 60 days advance notice. The Company hasagreed to allow the Landlord to use the extra parking spaces at the premises on an as available basis. The fees that the Company pays forparking spaces under the Lease Agreement include maintenance and management fees but do not include property tax or any other feesimposed by local authorities and for which the Company shall be liable immediately upon demand. ·Payment Method– The rental fees shall be paid three months in advance by no later than the fifth day of the month during which a paymentis made. The Company has agreed to sign a direct debit with respect to the rental and management fees. In the event the Company is over-charged, that extra amount shall be remitted to the Company within five business days. - 3 - Exhibit 4.5 English summary of the office lease agreement dated February 26, 2015 entered by and between Azorei Mallal Industries Ltd. (the "Landlord") andCyberArk Software Ltd. (the "Company"), regarding the Company's new office space in Petach-Tikva, Israel, as amended on April 7, 2016 ("Lease"). •Subject Matter of the Lease: Unprotected tenancy lease of office and parking spaces for the purpose of conducting the Company's business.Premises are located in Petach-Tikva, Israel. •Term of the Lease: ■The term of the Lease is sixty (60) months commencing on July 1, 2017 other than with respect to the 4th floor which shall commence as ofJuly 1, 2018, with the Company's right for early termination after 36 months. The Company is given two options to extend the term of theLease of twelve (12) months each. Such options apply automatically unless the Company notifies the Landlord 180 days prior to thecommencement of each such option period that it does not wish to exercise the option. ■The term of the Lease for all parking spaces, leased by the Company from time to time, is linked to the lease term of the main premises. •Premises Covered by the Lease: ■Property – The Company leases the upper 8 floors, levels 4 to 11. The Company has an option to lease the remaining 2 floors subject to aprior written notice to be given no later than 31.10.2018. ■ Parking – The Company has the right to lease two hundred and forty (240) parking lots. •Rental Fees: ■Property – The Company shall pay a monthly rental fee of 74 NIS (approximately US$18) per square meter (gross). For the first optionperiod, the monthly rental fees shall be increased by 5% compared to the monthly rental fee of the preceding period. All rental fees areexclusive of VAT and index-linked to the Consumer Price Index published by the Central Bureau of Statistics (the "Index"); provided thatthe rental fees shall not be less than the nominal values listed above. ■Parking – The monthly rental fee for the parking spaces currently leased by the Company is NIS 433 per parking space, in each case plusVAT and Index-linked. ■Management Fees – The management fees shall be paid on a cost plus 15% basis plus VAT and Index-linked. ■Payment Terms – The rental fees shall be paid three months in advance by no later than the fifth day of the month during which a paymentis made. The Company has agreed to sign a direct debit with respect to the rental and management fees. In the event the Company is over-charged, that extra amount shall be remitted to the Company within five business days. •Guarantees: ■An autonomous un-conditional bank guarantee, for an amount representing three (3) months' rental fee plus VAT, to be extended from timeto time by the Company to remain in force for the entire term of Lease and for ninety (90) days thereafter. •Dispute Resolution: ■Technical disputes raised regarding the Lease, shall be governed by an agreed-upon professional arbitrator (a civil engineer). Legaldisputes raised regarding the Lease, shall be governed by Israeli Court in Tel Aviv. •Other Terms of the Lease: ■In the event the commencement of the Lease term shall be delayed due to a delay in issuing a building permit and/or the construction, theCompany shall have the right to extend the Lease accordingly. After the initial 90 days of delay, the Company shall be entitled tocompensation of the monthly rental fee of the Lease. ■The Company has a right to sub-lease the premises (or any portion thereof) and to sub-let to a substitute lessee, subject to the Landlord'sprior written consent. The Company may also transfer the Lease to an affiliate, subject to the Landlord's prior written consent. ■ Similar to other lease agreements, each party agrees to assume responsibility for any damage, injury or loss (bodily or otherwise)resulting from any act, omission or negligence on its part, and with respect of the Company—relating to its use of the leased property. •The Lease further includes terms concerning the following matters: ■Renovations – Generally, the Company may not perform any major renovations on the premises without prior written authorization fromthe Landlord. Subject to such advance approval by the Landlord, the Company may invest certain amounts on renovations for which theLandlord has agreed to reimburse the Company for a certain percentage of the costs. ■Utilities – The Company is responsible for paying for water, power and telephone utility bills, in addition to any taxes or fees, tolls, levies,property taxes and any other payments owed to governmental or local authorities relating to the property during the term of the Lease,unless such fees are specifically designated for the property owner. ■No Right of set-off – The parties have agreed that any amounts owed shall not be subject to a set-off right. ■Termination of the Lease, vacating of premises and fixtures – Upon the termination or expiration of the Lease, the Company shall vacatethe premises from any person or object which is not owned by the Landlord and return it to the Landlord in an undamaged, usable state.The Company has sole discretion to remove any fixtures, provided such removal does not damage the premises and provided that theLandlord will have no duty to compensate the Company for fixtures which it decides to leave. - 2 - Exhibit 8.1 List of Subsidiaries of CyberArk Software Ltd. Name of SubsidiaryPlace of Incorporation CyberArk Software, Inc.Delaware, United StatesCyber-Ark Software (UK) LimitedUnited KingdomCyberArk Software (Singapore) PTE. LTD.SingaporeCyber-Ark Software (DACH) GmbHGermanyCyberArk Software Italy S.r.l.ItalyCyberArk Software (France) SARLFranceCyberArk Software (Netherlands) B.V.NetherlandsCyberArk Software (Australia) Pty Ltd.AustraliaViewfinity Ltd.Israel Exhibit 12.1 CERTIFICATION OF PRINCIPAL EXECUTIVE OFFICER PURSUANT TOEXCHANGE ACT RULE 13A-14(A)/15D-14(A)AS ADOPTED PURSUANT TO SECTION 302OF THE SARBANES-OXLEY ACT OF 2002 I, Ehud Mokady, certify that: 1.I have reviewed this Annual Report on Form 20-F of CyberArk Software Ltd. (the "company"); 2.Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make thestatements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report; 3.Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects thefinancial condition, results of operations and cash flows of the company as of, and for, the periods presented in this report; 4.The company's other certifying officer and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in ExchangeAct Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for thecompany and have: a.Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision,to ensure that material information relating to the company, including its consolidated subsidiaries, is made known to us by others withinthose entities, particularly during the period in which this report is being prepared; b.Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under oursupervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements forexternal purposes in accordance with generally accepted accounting principles; c.Evaluated the effectiveness of the company's disclosure controls and procedures and presented in this report our conclusions about theeffectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and d.Disclosed in this report any change in the company's internal control over financial reporting that occurred during the period covered bythe annual report that has materially affected, or is reasonably likely to materially affect, the company's internal control over financialreporting; and 5.The company's other certifying officer and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to thecompany's auditors and the audit committee of the company's board of directors (or persons performing the equivalent functions): a.All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which arereasonably likely to adversely affect the company's ability to record, process, summarize and report financial information; and b.Any fraud, whether or not material, that involves management or other employees who have a significant role in the company's internalcontrol over financial reporting. /s/ Ehud Mokady Ehud MokadyChairman of the Board & Chief Executive Officer Date: March 16, 2017 Exhibit 12.2 CERTIFICATION OF PRINCIPAL FINANCIAL OFFICER PURSUANT TOEXCHANGE ACT RULE 13A-14(A)/15D-14(A)AS ADOPTED PURSUANT TO SECTION 302OF THE SARBANES-OXLEY ACT OF 2002 I, Joshua Siegel, certify that: 1.I have reviewed this Annual Report on Form 20-F of CyberArk Software Ltd. (the "company"); 2.Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make thestatements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report; 3.Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects thefinancial condition, results of operations and cash flows of the company as of, and for, the periods presented in this report; 4.The company's other certifying officer and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in ExchangeAct Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for thecompany and have: a.Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision,to ensure that material information relating to the company, including its consolidated subsidiaries, is made known to us by others withinthose entities, particularly during the period in which this report is being prepared; b.Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under oursupervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements forexternal purposes in accordance with generally accepted accounting principles; c.Evaluated the effectiveness of the company's disclosure controls and procedures and presented in this report our conclusions about theeffectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and d.Disclosed in this report any change in the company's internal control over financial reporting that occurred during the period covered bythe annual report that has materially affected, or is reasonably likely to materially affect, the company's internal control over financialreporting; and 5.The company's other certifying officer and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to thecompany's auditors and the audit committee of the company's board of directors (or persons performing the equivalent functions): a.All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which arereasonably likely to adversely affect the company's ability to record, process, summarize and report financial information; and b.Any fraud, whether or not material, that involves management or other employees who have a significant role in the company's internalcontrol over financial reporting. /s/ Joshua Siegel Joshua SiegelChief Financial Officer Date: March 16, 2017 Exhibit 13.1 CERTIFICATION OF PRINCIPAL EXECUTIVE OFFICER PURSUANT TO18 U.S.C. SECTION 1350AS ADOPTED PURSUANT TO SECTION 906OF THE SARBANES-OXLEY ACT OF 2002 In connection with the Annual Report of CyberArk Software Ltd. (the "Company") on Form 20-F for the fiscal year ended December 31, 2016 as filed with theSecurities and Exchange Commission on the date hereof (the "Report"), I, Ehud Mokady, do certify, pursuant to 18 U.S.C. § 1350, as adopted pursuant toSection 906 of the Sarbanes-Oxley Act of 2002, that to my knowledge: (1) The Report fully complies with the requirements of Section 13(a) or 15(d) of the Securities Exchange Act of 1934; and (2) The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the Company. /s/ Ehud Mokady Ehud MokadyChairman of the Board and Chief Executive Officer Date: March 16, 2017 Exhibit 13.2 CERTIFICATION OF PRINCIPAL FINANCIAL OFFICER PURSUANT TO18 U.S.C. SECTION 1350AS ADOPTED PURSUANT TO SECTION 906OF THE SARBANES-OXLEY ACT OF 2002 In connection with the Annual Report of CyberArk Software Ltd. (the "Company") on Form 20-F for the fiscal year ended December 31, 2016 as filed with theSecurities and Exchange Commission on the date hereof (the "Report"), I, Joshua Siegel, do certify, pursuant to 18 U.S.C. § 1350, as adopted pursuant toSection 906 of the Sarbanes-Oxley Act of 2002, that to my knowledge: (1) The Report fully complies with the requirements of Section 13(a) or 15(d) of the Securities Exchange Act of 1934; and (2) The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the Company. /s/ Joshua Siegel Joshua SiegelChief Financial Officer Date: March 16, 2017 Exhibit 15.1 CONSENT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM We hereby consent to the incorporation by reference in the Registration Statements on Form S-8 (Nos. 333-200367 and 333-202850) of CyberArk SoftwareLtd. of our reports dated March 16, 2017 with respect to the consolidated financial statements of CyberArk Software Ltd. and its subsidiaries and theeffectiveness of internal control over financial reporting of CyberArk Software Ltd. and its subsidiaries included in this annual report on Form 20-F for theyear ended December 31, 2016. Tel Aviv, Israel /s/ KOST FORER GABBAY AND KASIERERMarch 16, 2017 A member of Ernst & Young Global

Continue reading text version or see original annual report in PDF format above