FireEye, Inc.
Annual Report 2018

Download report
Bookmark report

More annual reports from FireEye, Inc.:

2019 Report
2018 Report
2017 Report
2016 Report
2015 Report

Plain-text annual report

2018 ANNUAL REPORT a fireeye OVERVIEW Quick Facts 7,700+ customers in ntries 103 countries >50% of the Forbes Global 2000 3,200+ emmployees emem wworldwide $831M in revenue in 2018 2004 year founded Everyery day at FireEye, we seee ffirirststhaha finaancial costt ttoo gogovvernments, co mind,dd, and a sense of control ov lessly protect our cust relentlessly protect our cust ust hand the impact of cyberr aattttacacksks oonn re lal people—not just the corporations and inndidivividuduals, but the human cost in time, peace of over onone’e ss enen ivironment. This is what inspires us to fulfill our mission to sttomers from the impact and consequences of cyber threats. protects orga FireEye protects o ga ga ganizations by combining world-class threat detection, forensics, analytics, mation tec and automation tec andand a ec echnologies with the power of frontline human expertise. Our netwo etwo ork, e e email and endpoint security products detect and block tens of thousands of e malicious s eve eve events every hour of every day – threats often missed by other security solutions. These tec echech echnologies are unified in the FireEye Helix security operations platform, creating a coompmpre re rehensive solution that is greater than the sum of its parts. Helix integrates and analyzes data a a from FireEye and third-party security products, prioritizing alerts and providing the contextual intelligence necessary to investigate and respond. In short, Helix makes it easier coco ff for customers to identify, investigate and respond to the threats that matter. Frontline Human Expertise The protection delivered by our security products and technologies is further strengthened by our Expertise On Demand and Managed Defense offerings. Through these services — available by subscription and delivered through the cloud – FireEye experts can become a seamless extension of our customers’ security teams. INNOVATION CYCLE FireEye is on the front lines of cyber attacks every day, conducting investigations, gathering intelligence, and tracking adversaries. Our unrivaled real-time knowledge of the global threat landscape is derived from more than a decade of experience and 350,000+ hours of incident investigations and cyber security consulting each year. Our product teams build solutions based on this knowledge, and our frontline experts further refine these solutions in real-world situations. Through this unique, continuous Innovation Cycle, and our advanced technologies such as deep learning, artificial intelligence, analytics, we can quickly adapt our solutions to keep pace with adversaries and emerging threats. We believe our powerful Innovation Cycle ensures that FireEye products and services are designed to directly address today’s threat actors and the techniques they employ and provide the best line of defense in cyber security. Innovative Technology Machine Intelligence Campaign Intelligence Adversarial Intelligence Incident Response More than four million virtual machine images deployed globally, confirming threat discovery and detection of more than 1.5 million events per hour. Cyber Threat Operations Centers across the globe that protect customers every hour of every day. More thanan 180 inteeeeelllligence analysyssyssttstst and researchchchchers in momormoomo e te hanh 20 counttrieeeessss mononnnitooi thhreatteat aca tors, includding momore te hanan 60 natioon-state spsponsonss red grg oupoups. ring thousannds of offf Hundreds of Mandiant experts in 2020 20 coucoucoo ntries, with work delivered in 53535353 cocococountu ries, responding to signnnifiif ccanntt breaches worldwidedee. OUR MISSION ToTo relentlessly protect our customers with innovative technology and expertise learned on the front lines of of cyber attacks. FireEy Eye Expertise Mandiant Services Threat Intelligence Managed Defense The FireEye ECOSYSTEM FireEye and Third-Party Apps Expertise On Demand FireEye Market FireEye Helix Security Operations Platform Next Generation SIEM Orchestration & Automation Contextual Intelligence Compliance Reporting Alerts / Case Management FireEye Network Security and Forensics FireEye Email Security FireEye Endpoint Security Third- Party Solutions FireEye Helix m m t f ro al ale to A security operations platform that aallows organizations to take control of any incident from alert to o rt ke ations to take control of a ati zations to take control of any zat ns to take cont ccon ions to take control o on nizations to take control of any in niza nizations to take control of any inci anizations to take control of any incide aniz anizanizations to take control of any inciden nizzations to take control of any incident fro om aniz ent a er ert t t to tio s t to o t ns ta ake g s and augments ols and augments them ools and augments them w ty tools and augments them with SIE ty tools and augments them with SIEM tools and augments them wit y tools and augments them with S rity tools and augments them with SIEM, o rity tools and augments them with SIEM, or rity tools and augments them with SIEM, orch rity tools and augments them with SIEM, orch ity str ty t tra rity hes rity est y to at too ati oo tio ols on nd a d a an s a on an n a au an ug nd gm d me d ennt fix. FireEye Helix integrates disparate ssecurity tools and augments them with SIEM, orchestration and ppp apnta pedpp untapped untapped p e untapped pot he untapped potential he u the untapped potential of s he untapped poten he untapped potentia the untapped potential of se the untapped potential of securi e the untapped potential of security rree t e the untapped potential of security in ure the untapped potential of security investm urreee the t urre the untapped potential of security investme e the untapped potential of security inve e the untapped potential of security invest urre the untapped potential of security investment urre the untapped potential of security investments threat intelligence capabilities to capturere the untapped potential of security investments. urreurre the untapped potential of security investments the e un unt teotpd entia FireEye Network Security and Forensics protec reatt pr otect hreatt p att protection and breach dete att protection and breach detect rotec n son An advanced threat protection and breach ddetection solution with visibility into the world’s most n solu solu lutio tion with ith v on w n wit h vi vis ty ibili y in visib sibi bilit lity tt ld mo s m eatt pro ost st prote ction ection aon nd b reabr tection and and protection and breac att pro protection and breach protection and breach dde detectio ctioec eatt prote prote tection reatt prot ction s reatt pr on so reatt pro hreatt p hreatt p reatt pro hreatt pr hreatt p threatt threatt threatt threatt hreatt threatt hreatt p reatt p att prot t prot prote prote rotec d’s rotec m protec otec os t tect eteddde h ac soluti cated at ticated ed atta stic sophisticated attacks that protects networks,s, assets and users with confidence from known and ticated attac s that protects net ttackks that protects networ t at p otects attackks that protects networks d attackk that protects networks,, a ed atta kk that protects networkss, ass that protects networkss, asse ated atta ated at ets an cated a ts and cated a asset ated att ssets a cated at and cated a nd us icated a d use icated user s wi with sers ers w with h c co con fide de onf nfid den enc icated icated ticated icated icated ticated ticated ticated sticated ticated ticated ticated ticated cated a ted att cated a ed atta d atta ow ttackk a ttackk an attackk w attackk n tackks nd ackks d ackks d kks th hat ks tha pr that rot tec cts s ne woetw ksork tsseas, a and wn threaats own thr hreats nown tn threats nknowknown unknow uuunkno uuunkno uuunknow uuunkno uunkno unkno uuuuunu no uunu kuunknunkno uuuunkuuuunknuuununknuunuuunknuuunknuuunknuuunknuuunknuuunkuuunku kno uuuuunkno unknow uununknow uuununkno uuunkno nknown knoown nown t nown th wn thre own thn thre wn thr n threa thrre t hreats .atseaats u uunknown threats. he w the w orl wo rom m fro m k kn no into nto o t nce ce e f commpmpreh FireEye Endpoint Security oluu mamala A com dpoint solution that protects users with m le cple cple c come coomcome co binmbimbomb k mckocloo to blob oomprehensive A omprehensive t s nddp oiin tioo nn tt tthha omomprehensive endpoint solution that protects uusers with multiple combined engines to block mal -- p A com A commprehensive enndpoint solution that protects A comprehensive A co A co vee e dpoint solution that protects uusers with dpoint solution that protects uusers with m rs with multip th multipl with multip with multip h multiple h multiple ltiple multiple multiple multiple multiple ultiple ultiple tiple c iple c tiple ple c ttecct sers with mult t users with mult ddeet addd eecti ngg plooitss vaa eddncce aatt ware a aand exploits, detecting advanced attacks and pproviding response tools and techniques devel -- ware a aand exploits detecting advanced attacks and providing respon tecting advanced attacks and providing response ware aand exploits aand exploits, detecting advanced attacks and pproviding resp g response sponse ponse t onse t nse to onse tose too nse to se too e too e too e too tools tools e tool tool ttools tools tools toools tools tools t ols tootoools oolsools oolsols aols a s des devde elveev ware a ndd exxp e world s leadi g e world’s leading frontline responders. e world’s leading frontline responders. frontline responders ead ngg e wwo l d s l frro ntl nne re ssppoon oped by oped byy th d by thbb th byby th oped yy t oped by ginngineine ngengend e chnchechtecd tnd ted te tos tesnes esuequequniqhniquniq nedineed ed s ans aols andand prroo taacckkks ehensiv FireEye Email Security tops email-borne threaeats with first-hand knowledge of attacks and eaats with first-ha ttack ne threaats with first-han An email pro acks and rorotection solution that s on so k and onn tt no ow tops email-borne t wle edg n f af aof aof aof ofof of ofe oe oe oge ge dge nd dddd f atattaatt at rrotection o o solution t and ks as and nd d dd d d d d ndndnanndndanananananandananand ksckckacacckacacacacacackckacacckckscksks anand ks a nd k a an d kn s s a kno an an ow nd ed nd ed wle nd d dg d d e oge ge d ttac tacks and d tto An email pro An email pr on that s An email p oter ecti hat s with first attackers bef e tthe caan cause any harm. The solutio attacke b f us URLs us URLs, ciociociciciciocioiociocioioouououuss Uusus UURURURLRLsRLsRLRLRLsLsLsRLLRLRRLRLRLRRLRRRRRRUURUUURURUUUUUUUs Uss UUUss Us Us Us URLs, ks not only iociocio ocks not only m attackers bef ou fore theyy can cause any harm. The solution bloocks not only ma ou theyy can cause any harm. The solution blocks not only mal us malw s war s U are us alwa Th us wa s U re a U e a U an U and UR d s UR d su UR nd UR nd UR su R sus RL sus RL usp Ls spi LsL spi RLL usp RL usp s, picspic piccious URLs, ciouciociocioccipiccpiccioiccipiccpiccious URLs, ous iouus UR ous s URLs RL ers be or causee ocks not only malware and suspicious URLs efefore they can cause any harm. The solution bloocks not only malware and suspicious URLs, but also phis phish hhing an andd imp mpersonation techniques. ation techniques l but also ph t hish g a ing d impers but also phishi hihing and impersonation techniques. uttio h FireEye Expertise On Demand viding flex y ope perat providing flexib e extends secuurity o e a tion curity opera a urity operation c ac c ipiption that extends security operations capabililities by providing flexible access to rity operation t ap ab yy a oty c ilit es ie s b by roviding flexi ding fle ratio An annual subscrip ptioon b rity o ble urity op p le urity op e urity ope urity ope e urity oper a curity operat ac curity operat c urity oper a a urity operati c urity operatio cc urity operatio cc urity operation c rity operations ce ity operations ce r i c ce ty operation c ce ty operations c e ce y operations ca e yt e ca e p oy e pa e e e e e e ab bil e e c bi cc it cc tie es e ce a ble y p y pr bl by e providing flexib y ap oy o po o op p er er e pe e pe ra ra att ati o on tio o tio on ns ns onsnsns s ons ns n An annu nual sub ubscrip pp ness risk a e. Expertise On s business risk asso o ity expertisee. Expert On Dn D em e. oc ma c dd security expertise. Expertise On Demand redduces business risk associated with cia E E a nd e pe ed re p du er ert ce rtise s business risk as o business risk as s risk se O industry-recognized dd s ti as . Expertise s . Expertise O ss e. Expertise O so e. Expertise O e. Expertise O so e. Expertise On o e. Expertise On c e. Expertise On D ci On oc c . Expertise On D ia Expertise On D ia . Expertise On De a De at E m t Ex m te Ex em at E at E te x te x an te xp te n xp te d pe te d e te nd e te r te te rt te ti a uc es ia uc se at dd tis at eis ese es Oe es Oe O On as usin On siness risk as O O O n O On Dn Dn Dn indust On nized hiring, training and re d ecurity talent by d, ecurity talent by , ecurity talent by w ecurity talent by ecurity talent by w ecurity talent by p w eecurity talent by pr h ecurity talent by pr he e p wh curity talent by p h ro ec e ro e ec ov en c ov en cu id n u d n ur v n cu vi n u d n r din n ri in n rit n n it g y n t y g ty g ty n th y t n th t n he t n he ta e ex ale he ex le n e a en e al he xp e h pe en wh er en rts you need, w en ou need t nt ts you need, w nt you need, nt t bb bt bnt aining ent g and t b hirin nt b alen d re eetain reretaining cyber security talent by providing thee experts you need, when you need ty tal cyber seecurity t them. them. ining cy stry-rec that ex ing, tra ecogni ecurit lio o f Inte ortfol FireEye Threat Intelligence cre in ciptions and services that goe ptions subsc easi e se subsciptions and services that goes far beyonnd increasing a security s f g i tp ar r a r a b be o on yo ns a A portfolio of Intelligence s ciptions and services that go cip ciptions and services that go ciptions and services that go ciptions and services that go ciptions and services that go c ciptions and services that go oe ci e ci c oe es s es ip s p fa fa f b e ey p ti tio pt pt io o o on ns s n n s s a a an an an a ndndnanana A po and anndnd nce d in re ea as as si in g g n ng ng a a a a s a s s a a s s s s s s s s s a nd nc ties ly tual in h hi nf gh by h fo hl y y a on co n y add nte ex ddi product’s blocking capabilit xt the forward-looking ddi s b tu the forward-lookingg ddi s b ua the forward-looking ddi s b a the forward-looking ddi s b ng al s ng i g, s nf g, s f s g in the forward-looking ddi s b n b ofo b h o b h or b ig rm y g rm y r by rm y g m a m a m a m ad m y c dd rm c dd m d m d rm d d di di nin di innnnnin din block n pro n capabili ili itities by adding the forward-looking, highly contntextual information rm or fo l xtual inf xt organizations need to build ppp p pproactive defenses, prioritize alerts, allocate rees pproactive defenses, prioritize alerts, allocate resesources and improve rts, allocate resso pprp o ts p pproactive defenses, prioritize aler ts u p pproactive defenses, prioritize alert ts ur ppp proactive defenses, prioritize alerts rc ppp s, pprp es s, pprp s ppp ts ce pppproactive defenses, prioritize alerts ce s, r s , s a ro a a ro a a o all an a llo n ac a a oa al an oa o n c o n ct oc n ct n ca t n te n v an e v n ca ti n at iv an e r ve a re a ve e sources a ve sources e e e ource e de de de e or e d organ ive s nee activ e ve build pproact incid nt res incident response.nse ed to b elligen king c ct’s b oduc spon tions nizat dent FireEye Managed Defense A managed detection and respons managed detection and resp n tection and re d detection and res ananannnn an nananan n nd nd d d r es re d re anaged detection and respppspspspspeses AA managed detection and resp ged detection and resp anaged detection and resp FireEye technolo expertise, FireEye technology and u ertise, FireEye technology xpertise, FireEye technology se, FireEye technolog ertise, FireEye technologgygygygygyogogoloonoloolnonhnnhnhhhnhhhhnhnhnhn e eexpertise, FireEye technology Eye technol h mizmmimnimminminnimnimimmmmmmmmmmmmmm aatt cle to minimiz attacker lif cle to minimimi acker lif cle to minimiz tacker lif cle to minimi cker lif r lifecycle to minim ecycle to minim cle to min attacker lifecycle to minimize the pot t ry-rec ust t try nse (MDR) service that combines industry us stry us stry-re us stry-re stus ry-rec y rec tryst t t ry-rec stus try-rec tst ry-rec y-rec nse (MDR) service that combines industry-recognized cyber cyber security unparalleled knowledge of attackers to identify threats early in the in the unparalleled knowledge of attacke otential impact of a breach otential impact of a breach. eco co FireEye Mandiant A world-renowned incident response and a AA world-renowowwnwnenened AA world r -reno A orld-reno ld seervices tos to po prprorot services to protect vital organizational assets. Man services attackcker oof attac of attacker behavior, unmatched threat intelligence, and pu assessment, enhancement and transformation consulting assessme ts ts. Mandiant reduces business risk with a deep understanding ce, and purpose-built technology. 2018 HIGHLIGHTS B CCBBYY C OTECCCCCB Y CATEGORY ATEGE BILLINGS1 ti Cloud loCloudo Subscription ub && M&& Managed & Manageded Services vS 29%%929%9 $856 million Product & od t & Relatededatede Subscription Su ipt & & Supportrt 53%3%% Professional Services 18% ripiptip Cloud ud C Subscription & ana & Managed ge Services Seerve 23%%2 ssion Professional Pr Services S 17%7% BYB REVENUE BY CATEGORYGGO B OORO CA ATTA BY RREGIOGIONONNONOIOOIGIIEEGGREEERRRY RBYYBYBB REVENUE BY REGION Rest of World st of Wf WoWWorlWororlWorWoWWWf Wf WoofosttseR 6%%%%6%6 AsiaAsiaaaasisAA PacificcficcifiacP 15%15%%5%15511 $831 million Product & & P Related Relatedd Subscription Subscriptptiotiontiontioptiotioptipripcripriscrc & SuppppoporppopopppopupppupuSuS & Support 60%600%0%%0%0%0060606660%%%%%%0%0%060 EMEA 16% $831 million US 63% SELECTED FINANCIAL DATA Dollars in thousands Revenue Billings1 20162 20172 $705,995 $779,648 $822,787 $761,999 Deferred revenue $927,749 $910,100 2018 $830,950 $855,678 $934,828 Cash, cash equivalents and short term investments Cash flow from operations $$ $935,725 $896,802 $1,116,520 4($14 4,585) $17,646464640 $17,381 Total assets $2,526,09 09 092 $2,4 2,42,42,458,837 $2,696,078 Total stockholders’ equity $710,006 66 $632,216 $650,394 Forward-looking statements The letter to stockholders contains forward-looking statements, in ncluding stateme eents related to expectations and beliefs regarding plans, expected growth, innovations, and the security market. These forward-looking statements involv ve risks and un ununcertainties, as well as assumptions which, if they do not fully materialize or prove incorrect, could cause our results to differ materially from those expressed o cccould cause our results to differ materially from those expressed or implied b d bd by such forward-looking statements. The risks and uncertainties that could cause such results to diffediffediffer materially from those expressed or implied by such forward-look ffer materially from those expressed or implied by such forwa ookooking statements include customer demand and adoption of FireEye’s offerings; real or perceiv or perceived defects, erroerroerrors or vulnerabilities in FireEye’s offerings; FireEye’s ability rors or vulnerabilities in FireEye’s offerings; FireEye’s abil tyty to react to trends and challenges in its business and the markets in which it ope h it operates; FireEye’s ability to anticipate marmarmarkarket needs or develop new or enhanced offerings gsgs to meet those needs; FireEye’s ability to hire and retain critical execut l executives and key employees; and general economic conditions; ans; ans; as; as well as those risks and uncertainties inc incincluded under the captions “Risk Factors” and “Managemen agement’s Discussion and Analysis of Financial Condition and Results of Operations,”ns,”ns,” ins,” in FireEye’s Annual Report on F F Form 10-K filed with the Securities and Exchang Exchange Commission on February 25, 2019, which is available on the Investor Relations section of the he he ce company’s website at in t int investors.FireEye.com and on the SE n the SEC website at www.sec.gov. All forward-looking statements in the letter are based on information available to FireEye as as as oas of the date her herhereof, and FireEye does no e does not assume any obligation to update the forward-looking statements provided to reflect events ter ter the d ter that occur or circumstances that exist after ddate on which n which they were made. 1 Billings are a non-GAAP metric mathematicallally equivalent to revenue plus the change in deferred revenue. A reconciliation of billings to revenue can be found in the Key Business Metrics section of Management’s DisDiscussion and Analysis of Financial Condition and Results of Operations on page 59 of the Annual Report in this publication. 2 FireEye adopted Accounting Standards Update 2014014-09, Revenue from Contracts with Customers (Topic 606), effective January 1, 2018, using the full retrospective method. Certain prior period amounts have been adjusted as a ra result of adoption of the new standard. FireEye | 2018 ANNUAL REPORT 1 TO O In 2018, we continued to make significant progress on our journey from a pioneer in advanced threat detection to a leading provider of a comprehensive security operations platform that blends our innovative technologies, threat intelligence, and expertise gained on the front lines of cyber conflict. We improved the value of our network, email and endpoint security products while innovating solutions that we believe will drive our future growth. We rallied around our mission, and maintained a leadership position in incident response aand threat intelligence within the security industry. We demonstraated our commitment to profitability and continued to drive efficiiencies across our business. Highlightts of our 2018 performance included: • Revenue of $831 million, an increase of seven percent from 2017. More than 80 percent of our non-services revenue was recognized from deferred revenue as we continued to transition to a recurring subscription business model; • Full-year operating profitability, on a non-GAAP basis, for the first time in our history; • Positive free cash flow for the full year, also for the first time in our history; • New functionality and expanded threat detection in our network, email and endpoint security solutions, enabling us to win new customers; • Expansion of our FireEye Helix security operations platform; • Launch of our Expertise On Demand offering, enabling immediate access to our threat intelligence and expertise through a menu of intelligence subscriptions and Mandiant services; 2 FireEye | 2018 ANNUAL REPORT • Launch of our FireEye Market with more than 500 integrations and applications for FireEye solutions; • A simplified go-to-market strategy with new subscription pricing and packaging, as well as “click-to-try” evaluations available directly from our website; • Increased commitment from our channel partners, evidenced by an increase in channel-sourced new business; and • More than 1,100 new customers. We have charted a course for our future based on our unique advantages and an expanding opportunity. The following is a brief summary of FireEye today and our mission, strategy, solutions and priorities that drive our progress in 2019. FireEye Today Our identity is based on the fundamental belief that our hands-on cybersecurity expertise and threat intelligence, combined with our innovative technology, provides the best means to protect our customers from cyber threats. Our real-time intelligence on threat actors and the techniques they employ, combined with our knowledge of how organizations combat cyber attacks, allows us to address today’s threats and adapt to changes in the threat landscape in the future. Our Mission Our mission is to relentlessly protect our customers from cyber threats with innovative technology and expertise learned on the front lines of cyber attacks. When we are able to mitigate the impact and consequences of cyber attacks, whether through our innovative technology, threat intelligence, or professional services, we are accomplishing our mission. Our Advantage The attackers we fight are frequently dynamic, determined, and well resourced. Our primary advantage is our comprehensive view into their activities, which guides our product development priorities and helps us arm our experts as they prevent, respond to and remediate attacks. We believe we know more about threat actors than any other security company. Our global network of analysts provides us with adversary-based intelligence, our installed base of millions of virtual machines provides us with high-fidelity, real-time visibility into on-going attacks, and our Mandiant services engagements allow us to see how attackers have evaded existing security technologies. We use this knowledge in a unique learning system that harnesses the power of our expertise and our technical engineers in a continuous Innovation Cycle. This is the FireEye difference. FireEye i | 2018 ANNUAL REPORT 3 Our Strategy Our goal is to defend our customers from all cyber threats, everywhere and at all times, through a seamless blend of technology, intelligence and expertise, unified in our Helix security platform. We use our intelligence and expertise to build better products, unified in a single platform that enables more efficient and effective security operations. Just as importantly, our experts stand ready to help our customers when the need arises. This platform-based, customer-first approach exists in sharp contrast to an industry often focused on the latest hot technology or “best-of-breed” point product. Our focus on improving security outcomes is the primary reason our existing enterprise-class customers have continued to expand their deployments of FireEye solutions. We complement our innovative solutions with a dedicated Customer Success team focused on helping our customers achieve their desired outcomes. Launched in early 2018, our Customer Success team has played a pivotal role in driving customer adoption of our FireEye Helix security operations platform and evangelizing the benefits of security orchestration and automation within the industry. Our Solutions Our security solutions and services are available to customers individually or in conjunction with our Helix security operations platform. Our network, email and endpoint security products use multiple detection engines, including machine learning and heuristic models, to catch threats often missed by other security solutions. These products can be deployed on premise, in the cloud, or in hybrid environments, with or without our purpose-build appliances, depending on our customers’ needs. Our solutions are further differentiated by integration with our threat intelligence and expertise through Helix. Helix was designed to empower security professionals to apply the full scope of FireEye’s portfolio so they can take control of any security incident. Helix is an open, interoperable platform that consumes telemetry from FireEye products and integrates equally well with data from third-party products or cloud providers. Using Helix, security professionals can reduce their workload with automation, assess impact with threat intelligence, and add virtual frontline experts with our Expertise On Demand and Managed Defense offerings. We believe our platform offers the greatest value when customers use FireEye Helix with our network, endpoint and email security solutions and services. However, our solutions protect customers’ investments, whether they expand from a single solution or deploy the entire platform in a comprehensive security transformation project. 4 FireEye | 2018 ANNUAL REPORT Our Future1 2018 was a year of growing momentum for FireEye. I believe we are well positioned to capitalize on the momentum we generated in 2018. We have built sustained differentiation for our solutions through our unique Innovation Cycle. We have made our threat intelligence and cybersecurity expertise accessible to every customer through our Expertise On Demand offering. And most importantly, we have a great, mission-driven team of employees. 2019 is about continuing to win the hearts, minds, and trust of our customers. We are committed to continue to execute on our multi-year growth plan with new innovations and go-to-market initiatives. We are leveraging our marketing machine to amplify our expert voices and build thought leadership for our platform. We are also focused on further developing a unique and authentic brand identity that embodies our mission, our vision and our values. I am excited for FireEye and look forward to reporting on our progress next year. On behalf of everyone at FireEye, thank you for your continued support. Sincerely, Kevin R. Mandia Chief Executive Officer 1 Cautionary statement regarding forward-looking statements in this letter can be found on the inside front cover of this publication. FIREEYE, INC. 601 McCarthy Blvd. Milpitas, California 95035 NOTICE OF ANNUAL MEETING OF STOCKHOLDERS To Be Held at 10:00 a.m. Pacific Time on Thursday, May 23, 2019 Dear FireEye Stockholder: You are cordially invited to attend the 2019 annual meeting of stockholders (the “Annual Meeting”) of FireEye, Inc., a Delaware corporation (“FireEye”). The Annual Meeting will be held on Thursday, May 23, 2019 at 10:00 a.m. Pacific Time, at 601 McCarthy Blvd., Milpitas, California 95035, for the following purposes, as more fully described in the accompanying proxy statement: 1. To elect three Class III directors to serve until the 2022 annual meeting of stockholders or until their successors are duly elected and qualified; 2. To ratify the appointment of Deloitte & Touche LLP as our independent registered public accounting firm for our fiscal year ending December 31, 2019; 3. To conduct an advisory vote to approve the compensation of our named executive officers for our fiscal year ended December 31, 2018, as described in the proxy statement; and 4. To transact such other business as may properly come before the Annual Meeting or any adjournments or postponements thereof. Our board of directors has fixed the close of business on March 25, 2019 as the record date for the Annual Meeting. Only stockholders of record on March 25, 2019 are entitled to notice of and to vote at the Annual Meeting. Further information regarding voting rights and the matters to be voted upon is presented in the accompanying proxy statement. On or about April 8, 2019, we expect to mail to our stockholders a Notice of Internet Availability of Proxy Materials (the “Notice”) containing instructions on how to access our proxy statement and our annual report. The Notice provides instructions on how to vote via the Internet or by telephone and includes instructions on how to receive a paper copy of our proxy materials by mail. The accompanying proxy statement and our annual report can be accessed directly at the Internet address listed on the Notice. YOUR VOTE IS IMPORTANT. Whether or not you plan to attend the Annual Meeting, we urge you to submit your vote via the Internet, telephone or mail as soon as possible so that your shares can be voted at the Annual Meeting in accordance with your instructions. Thank you for your continued support of FireEye. P r o x y S t a t e m e n t By order of the Board of Directors, Kevin R. Mandia Chief Executive Officer Milpitas, California April 8, 2019 TABLE OF CONTENTS PROXY SUMMARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . QUESTIONS AND ANSWERS ABOUT THE ANNUAL MEETING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . BOARD OF DIRECTORS AND CORPORATE GOVERNANCE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Nominees for Director . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Other Directors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Director Independence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Board Leadership Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Board Meetings and Committees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Compensation Committee Interlocks and Insider Participation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Considerations in Evaluating Director Nominees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Stockholder Recommendations for Nominations to the Board of Directors . . . . . . . . . . . . . . . . . . . . . . Communications with the Board of Directors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Corporate Governance Guidelines and Code of Business Conduct and Ethics . . . . . . . . . . . . . . . . . . . . Risk Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Stockholder Engagement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Outside Director Compensation Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2018 Director Compensation Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PROPOSAL NO. 1 ELECTION OF DIRECTORS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Nominees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Vote Required . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PROPOSAL NO. 2 RATIFICATION OF APPOINTMENT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Fees Paid to the Independent Registered Public Accounting Firm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Auditor Independence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Audit Committee Policy on Pre-Approval of Audit and Permissible Non-Audit Services of Independent Registered Public Accounting Firm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Vote Required . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PROPOSAL NO. 3 ADVISORY VOTE TO APPROVE NAMED EXECUTIVE OFFICER COMPENSATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Vote Required . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . AUDIT COMMITTEE REPORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . EXECUTIVE OFFICERS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . EXECUTIVE COMPENSATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Compensation Discussion and Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Compensation Committee Report Summary Compensation Table for Fiscal Year 2018 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Grants of Plan-Based Awards Table for Fiscal Year 2018 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Outstanding Equity Awards at 2018 Fiscal Year-End Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Option Exercises and Stock Vested for Fiscal Year 2018 Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Employment Agreements for Executive Officers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Change of Control Severance Policy for Officers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Potential Payments upon a Change of Control, upon Termination or upon Termination Following a Change of Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Equity Compensation Plan Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . CEO Pay Ratio . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Page 1 7 15 15 17 18 18 19 21 21 22 22 22 23 23 24 25 26 26 26 27 27 27 28 28 29 29 30 31 33 33 56 57 58 59 61 61 62 63 64 65 P r o x y S t a t e m e n t -i- TABLE OF CONTENTS (Continued) SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT . . . . . . . . . . 67 RELATED PERSON TRANSACTIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Indemnification Agreements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Policies and Procedures for Related Party Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 CEO Travel Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 OTHER MATTERS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Section 16(a) Beneficial Ownership Reporting Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Available Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 71 Company Website . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ANNEX A—RECONCILIATION OF NON-GAAP FINANCIAL MEASURES . . . . . . . . . . . . . . . . . . . . . A-1 Page -ii- P r o x y S t a t e m e n t YOUR VOTE IS IMPORTANT PROXY SUMMARY This proxy summary highlights information contained within this proxy statement. You should read the entire proxy statement carefully and consider all information before voting. Page references are supplied to help you find further, more detailed information within the proxy statement. VOTE RECOMMENDATIONS AND RATIONALE Voting Matter Proposal #1: Election of Class III Directors (page 26) Our Board of Directors and our Nominating and Corporate Governance Committee believe the three director nominees possess the skills and experience to effectively monitor performance, provide oversight, and advise management on our long-term business strategy. Independent Registered Public Proposal #2: Ratification of Appointment of Accounting Firm (page 27) Our Board of Directors and our Audit Committee believe that the continued retention of Deloitte & Touche LLP for the fiscal year ending December 31, 2019 is in the best interests of the Company and its stockholders. Although not required by our bylaws, stockholders are asked to ratify the appointment of Deloitte & Touche LLP as a matter of good corporate governance. Proposal #3: Advisory Vote to Approve Named Executive Officer Compensation (page 29) Our 2018 executive compensation program demonstrates the continued evolution of our “pay for performance” philosophy, and reflects industry standards and the intense competition for executive talent in the San Francisco Bay Area. Changes compared to our 2017 executive compensation program reflect feedback received through our ongoing stockholder outreach and investor communications programs. Board Vote Recommendation FOR FOR FOR FISCAL 2018 BUSINESS HIGHLIGHTS In 2018, we continued our evolution from a pioneer in advanced security products to a leading provider of a comprehensive security operations platform that blends our innovative technologies, threat intelligence, and expertise gained on the front lines of cyber conflict. During the year, we delivered innovations across our portfolio of products and solutions while continuing to deliver growth and improved operating performance. Our services business, including our Managed Defense security service and our Mandiant incident response and cybersecurity consulting services, remained strong and we introduced our Expertise On Demand offering, which enables organizations to augment their security teams with our Mandiant frontline experts, threat intelligence and services at a click of a button. Highlights of our 2018 financial performance included: • • • Revenue of $831 million, an increase of 7% compared to 2017, and billings of $856 million, an increase of 12% compared to 2017.* A 24% decrease in operating losses, compared to 2017, as we continued to focus on efficiency and productivity throughout the organization. Operating expenses declined 1% from 2017. A 3% increase in deferred revenue compared to December 31, 2017. We ended 2018 with $935 million in deferred revenue, of which 60% will be recognized in 2019. -1- • • Positive operating cash flow of $17 million, consistent with 2017 operating cash flow. 2018 operating cash flow included approximately $44 million in amounts deemed to be repayment of accreted debt discounts associated with the repurchase and retirement of $340.2 million in principle amount of convertible senior notes. Continued high customer retention rates, particularly among enterprise-class organizations. Following a management transition and restructuring in the second half of 2016, we have demonstrated continuous progress against our long-term financial objectives. In 2018, we achieved top-line growth for revenue and billings, achieved positive non-GAAP operating profitability and generated positive free cash flow (a non-GAAP metric that excludes capital expenditures and amounts deemed to be repayment of accreted debt discount on retired convertible senior notes) for the full year. The charts below illustrate our quarterly performance in 2018 against these key performance metrics. 2018 REVENUE BY QUARTER 2018 BILLINGS BY QUARTER* s n o i l l i M $250 $200 $150 $100 $50 $0 s n o i l l i M $20 $10 $0 -$10 10% 8% 6% 4% 2% 0 Y e a r o v e r Y e a r G r o w t h s n o i l l i M $300 $250 $200 $150 $100 $50 $0 30% 25% 20% 15% 10% 5% 0 Y e a r o v e r Y e a r G r o w t h Q1 Q2 Q3 Q4 Billings YoY Growth Rate** Q1 Q2 Q3 Q4 Revenue YoY Growth Rate** 2018 NON-GAAP OPERATING INCOME BY QUARTER* 2018 FREE CASH FLOW BY QUARTER* 10% 5% 0% -5% P e r c e n t o f R e v e n u e s n o i l l i M $20 $15 $10 $5 $0 -$5 -$10 -$15 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Non-GAAP Operating Income (loss) % of Revenue * Billings, non-GAAP operating profit and free cash flow are non-GAAP financial measures. A reconciliation of GAAP to non-GAAP financial measures is provided in Annex A included at the end of this proxy statement. ** FireEye adopted Accounting Standards Update 2014-09, Revenue from Contracts with Customers (Topic 606), effective January 1, 2018, using the full retrospective method. Periods prior to January 1, 2018 have been adjusted to reflect the adoption of the new standard. CORPORATE GOVERNANCE We believe that strong corporate governance strengthens board and management accountability, leads to better business performance and aligns the long-term interests of our management team with our stakeholders, including our employees, our customers and our stockholders. We adopted corporate governance “best practices” before our initial public offering, and we have continued to enhance our governance practices consistent with the highest standards since then. The Board of Directors and Corporate Governance section begins on page 15 and describes our policies and practices in detail. -2- Highlights of our current corporate governance policies include: • 100% independent committee members in Audit Committee, Compensation Committee and Nominating and Corporate Governance Committee • Recognition of the importance of diverse viewpoints when nominating and evaluating directors • Separate Chairperson and CEO roles • Stock ownership requirements for directors • Independent Chairperson • Regularly scheduled executive sessions for independent directors without management present. • Board risk oversight by full board and financial, and committees, business compliance and reputational risks. including strategic, operational, legal and and named executive officers • Adoption of formal Corporate Governance Guidelines and Code of Business Conduct and Ethics policies for directors, officers and employees • Periodic review of committee charters and governance policies • Active and ongoing stockholder outreach/ engagement activities • Majority voting for election of directors • Director and executive officer succession planning STOCKHOLDER ENGAGEMENT We believe that effective corporate governance includes regular, constructive conversations with our stockholders, and we value our stockholders’ continued opinions and feedback. We are committed to maintaining an active dialogue to understand the priorities and concerns of our stockholders on the topics of executive compensation and corporate governance policies and practices. In the last 12 months, as part of our stockholder engagement program, we have engaged in substantive discussions on executive compensation, corporate governance and corporate performance and strategy with our institutional stockholders, including the majority of our top 20 stockholders. Maintaining an active dialogue with our stockholders is consistent with our corporate values of transparency and accountability, and we intend to continue these efforts in the future. EXECUTIVE COMPENSATION To succeed in the rapidly evolving and competitive cybersecurity industry, we must attract and retain a highly talented executive team. We designed our executive compensation program to foster a “pay for performance” environment that aligns the long term-interests of our executives with those of our stockholders. In response to stockholder feedback, as well as concerns expressed by the major proxy advisory firms, we have continued to revise and enhance our executive compensation program while remaining consistent with our stated compensation objectives and corporate values. For example, in response to our 2017 say-on-pay vote, as well as feedback from our stockholders received through our ongoing stockholder engagement efforts and commentary from the major proxy advisory firms in their annual compensation analysis and voting recommendations, we made several changes to our 2018 executive compensation program compared to 2017: • For our 2018 annual cash incentive program, we selected revenue instead of billings as one of the three corporate performance measures. This change reflected specific feedback we received from our stockholders requesting that we refrain from using billings as a performance measure for both our short-term and long-term incentive compensation programs. -3- P r o x y S t a t e m e n t • • For most equity awards granted in 2018 (both time-based and performance-based), we increased the vesting period to four years, with 25% of the shares subject to such awards scheduled to vest per year subject to continued service through the applicable vesting date. For both our 2018 annual cash incentive program and performance-based equity awards granted in 2018, we established a 0% payout with respect to any corporate performance measure that does not improve, on an absolute dollar basis, compared to 2017 when calculated in accordance with the same accounting standards. In response to our 2018 say-on-pay vote, as well as feedback from our stockholders received through our ongoing stockholder engagement efforts and commentary from the major proxy advisory firms in their annual compensation analysis and voting recommendations, we have made the following changes to our 2019 executive compensation program: • • • For our 2019 annual cash incentive program, we removed non-GAAP operating income as one of the corporate performance measures. This change reflected specific feedback we received that we refrain from using the same performance measure for both our short-term and long-term incentive compensation programs. For the performance-based equity awards granted in 2019, we tied 80% of the awards to our billings and non-GAAP operating income performance over three separate consecutive annual performance periods (e.g., for the 80% portion, 1/3 is tied to 2019 performance, 1/3 is tied to 2020 performance and 1/3 is tied to 2021 performance), with any shares earned for a performance period vesting shortly after the completion of that performance period (so that the award, to the extent earned, will vest 1/3 per year). This is different than our prior practice where the awards were based on a single year’s performance followed by time-based vesting of earned shares in subsequent years. This change reflected specific feedback we received that we shift more of our executive officers’ long-term compensation toward sustained multi-year company performance. For the performance-based equity awards granted in 2019, we tied 20% of the awards to a new relative Total Shareholder Return (rTSR) performance measure. The rTSR measure is based on our stock performance relative to the stock performance of companies in the Russell 2000 Index over a three- year performance period (2019-2021). Given that half of the equity awards granted to our executive officers in 2019 were performance-based equity awards, 10% of all such equity awards are based on the rTSR measure. The introduction of the rTSR measure reflected specific feedback we received that we shift more of our executive officers’ compensation toward long-term stock performance. -4- Our executive compensation program was designed to (1) allow us to attract and retain highly qualified executive talent, (2) motivate our executives to achieve our short-term and long-term objectives for growth and profitability, and (3) reflect a “pay for performance” philosophy that aligns the long-term interests of our executives with those of our stockholders. Highlights of our executive compensation policies and practices include: What we do: What we don’t do: • Provide for performance-based cash and equity incentives, with approximately 50% of total compensation “at risk,” based on achievement of corporate and individual performance measures • No “single trigger” change of control payments or benefits • Maintain a clawback policy for recovery of • No tax gross-up for change in control payments or incentive compensation in the event of fraud or intentional misconduct benefits • Maintain stock ownership guidelines for named executive officers and non-employee directors • No perquisites or other personal benefits to executive officers unless they serve a sound business purpose • Maintain 100% independence of Compensation • No short sales, hedging or pledging of stock Committee members ownership positions or transactions involving derivatives of our common stock • Regularly review executive target total direct • No strict benchmarking of compensation to a compensation relative to peer companies of similar size and with similar operating characteristics specific percentile of our peer group • Engage an independent compensation consultant to • No guaranteed incentive compensation, indefinite advise the Compensation Committee contracts, or excessive severance payments • Establish single and multi-year performance • No repricing or reissuance of stock options without P r o x y S t a t e m e n t stockholder approval • No pension, defined benefit retirement plans or non-qualified deferred compensation plans requirements that reflect our near- and long-term objectives of balanced growth, profitability and cash flow generation • Require multi-year vesting periods for most equity awards, consistent with current market practices and long-term value creation goals • Align long-term interests of executives and stockholders and encourage value creation with a high percentage of target total direct compensation in the form of time- and performance-based equity awards -5- The charts below show the components of the 2018 target total direct compensation for our CEO and illustrate the mix of “at-risk” and performance-based pay. 2018 target total direct compensation for our other Named Executive Officers, as a group, was similar to that of our CEO with respect to the ratio of “at risk” to total compensation and the weighting of individual and corporate performance objectives. CEO 2018 TARGET TOTAL DIRECT COMPENSATION MIX Cash Incentive 7% Base Salary 6% “At Risk” / Performance Based 50% PSUs 44% CEO 2018 TARGET CASH INCENTIVE COMPENSATION Individual Performance 25% RSUs 44% Corporate Performance 75% OTHER NEOs 2018 TARGET TOTAL DIRECT COMPENSATION MIX* OTHER NEOs 2018 TARGET CASH INCENTIVE COMPENSATION* “At Risk” / Performance Based 47% PSUs 39% Cash Incentive 8% Base Salary 12% Individual Performance 25% RSUs 41% Corporate Performance 75% * Average for all of our Named Executive Officers as a group. CAUTIONARY STATEMENT REGARDING FORWARD-LOOKING STATEMENTS This proxy statement contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended (the “Exchange Act”). Forward-looking statements are all statements (and their underlying assumptions) included in this proxy statement that refer, directly or indirectly, to future events or outcomes and, as such, are inherently not factual, but rather reflect only our current projections for the future. Consequently, forward-looking statements usually include words such as “estimate,” “intend,” “plan,” “predict,” “seek,” “may,” “will,” “should,” “would,” “could,” “anticipate,” “expect,” “believe,” or similar words, in each case, intended to refer to future events or circumstances. Our future results may differ materially from our past results and from those projected in the forward-looking statements due to various uncertainties and risks, including, but not limited to, those included under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in our Annual Report on Form 10-K, as filed with the SEC on February 25, 2019. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof and are based upon information available to us at this time. These statements are not guarantees of future performance. We disclaim any obligation to update information in any forward-looking statement. Actual results could vary from our forward-looking statements due to the factors described in our Annual Report on Form 10-K, as well as other important factors. -6- FIREEYE, INC. PROXY STATEMENT FOR 2019 ANNUAL MEETING OF STOCKHOLDERS To Be Held at 10:00 a.m. Pacific Time on Thursday, May 23, 2019 This proxy statement and the enclosed form of proxy are furnished in connection with the solicitation of proxies by our board of directors for use at our 2019 annual meeting of stockholders (the “Annual Meeting”), and any postponements, adjournments or continuations thereof. The Annual Meeting will be held on Thursday, May 23, 2019 at 10:00 a.m. Pacific Time, at 601 McCarthy Blvd., Milpitas, California 95035. The Notice of Internet Availability of Proxy Materials (the “Notice”) containing instructions on how to access this proxy statement and our annual report is first being mailed on or about April 8, 2019 to all stockholders entitled to receive notice of and to vote at the Annual Meeting. QUESTIONS AND ANSWERS ABOUT THE ANNUAL MEETING The information provided in the “question and answer” format below addresses certain frequently asked questions but is not intended to be a summary of all matters contained in this proxy statement. Please read the entire proxy statement carefully before voting your shares. What matters am I voting on? You will be voting on: • • • • the election of three Class III directors to hold office until the 2022 annual meeting of stockholders or until their successors are duly elected and qualified; a proposal to ratify the appointment of Deloitte & Touche LLP as our independent registered public accounting firm for our fiscal year ending December 31, 2019; an advisory vote to approve named executive officer compensation; and any other business that may properly come before the Annual Meeting or any adjournments or postponements thereof. How does our board of directors recommend that I vote? Our board of directors recommends that you vote: • • • FOR the three nominees for election as Class III directors; FOR the ratification of the appointment of Deloitte & Touche LLP as our independent registered public accounting firm for our fiscal year ending December 31, 2019; and FOR the approval, on an advisory basis, of named executive officer compensation. Will there be any other items of business on the agenda? If any other items of business or other matters are properly brought before the Annual Meeting, your proxy gives discretionary authority to the persons named on the proxy card with respect to those items of business or other matters. The persons named on the proxy card intend to vote the proxy in accordance with their best judgment. Our board of directors does not intend to bring any other matters to be voted on at the Annual Meeting, and we are not currently aware of any matters that may be properly presented by others for consideration at the Annual Meeting. -7- P r o x y S t a t e m e n t Who is entitled to vote at the Annual Meeting? Holders of our common stock at the close of business on March 25, 2019, the record date for the Annual Meeting (the “Record Date”), are entitled to notice of and to vote at the Annual Meeting. Each stockholder is entitled to one vote for each share of our common stock held as of the Record Date. As of the Record Date, there were 203,166,974 shares of common stock outstanding and entitled to vote. Stockholders are not permitted to cumulate votes with respect to the election of directors. What is the difference between holding shares as a stockholder of record and as a beneficial owner? Stockholder of Record: Shares Registered in Your Name. If, at the close of business on the Record Date, your shares were registered directly in your name with American Stock Transfer & Trust Company, LLC, our transfer agent, then you are considered the stockholder of record with respect to those shares. As the stockholder of record, you have the right to grant your voting proxy directly to the individuals listed on the proxy card or to vote in person at the Annual Meeting. Beneficial Owners: Shares Registered in the Name of a Broker, Bank or Other Nominee. If, at the close of business on the Record Date, your shares were held, not in your name, but rather in a stock brokerage account or by a bank or other nominee on your behalf, then you are considered the beneficial owner of shares held in “street name.” As the beneficial owner, you have the right to direct your broker, bank or other nominee how to vote your shares by following the voting instructions your broker, bank or other nominee provides. If you do not provide your broker, bank or other nominee with instructions on how to vote your shares, your broker, bank or other nominee may, in its discretion, vote your shares with respect to routine matters but may not vote your shares with respect to any non-routine matters. Please see “What if I do not specify how my shares are to be voted?” for additional information. Do I have to do anything in advance if I plan to attend the Annual Meeting in person? Stockholder of Record: Shares Registered in Your Name. If you were a stockholder of record at the close of business on the Record Date, you do not need to do anything in advance to attend and/or vote your shares in person at the Annual Meeting, but you will need to present government-issued photo identification for entrance to the Annual Meeting. Beneficial Owners: Shares Registered in the Name of a Broker, Bank or Other Nominee. If you were a beneficial owner at the close of business on the Record Date, you may not vote your shares in person at the Annual Meeting unless you obtain a “legal proxy” from your broker, bank or other nominee who is the stockholder of record with respect to your shares. You may still attend the Annual Meeting even if you do not have a legal proxy. For entrance to the Annual Meeting, you will need to provide proof of beneficial ownership as of the Record Date, such as the notice or voting instructions you received from your broker, bank or other nominee or a brokerage statement reflecting your ownership of shares as of the Record Date, and present government-issued photo identification. Please note that no cameras, recording equipment, large bags, briefcases or packages will be permitted in the Annual Meeting. How do I vote and what are the voting deadlines? Stockholder of Record: Shares Registered in Your Name. If you are a stockholder of record, you can vote in one of the following ways: • You may vote via the Internet or by telephone. To vote via the Internet or by telephone, follow the instructions provided in the Notice of Internet Availability of Proxy Materials. If you vote via the Internet or by telephone, you do not need to return a proxy card by mail. Internet and telephone voting -8- are available 24 hours a day. Votes submitted through the Internet or by telephone must be received by 11:59 p.m. Eastern Time on May 22, 2019. Alternatively, you may request a printed proxy card by telephone at 888-Proxy-NA (888-776-9962) or 718-921-8562 (for international callers), over the Internet at https://us.astfinancial.com/OnlineProxyVoting/ProxyVoting/RequestMaterials, or by email at info@astfinancial.com. You may vote by mail. If you have received printed proxy materials by mail and would like to vote by mail, you need to complete, date and sign the proxy card that accompanies this proxy statement and promptly mail it to the tabulation agent in the enclosed postage-paid envelope so that it is received no later than May 22, 2019. You do not need to put a stamp on the enclosed envelope if you mail it from within the United States. The persons named in the proxy card will vote the shares you own in accordance with your instructions on the proxy card you mail. If you return the proxy card, but do not give any instructions on a particular matter to be voted on at the Annual Meeting, the persons named in the proxy card will vote the shares you own in accordance with the recommendations of our board of directors. Our board of directors recommends that you vote FOR the three nominees for election as Class III directors, FOR the ratification of the appointment of Deloitte & Touche LLP as our independent registered public accounting firm for our fiscal year ending December 31, 2019, and FOR the approval, on an advisory basis, of named executive officer compensation. You may vote in person. If you plan to attend the Annual Meeting, you may vote by delivering your completed proxy card in person or by completing and submitting a ballot, which will be provided at the Annual Meeting. • • Beneficial Owners: Shares Registered in the Name of a Broker, Bank or Other Nominee. If you are the beneficial owner of shares held of record by a broker, bank or other nominee, you will receive voting instructions from your broker, bank or other nominee. You must follow the voting instructions provided by your broker, bank or other nominee in order to instruct your broker, bank or other nominee how to vote your shares. The availability of Internet and telephone voting options will depend on the voting process of your broker, bank or other nominee. As discussed above, if you are a beneficial owner, you may not vote your shares in person at the Annual Meeting unless you obtain a legal proxy from your broker, bank or other nominee. Can I change my vote or revoke my proxy? Stockholder of Record: Shares Registered in Your Name. If you are a stockholder of record, you may revoke your proxy or change your proxy instructions at any time before your proxy is voted at the Annual Meeting by: • • • • entering a new vote by Internet or telephone; signing and returning a new proxy card with a later date; delivering a written revocation to our Secretary at FireEye, Inc., 601 McCarthy Blvd., Milpitas, California 95035, by 11:59 p.m. Eastern Time on May 22, 2019; or attending the Annual Meeting and voting in person. Beneficial Owners: Shares Registered in the Name of a Broker, Bank or Other Nominee. If you are the beneficial owner of your shares, you must contact the broker, bank or other nominee holding your shares and follow their instructions to change your vote or revoke your proxy. What is the effect of giving a proxy? Proxies are solicited by and on behalf of our board of directors. The persons named in the proxy have been designated as proxy holders by our board of directors. When a proxy is properly dated, executed and returned, the shares represented by the proxy will be voted at the Annual Meeting in accordance with the instructions of the stockholder. If no specific instructions are given, however, the shares will be voted in accordance with the -9- P r o x y S t a t e m e n t recommendations of our board of directors. If any matters not described in this proxy statement are properly presented at the Annual Meeting, the proxy holders will use their own judgment to determine how to vote your shares. If the Annual Meeting is postponed or adjourned, the proxy holders can vote your shares on the new meeting date, unless you have properly revoked your proxy, as described above. What if I do not specify how my shares are to be voted? Stockholder of Record: Shares Registered in Your Name. If you are a stockholder of record and you submit a proxy but you do not provide voting instructions, your shares will be voted: • • • • FOR the three nominees for election as Class III directors (Proposal No. 1); FOR the ratification of the appointment of Deloitte & Touche LLP as our independent registered public accounting firm for our fiscal year ending December 31, 2019 (Proposal No. 2); FOR the approval, on an advisory basis, of named executive officer compensation (Proposal No. 3); and In the discretion of the named proxy holders regarding any other matters properly presented for a vote at the Annual Meeting. Beneficial Owners: Shares Registered in the Name of a Broker, Bank or Other Nominee. If you are a beneficial owner and you do not provide your broker, bank or other nominee that holds your shares with voting instructions, then your broker, bank or other nominee will determine if it has discretion to vote on each matter. Brokers do not have discretion to vote on non-routine matters. Proposal No. 1 (election of directors) and Proposal No. 3 (advisory vote to approve named executive officer compensation) are non-routine matters, while Proposal No. 2 (ratification of appointment of independent registered public accounting firm) is a routine matter. As a result, if you do not provide voting instructions to your broker, bank or other nominee, then your broker, bank or other nominee may not vote your shares with respect to Proposal No. 1 and Proposal No. 3, which would result in a “broker non-vote,” but your broker, bank or other nominee may, in its discretion, vote your shares with respect information regarding broker non-votes, see “What are the effects of to Proposal No. 2. For additional abstentions and broker non-votes?” below. What is a quorum? A quorum is the minimum number of shares required to be present at the Annual Meeting for the meeting to be properly held under our bylaws and Delaware law. A majority of the shares of common stock outstanding and entitled to vote, in person or by proxy, constitutes a quorum for the transaction of business at the Annual Meeting. As noted above, as of the Record Date, there were a total of 203,166,974 shares of common stock outstanding, which means that 101,583,488 shares of common stock must be represented in person or by proxy at the Annual Meeting to have a quorum. If there is no quorum, a majority of the shares present at the Annual Meeting may adjourn the meeting to a later date. What are the effects of abstentions and broker non-votes? An abstention represents a stockholder’s affirmative choice to decline to vote on a proposal. If a stockholder indicates on its proxy card that it wishes to abstain from voting its shares, or if a broker, bank or other nominee holding its customers’ shares of record causes abstentions to be recorded for shares, these shares will be considered present and entitled to vote at the Annual Meeting. As a result, abstentions will be counted for purposes of determining the presence or absence of a quorum and will also count as votes against a proposal in cases where approval of the proposal requires the affirmative vote of a majority of the shares present and entitled to vote at the Annual Meeting (e.g., Proposal No. 2 and Proposal No. 3). However, because the outcome of Proposal No. 1 (election of directors) will be determined by the affirmative vote of shares representing a majority of the votes cast for each Class III director nominee, abstentions will have no impact on the outcome of such proposal as long as a quorum exists given abstentions are not considered as votes cast. -10- A broker non-vote occurs when a broker, bank or other nominee holding shares for a beneficial owner does not vote on a particular proposal because the broker, bank or other nominee does not have discretionary voting power with respect to such proposal and has not received voting instructions from the beneficial owner of the shares. Broker non-votes will be counted for purposes of calculating whether a quorum is present at the Annual Meeting but will not be counted for purposes of determining the number of votes cast. Therefore, a broker non-vote will make a quorum more readily attainable but will not otherwise affect the outcome of the vote on any proposal. How many votes are needed for approval of each proposal? • • • Proposal No. 1: To be elected, each Class III director nominee must receive the affirmative vote of shares representing a majority of the votes cast, meaning the number of votes “FOR” that nominee must exceed the number of votes “AGAINST” that nominee. You may vote FOR, AGAINST or ABSTAIN with respect to each nominee. If you ABSTAIN from voting on the election of any nominee, the abstention will have no effect on the election of that nominee. Proposal No. 2: The ratification of the appointment of Deloitte & Touche LLP requires an affirmative vote of a majority of the shares of our common stock present in person or by proxy at the Annual Meeting and entitled to vote thereon to be approved. You may vote FOR, AGAINST or ABSTAIN. If you ABSTAIN from voting on Proposal No. 2, the abstention will have the same effect as a vote AGAINST the proposal. Proposal No. 3: The approval, on an advisory basis, of named executive officer compensation requires an affirmative vote of a majority of the shares of our common stock present in person or by proxy at the Annual Meeting and entitled to vote thereon to be approved. You may vote FOR, AGAINST or ABSTAIN. If you ABSTAIN from voting on Proposal No. 3, the abstention will have the same effect as a vote AGAINST the proposal. P r o x y S t a t e m e n t What happens if a director nominee who is duly nominated does not receive a majority vote? Our board of directors only nominates for election candidates who have tendered, in advance of such nomination, an irrevocable, conditional resignation that will be effective only upon both (i) the failure to receive the required vote at the next stockholders’ meeting at which they face reelection and (ii) our board of directors’ acceptance of such resignation. In an uncontested election, our board of directors, after taking into consideration the recommendation of our nominating and corporate governance committee, will determine whether or not to accept the pre-tendered resignation of any nominee for director who receives a greater number of votes “AGAINST” such nominee’s election than votes “FOR” such nominee’s election. In the event of a contested election, the director nominee who receives the largest number of votes cast “FOR” his or her election will be elected as director. How are proxies solicited for the Annual Meeting and who is paying for such solicitation? Our board of directors is soliciting proxies for use at the Annual Meeting by means of the proxy materials. We will bear the entire cost of proxy solicitation, including the preparation, assembly, printing, mailing and distribution of the proxy materials. Copies of solicitation materials will also be made available upon request to brokers, banks and other nominees to forward to the beneficial owners of the shares held of record by such brokers, banks or other nominees. The original solicitation of proxies may be supplemented by solicitation by telephone, electronic communication, or other means by our directors, officers and employees. No additional compensation will be paid to these individuals for any such services, although we may reimburse such individuals for their reasonable out-of-pocket expenses in connection with such solicitation. We may also reimburse brokerage firms, banks and other agents for the cost of forwarding proxy materials to beneficial owners. We have hired Alliance Advisors, LLC (“Alliance Advisors”) to help us solicit proxies. We expect to pay Alliance Advisors a solicitation fee of $13,000 plus reimbursement of reasonable out-of-pocket expenses. -11- If you choose to access the proxy materials and/or vote over the Internet, you are responsible for Internet access charges you may incur. If you choose to vote by telephone, you are responsible for telephone charges you may incur. Why did I receive a Notice of Internet Availability of Proxy Materials instead of a full set of proxy materials? In accordance with the rules of the Securities and Exchange Commission (the “SEC”), we have elected to furnish our proxy materials, including this proxy statement and our annual report, primarily via the Internet. Stockholders may request to receive proxy materials in printed form by mail or electronically by e-mail by following the instructions contained in the Notice. We encourage stockholders to take advantage of the availability of our proxy materials on the Internet to help reduce the environmental impact of our annual meetings of stockholders. What does it mean if I received more than one Notice? If you receive more than one Notice, your shares may be registered in more than one name or in different accounts. Please follow the voting instructions on each Notice to ensure that all of your shares are voted. Is my vote confidential? Proxy instructions, ballots and voting tabulations that identify individual stockholders are handled in a manner that protects your voting privacy. Your vote will not be disclosed either within FireEye or to third parties, except as necessary to meet applicable legal requirements, to allow for the tabulation of votes and certification of the vote, or to facilitate a successful proxy solicitation. Will members of the board of directors attend the Annual Meeting? We encourage, but do not require, our board members to attend the Annual Meeting. Those who do attend will be available to answer appropriate questions from stockholders. I share an address with another stockholder, and we received only one paper copy of the proxy materials. How may I obtain an additional copy of the proxy materials? We have adopted an SEC-approved procedure called “householding,” under which we can deliver a single copy of the proxy materials and annual report to multiple stockholders who share the same address unless we received contrary instructions from one or more of the stockholders. This procedure reduces our printing and mailing costs. Stockholders who participate in householding will continue to be able to access and receive separate proxy cards. Upon written or oral request, we will promptly deliver a separate copy of the proxy materials and annual report to any stockholder at a shared address to which we delivered a single copy of any of these documents. To receive a separate copy, or, if you are receiving multiple copies, to request that we only send a single copy of next year’s proxy materials and annual report, you may contact us as follows: FireEye, Inc. Attention: Secretary 601 McCarthy Blvd. Milpitas, CA 95035 (408) 321-6300 Stockholders who hold shares in street name may contact their brokerage firm, bank, broker-dealer or other nominee to request information about householding. -12- How can I find out the results of the voting at the Annual Meeting? Preliminary voting results will be announced at the Annual Meeting. In addition, final voting results will be published in a current report on Form 8-K that we expect to file within four business days after the Annual Meeting. If final voting results are not available to us at that time, we intend to file a Form 8-K to publish preliminary results and, within four business days after the final results are known to us, file an amendment to the Form 8-K to publish the final results. What is the deadline to propose actions for consideration at next year’s annual meeting of stockholders or to nominate individuals to serve as directors? Stockholder Proposals Stockholders may present proper proposals for inclusion in our proxy statement and for consideration at the next annual meeting of stockholders by submitting their proposals in writing to our Secretary in a timely manner. For a stockholder proposal to be considered for inclusion in our proxy statement for our 2020 annual meeting of stockholders, our Secretary must receive the written proposal at our principal executive offices not later than December 10, 2019. In addition, stockholder proposals must comply with the requirements of Rule 14a-8 under the Securities Exchange Act of 1934, as amended (the “Exchange Act”), regarding the inclusion of stockholder proposals in company-sponsored proxy materials. Stockholder proposals should be addressed to: FireEye, Inc. Attention: Secretary 601 McCarthy Blvd. Milpitas, CA 95035 Our bylaws also establish an advance notice procedure for stockholders who wish to present a proposal before an annual meeting of stockholders but do not intend for the proposal to be included in our proxy statement. Our bylaws provide that the only business that may be conducted at an annual meeting is business that is (i) specified in our proxy materials with respect to such meeting, (ii) otherwise properly brought before the annual meeting by or at the direction of our board of directors, or (iii) properly brought before the annual meeting by a stockholder of record entitled to vote at the annual meeting who has delivered timely written notice to our Secretary, which notice must contain the information specified in our bylaws. To be timely for our 2020 annual meeting of stockholders, our Secretary must receive the written notice at our principal executive offices: • • not earlier than January 24, 2020; and not later than February 23, 2020. In the event that we hold our 2020 annual meeting of stockholders more than 30 days before or more than 60 days after the first anniversary of the date of the Annual Meeting, then notice of a stockholder proposal that is not intended to be included in our proxy statement must be received no earlier than the close of business on the 120th day before such annual meeting and no later than the close of business on the later of the following two dates: • • the 90th day prior to such annual meeting; or the 10th day following the day on which public announcement of the date of such annual meeting is first made. If a stockholder who has notified us of his, her or its intention to present a proposal at an annual meeting does not appear to present his, her or its proposal at such annual meeting, we are not required to present the proposal for a vote at such annual meeting. Nomination of Director Candidates You may propose director candidates for consideration by our nominating and corporate governance committee. Any such recommendations should include the nominee’s name and qualifications for membership -13- P r o x y S t a t e m e n t on our board of directors and should be directed to our Secretary at the address set forth above. For additional information regarding stockholder recommendations for director candidates, see the section titled “Board of Directors and Corporate Governance—Stockholder Recommendations for Nominations to the Board of Directors.” In addition, our bylaws permit stockholders to nominate directors for election at an annual meeting of stockholders. To nominate a director, the stockholder must provide the information required by our bylaws. In addition, the stockholder must give timely notice to our Secretary in accordance with our bylaws, which, in general, require that the notice be received by our Secretary within the time period described above under “Stockholder Proposals” for stockholder proposals that are not intended to be included in a proxy statement. Availability of Bylaws A copy of our bylaws may be obtained by accessing our public filings on the SEC’s website at www.sec.gov. You may also contact our Secretary at our principal executive office for a copy of the relevant bylaw provisions regarding the requirements for making stockholder proposals and nominating director candidates. -14- BOARD OF DIRECTORS AND CORPORATE GOVERNANCE Our business affairs are managed under the direction of our board of directors, which is currently composed of seven members. Six of our directors are independent within the meaning of the independent director requirements of The NASDAQ Stock Market. Our board of directors is divided into three classes with staggered three-year terms. At each annual meeting of stockholders, a class of directors will be elected for a three-year term to succeed the same class whose term is then expiring. In addition, pursuant to our bylaws, at any time before, on or after the day of the Annual Meeting, our board of directors may increase the authorized number of directors and fill the vacancy or vacancies created thereby with one or more new directors. There are three Class III directors whose current term of office expires at the Annual Meeting: Ronald E. F. Codd, Kevin R. Mandia and Enrique Salem. Our board of directors has nominated Messrs. Codd, Mandia and Salem for re-election at the Annual Meeting to serve as Class III directors until the 2022 annual meeting of stockholders or until their successors are duly elected and qualified. The following table sets forth the names, ages as of March 25, 2019, and certain other information for the directors whose term expires at the Annual Meeting and for each of the directors whose terms do not expire at the Annual Meeting: Name Class Age Position(s) Director Since Current Term Expires Expiration of Term For Which Nominated 1. Directors Whose Terms Expire at the Annual Meeting Ronald E. F. Codd(1)(2)(3) . . . . . . . . . . . . . . . . . Kevin R. Mandia(4) Enrique Salem(3)(4) . . . . . . . . . . . 2. Directors Whose Terms Do Not Expire at the Annual Meeting Kimberly Alexy(1)(2) . . . . . . . . . . Stephen Pusey(3) . . . . . . . . . . . . . Adrian McDermott(3) . . . . . . . . . . Robert E. Switz(1)(2) . . . . . . . . . . III III III I I II II 63 Director 48 Chief Executive Officer and 2012 2016 2019 2019 2022 2022 Director 53 Chairman of the Board 2013 2019 2022 48 Director 57 Director 50 Director 72 Director 2015 2015 2019 2017 2020 2020 2021 2021 — — — — (1) Member of our audit committee (2) Member of our nominating and corporate governance committee (3) Member of our compensation committee (4) Member of our government classified information and security committee Nominees for Director Ronald E. F. Codd has served as a member of our board of directors since July 2012. Mr. Codd has been an independent business consultant since April 2002. From January 1999 to April 2002, Mr. Codd served as President, Chief Executive Officer and a director of Momentum Business Applications, Inc., an enterprise software company. From September 1991 to December 1998, Mr. Codd served as Senior Vice President of Finance and Administration and Chief Financial Officer of PeopleSoft, Inc., a provider of human resource management systems. Mr. Codd has served on the board of directors of ServiceNow, Inc. and Veeva Systems Inc. since February 2012. Mr. Codd previously served on the board of directors of Rocket Fuel Inc. from February 2012 to September 2017 and the boards of directors of numerous other technology companies, including most recently DemandTec, Inc., Interwoven, Inc. and Data Domain, Inc. Mr. Codd holds a B.S. in Accounting from the University of California, Berkeley and an M.M. in Finance and M.I.S. from the Kellogg -15- P r o x y S t a t e m e n t Graduate School of Management at Northwestern University. Our board of directors believes that Mr. Codd possesses specific attributes that qualify him to serve as a director, including his extensive management and software industry experience, and his experience in finance. Kevin R. Mandia has served as our Chief Executive Officer since June 2016 and as a member of our board of directors since February 2016. He previously served as our President from February 2015 to June 2016 and as our Senior Vice President and Chief Operating Officer from the date of FireEye’s acquisition of Mandiant Corporation (“Mandiant”), in December 2013 through February 2015. Prior to joining FireEye, Mr. Mandia was the Chief Executive Officer of Mandiant and had served in that capacity since he founded Mandiant in 2004. Prior to forming Mandiant, Mr. Mandia served as the Director of Computer Forensics at Foundstone (later acquired by McAfee Corporation) from 2000 to 2003 and as the Director of Information Security for Sytex (later acquired by Lockheed Martin) from 1998 to 2000. From 1993 to 2000, Mr. Mandia was an officer in the United States Air Force, where he served in various capacities, including as a computer security officer in the 7th Communications Group at the Pentagon, and later as a special agent in the Air Force Office of Special Investigations (AFOSI). Mr. Mandia holds a B.S. in Computer Science from Lafayette College and an M.S. in Forensic Science from The George Washington University. In 2011, Mr. Mandia was named Ernst & Young Entrepreneur of the Year for the Greater Washington area. He completed the Harvard Business School’s Owner/ President Management Program in February 2013. Mr. Mandia has taught graduate level courses at Carnegie Melon University and The George Washington University and has co-authored two books on responding to security breaches: Incident Response: Performing Computer Forensics (McGraw-Hill, 2003) and Incident Response: Investigating Computer Crime (McGraw-Hill, 2001). Our board of directors believes that Mr. Mandia possesses specific attributes that qualify him to serve as a director, including the perspective and experience he brings as our Chief Executive Officer and his extensive senior management expertise in the network security industry. Enrique Salem has served as a member of our board of directors since February 2013 and as our Chairman of the Board since March 2017. Mr. Salem previously served as our Lead Independent Director from February 2016 to March 2017. He has been a managing director of Bain Capital Ventures, a venture capital firm, since July 2014. Mr. Salem was president, Chief Executive Officer and a director of Symantec Corporation, a provider of information security, storage and systems management solutions, from April 2009 until July 2012. Mr. Salem was Chief Operating Officer of Symantec Corporation from January 2008 to April 2009, group President, Worldwide Sales and Marketing from April 2007 to January 2008, group President, Consumer Products from May 2006 to April 2007, Senior Vice President, Consumer Products and Solutions from February 2006 to May 2006, Senior Vice President, Security Products and Solutions from January 2006 to February 2006, and Senior Vice President, Network and Gateway Security Solutions from June 2004 to February 2006. Prior to Symantec, from April 2002 to June 2004, Mr. Salem served as President and Chief Executive Officer of Brightmail, Inc., an email filtering company, prior to its acquisition by Symantec in 2004. Mr. Salem also held senior leadership roles at Oblix Inc., Ask Jeeves Inc., Peter Norton Computing, Inc. and Security Pacific Merchant Bank. In March 2011, he was appointed to President Barack Obama’s Management Advisory Board. Mr. Salem has served on the board of directors of Atlassian Corporation Plc since July 2013, the board of directors of DocuSign, Inc. since August 2013 and the board of directors of ForeScout Technologies, Inc. since September 2013. He previously served on the board of directors of Automatic Data Processing, Inc. from January 2010 to November 2013 and the board of directors of Symantec Corporation from April 2009 to July 2012. Mr. Salem also currently serves on the board of directors of multiple private companies. He received the Estrella Award from the Hispanic IT Executive Council in 2010 and was named Entrepreneur of the Year in 2004 by Ernst & Young. Mr. Salem holds an A.B. in Computer Science from Dartmouth College. Our board of directors believes that Mr. Salem possesses specific attributes that qualify him to serve as a director, including his extensive leadership experience, including oversight of global operations, as well as a strong background in information technology, data security, compliance and systems management. -16- Other Directors Kimberly Alexy has served as a member of our board of directors since January 2015. Ms. Alexy has served as the Principal of Alexy Capital Management, a private investment management firm that she founded, since June 2005. Ms. Alexy has served on the board of directors of CalAmp Corp. since May 2008, the board of directors of Five9, Inc. since October 2013, the board of directors of Alteryx, Inc. since February 2017 and the board of directors of Western Digital Corporation since November 2018. She previously served on the board of directors of SMART Modular Technologies (WWH), Inc. from September 2009 to August 2011, the board of directors of SouthWest Water Company from August 2009 to September 2010, the board of directors of Dot Hill Systems Corp. from December 2005 to May 2010, the board of directors of Maxtor Corporation from June 2005 to May 2006, and the board of directors of Microsemi Corporation from September 2016 to May 2018. From 2012 to 2014, Ms. Alexy served as an Adjunct Lecturer at San Diego State University in the Graduate School of Business. From 1998 to 2003, she served as Senior Vice President and Managing Director of Equity Research for Prudential Securities, where she served as principal technology hardware analyst for the firm. Prior to joining Prudential, Ms. Alexy served as Vice President of Equity Research at Lehman Brothers, where she covered the computer hardware sector, and Assistant Vice President of Corporate Finance at Wachovia Bank. Ms. Alexy is a Chartered Financial Analyst (CFA), and holds a B.A. from Emory University and an M.B.A. with a concentration in Finance and Accounting from the College of William and Mary. Our board of directors believes that Ms. Alexy possesses specific attributes that qualify her to serve as a director, including her accounting expertise, extensive experience on public company boards and her experience in the financial services industry as an investment professional. Adrian McDermott has served as a member of our board of directors since February 2019. Mr. McDermott has served as the President of Products of Zendesk, Inc. since October 2016. He previously served as the Senior Vice President, Product Development of Zendesk, Inc. from July 2010 until October 2016. Mr. McDermott holds a B.Sc. in computer science from De Montfort University. Our board of directors believes that Mr. McDermott possesses specific attributes that qualify him to serve as a director, including his extensive product management, engineering and general business experience in technology markets as well as his expertise developed as a senior executive at a large public company in the technology industry. Stephen Pusey has served as a member of our board of directors since June 2015. Mr. Pusey served as the Group Chief Technology Officer of Vodafone Group Plc from September 2006 to August 2015, and as a member of its board of directors from June 2009 to August 2015. From 1982 to August 2006, Mr. Pusey held various positions at Nortel Networks, most recently as Executive Vice President and President, Nortel EMEA. Mr. Pusey has served on the board of directors of Centrica plc since April 2015, and previously served on the board of directors of ARM Holdings plc from September 2015 to September 2017 and as a Vodafone representative board member of Verizon Wireless from January 2009 to September 2013. Mr. Pusey holds a TEC degree in Communications and Microelectronics from Uxbridge Technical College and a Higher TEC degree in Communications and Microelectronics from Acton Technical College and attended the Advanced Management Program at Harvard University. Our board of directors believes that Mr. Pusey possesses specific attributes that qualify him to serve as a director, including his more than 35 years of international business experience across a number of technology and service provider markets and the perspective and experience he brings as a former group chief technology officer and board member for a large international public company. Robert E. Switz has served as a member of our board of directors since September 2017. Mr. Switz served as the President and Chief Executive Officer of ADC Telecommunications, Inc. (“ADC”), a supplier of network infrastructure products and services, from August 2003 until December 2010, when Tyco Electronics Ltd. (now TE Connectivity Ltd.) acquired ADC. Mr. Switz served as Chairman of the Board of Directors of ADC from June 2008 to December 2010 and served on the board of directors of ADC from August 2003 until December 2010. From 1994 until August 2003, he served in various positions at ADC, including as Chief Financial Officer. Prior to ADC, he served in various positions at Burr-Brown Corporation, a multi-national manufacturer of precision micro-electronics and systems products, including as Chief Financial Officer, Vice President of -17- P r o x y S t a t e m e n t European Operations, Ventures and Finance, and Director of the Ventures and Systems Business. Mr. Switz has served on the board of directors of Micron Technology, Inc. since February 2006, and the board of directors of Marvell Technology Group Ltd. since May 2016. He previously served on the board of directors of Broadcom Corporation from May 2003 to February 2016, the board of directors of Cyan, Inc. from March 2011 to August 2015, the board of directors of GT Advanced Technologies Inc. from May 2011 to March 2016, the board of directors of Leap Wireless International, Inc. from July 2011 to March 2014, the board of directors of Pulse Electronics Corporation from June 2014 to April 2015, and the board of directors of Gigamon, Inc. from June 2015 to December 2017. Mr. Switz holds a B.S. in Business Administration from Quinnipiac University and an M.B.A. from the University of Bridgeport. Our board of directors believes that Mr. Switz possesses specific attributes that qualify him to serve as a director, including his extensive global operations, financial and general management experience and expertise developed as a senior executive at large public companies operating in the technology industry as well as his considerable directorial and governance experience developed through his service on several public company boards. Director Independence Our common stock is listed on The NASDAQ Global Select Market. Under the rules of The NASDAQ Stock Market, independent directors must comprise a majority of a listed company’s board of directors. In addition, the rules of The NASDAQ Stock Market require that, subject to specified exceptions, each member of a listed company’s audit, compensation, and nominating and corporate governance committees be independent. Under the rules of The NASDAQ Stock Market, a director will only qualify as an “independent director” if, in the opinion of the listed company’s board of directors, the director does not have a relationship that would interfere with the exercise of independent judgment in carrying out the responsibilities of a director. Audit committee members must also satisfy the independence criteria set forth in Rule 10A-3 under the Exchange Act and the listing requirements of The NASDAQ Stock Market. In addition, compensation committee members must satisfy the independence criteria set forth in Rule 10C-1 under the Exchange Act and the listing requirements of The NASDAQ Stock Market. Our board of directors has undertaken a review of the independence of each director and considered whether such director has a material relationship with us that could compromise his or her ability to exercise independent judgment in carrying out his or her responsibilities. As a result of this review, our board of directors has determined that Ms. Alexy and Messrs. Codd, McDermott, Pusey, Salem and Switz are “independent directors” as defined under the applicable rules and regulations of the SEC and the listing requirements and rules of The NASDAQ Stock Market. Board Leadership Structure Our board of directors does not view any particular leadership structure as preferred and routinely reviews and considers the appropriate leadership structure. This consideration includes the pros and cons of alternative leadership structures in light of our operating and governance environment at the time, with the goal of achieving the optimal model for board leadership and effective oversight of management by our board of directors. Our board of directors consists of seven directors. Our only management director is Mr. Mandia, our Chief Executive Officer. Enrique Salem, an independent director, holds the role of Chairman of the Board. Our board of directors believes this structure benefits the board of directors and us by enabling our Chief Executive Officer to focus on operational and strategic matters while enabling the Chairman of the Board to focus on board and governance matters. In addition, each committee of our board of directors has a designated chairperson and, other than our government classified information and security committee, is comprised solely of independent directors. -18- Board Meetings and Committees During 2018, our board of directors held 11 meetings (including regularly scheduled and special meetings), and each director attended at least 75% of the aggregate of (i) the total number of meetings of our board of directors held during the period for which he or she served as a director and (ii) the total number of meetings held by all committees of our board of directors on which he or she served during the periods for which he or she served. It is the policy of our board of directors to regularly have separate meeting times for independent directors without management. Although we do not have a formal policy regarding attendance by members of our board of directors at annual meetings of stockholders, we encourage, but do not require, our directors to attend. All of the six directors who served on the date of our 2018 annual meeting of stockholders attended the meeting. Our board of directors has four standing committees: an audit committee, a compensation committee, a nominating and corporate governance committee and a government classified information and security committee. The composition and responsibilities of each of the committees of our board of directors are described below. Members will serve on these committees until their resignation or until otherwise determined by our board of directors. Audit Committee Our audit committee is comprised of Kimberly Alexy, Ronald E. F. Codd and Robert E. Switz, each of whom is a non-employee member of our board of directors. Ms. Alexy is the chair of our audit committee. Our board of directors has determined that each of the members of our audit committee satisfies the requirements for independence and financial literacy under the rules and regulations of the SEC, including Rule 10A-3 under the Exchange Act, and the listing requirements of The NASDAQ Stock Market. Our board of directors has also determined that each of Ms. Alexy and Messrs. Codd and Switz qualify as an “audit committee financial expert” as defined in the SEC rules and satisfy the financial sophistication requirements of The NASDAQ Stock Market. This designation does not impose on Ms. Alexy and Messrs. Codd and Switz any duties, obligations or liabilities that are greater than those generally imposed on members of our audit committee and our board of directors. Our audit committee is responsible for, among other things: • • • • • • • • • selecting and hiring our independent registered public accounting firm; evaluating the performance and independence of our independent registered public accounting firm; pre-approving any audit and non-audit services to be performed by our independent registered public accounting firm; reviewing the adequacy and effectiveness of our internal control policies and procedures and our disclosure controls and procedures; overseeing procedures for the treatment of complaints on accounting, internal accounting controls or audit matters; reviewing and discussing with management and the independent registered public accounting firm the results of our annual audit, our quarterly financial statements and our publicly filed reports; reviewing significant risk exposures and our processes around the management and monitoring of such risks, including but not limited to reviewing our programs, policies, practices and safeguards for information technology, cybersecurity and data security and reviewing periodic updates on such matters by our chief security officer; reviewing and approving related person transactions; and preparing the audit committee report that the SEC requires in our annual proxy statements. -19- P r o x y S t a t e m e n t Our audit committee operates under a written charter that satisfies the applicable rules and regulations of the SEC and the listing requirements of The NASDAQ Stock Market. A copy of the charter of our audit committee is available on our website at www.FireEye.com in the Governance section of our Investor Relations webpage. During 2018, our audit committee held nine meetings. Compensation Committee Our compensation committee is comprised of Ronald E. F. Codd, Adrian McDermott, Stephen Pusey and Enrique Salem, each of whom is a non-employee member of our board of directors. Mr. Salem is the chair of our compensation committee. Our board of directors has determined that each member of our compensation committee meets the requirements for independence under the rules and regulations of the SEC, including Rule 10C-1 under the Exchange Act, and the listing requirements of The NASDAQ Stock Market, and is a “non-employee director” within the meaning of Rule 16b-3 under the Exchange Act. Our compensation committee is responsible for, among other things: • • • reviewing and approving our Chief Executive Officer’s and other executive officers’ annual base salaries; incentive compensation plans, including the specific goals and amounts; equity compensation, employment agreements, severance arrangements and change in control agreements; and any other benefits, compensation or arrangements; provided that any approvals relating to our Chief Executive Officer’s compensation will be subject to the ratification of our entire board of directors, with any non-independent directors not voting; administering our equity compensation plans; and overseeing our overall compensation philosophy, compensation plans and benefits programs. Our compensation committee may form subcommittees and may delegate to such subcommittees such power and authority as our compensation committee deems appropriate. Our compensation committee operates under a written charter that satisfies the applicable rules and regulations of the SEC and the listing requirements of The NASDAQ Stock Market. A copy of the charter of our compensation committee is available on our website at www.FireEye.com in the Governance section of our Investor Relations webpage. During 2018, our compensation committee held five meetings. Nominating and Corporate Governance Committee Our nominating and corporate governance committee is comprised of Kimberly Alexy, Ronald E. F. Codd and Robert E. Switz, each of whom is a non-employee member of our board of directors. Mr. Codd is the chair of our nominating and corporate governance committee. Our board of directors has determined that each member of our nominating and corporate governance committee meets the requirements for independence under the listing requirements of The NASDAQ Stock Market. Our nominating and corporate governance committee is responsible for, among other things: • • • • evaluating and making recommendations regarding the composition, organization, and governance of our board of directors and its committees; evaluating and making recommendations regarding the creation of additional committees or the change in mandate or dissolution of committees; reviewing and making recommendations with regard to our corporate governance guidelines and compliance with laws and regulations; and reviewing and approving conflicts of interest of our directors and corporate officers, other than related person transactions reviewed by the audit committee. Our nominating and corporate governance committee operates under a written charter that satisfies the listing standards of The NASDAQ Stock Market. A copy of the charter of our nominating and corporate -20- governance committee is available on our website at www.FireEye.com in the Governance section of our Investor Relations webpage. During 2018, our nominating and corporate governance committee held five meetings. Government Classified Information and Security Committee Our government classified information and security committee is comprised of Kevin R. Mandia and Enrique Salem. Mr. Mandia is the chair of our government classified information and security committee. Our government classified information and security committee is responsible for, among other things: • • reviewing and making recommendations to our board of directors on matters concerning the Company that involve or relate to (i) information or activities that have been classified for purposes of national security by an agency or instrumentality of the government and (ii) the security of the Company’s personnel, data and facilities; and assisting our board of directors in fulfilling its oversight responsibilities relating to such matters. Our government classified information and security committee operates under a written charter. During 2018, our government classified information and security committee did not hold any meetings. Compensation Committee Interlocks and Insider Participation During 2018, Ronald E. F. Codd, Stephen Pusey and Enrique Salem served as members of our compensation committee. None of the members of our compensation committee is or has been an officer or employee of our company. None of our executive officers currently serves, or in the past year has served, as a member of the board of directors or compensation committee, or other board committee performing equivalent functions, of any entity that has one or more executive officers serving on our compensation committee or our board of directors. We have had a compensation committee since November 2012. Prior to establishing the compensation committee, our full board of directors made decisions relating to the compensation of our executive officers. Considerations in Evaluating Director Nominees Our nominating and corporate governance committee uses a variety of methods for identifying and evaluating director nominees. In its evaluation of director candidates, our nominating and corporate governance committee will consider the composition of our board of directors, including, without limitation, issues of character, integrity, judgment, diversity, age, independence, expertise, length of service, understanding of our business and other commitments. Members of our board of directors are expected to prepare for, attend, and participate in all board of director and applicable committee meetings. Our nominating and corporate governance committee requires the following minimum qualifications to be satisfied by any nominee for a position on the board of directors: (i) the highest personal and professional ethics and integrity, (ii) proven achievement and competence in the nominee’s field and the ability to exercise sound business judgment, (iii) skills that are complementary to those of the existing board of directors, (iv) the ability to assist and support management and make significant contributions to our success, and (v) an understanding of the fiduciary responsibilities that are required of a member of the board of directors and the commitment of time and energy necessary to diligently carry out those responsibilities. Other than the foregoing, there are no other stated minimum criteria for director nominees, although our nominating and corporate governance committee may also consider such other factors as it may deem, from time to time, are in our and our stockholders’ best interests. Although our board of directors does not maintain a specific policy with respect to board diversity, our board of directors believes that our board of directors should be a diverse body, and our nominating and corporate governance committee considers a broad range of backgrounds and experiences. In making determinations regarding nominations of directors, our nominating and corporate governance committee may -21- P r o x y S t a t e m e n t take into account the benefits of diverse viewpoints. Our nominating and corporate governance committee also considers these and other factors as it oversees periodic board of director and committee evaluations. After completing its review and evaluation of director candidates, our nominating and corporate governance committee recommends to our full board of directors the director nominees for selection. Stockholder Recommendations for Nominations to the Board of Directors Our nominating and corporate governance committee will consider candidates for directors recommended by stockholders holding at least one percent (1%) of the fully diluted capitalization of the company continuously for at least 12 months prior to the date of the submission of the recommendation. Our nominating and corporate governance committee will evaluate such recommendations in accordance with its charter, our bylaws, our policies and procedures for director candidates, as well as the regular director nominee criteria described above. This process is designed to ensure that our board of directors includes members with diversity of experience, skills and experience, including appropriate financial and other expertise relevant to our business. Stockholders wishing to recommend a candidate for nomination should contact our Secretary in writing. Such recommendations must information, detailed include the candidate’s name, home and business contact biographical data, relevant qualifications, a signed letter from the candidate confirming willingness to serve on our board of directors, information regarding any relationships between the candidate and FireEye and evidence of the recommending stockholder’s ownership of our common stock. Such recommendations must also include a statement from the recommending stockholder in support of the candidate, particularly within the context of the criteria for board of directors membership. Our nominating and corporate governance committee has discretion to decide which individuals to recommend for nomination as directors. A stockholder can nominate a candidate directly for election to our board of directors by complying with the procedures in Section 2.4(ii) of our bylaws and the rules and regulations of the SEC. Any eligible stockholder who wishes to submit a nomination should review the requirements in the bylaws on nominations by stockholders. Any nomination should be sent in writing to our Secretary at FireEye, Inc., 601 McCarthy Blvd., Milpitas, California 95035. To be timely for our 2020 annual meeting of stockholders, our Secretary must receive the nomination no earlier than January 24, 2020 and no later than February 23, 2020. The notice must state the information required by Section 2.4(ii) of our bylaws and otherwise must comply with applicable federal and state law. Communications with the Board of Directors We have a practice of regularly engaging with our stockholders to seek their feedback, as further described in the section titled “Stockholder Engagement” below. Additionally, stockholders wishing to communicate with our board of directors or with an individual member of our board of directors may do so by writing to our board of directors or to the particular member of our board of directors, and mailing the correspondence to our General Counsel at FireEye, Inc., 601 McCarthy Blvd., Milpitas, CA 95035. Our General Counsel will review all incoming stockholder communications (excluding mass mailings, product complaints or inquiries, job inquiries, business solicitations and patently offensive or otherwise inappropriate material), and if deemed appropriate, the stockholder communications will be forwarded to the appropriate member or members of our board of directors, or if none is specified, to the chairman of our board of directors. This procedure does not apply to stockholder proposals submitted pursuant to Rule 14a-8 under the Exchange Act. Corporate Governance Guidelines and Code of Business Conduct and Ethics Our board of directors has adopted Corporate Governance Guidelines. These guidelines address items such as the qualifications and responsibilities of our directors and director candidates and corporate governance policies and standards applicable to us in general. In addition, our board of directors has adopted a Code of Business Conduct and Ethics that applies to all of our employees, officers and directors, including our Chief Executive Officer, Chief Financial Officer, and other executive and senior financial officers. The full text of our -22- Corporate Governance Guidelines and our Code of Business Conduct and Ethics is posted on our website at www.FireEye.com in the Governance section of our Investor Relations webpage. We intend to post any amendments to our Code of Business Conduct and Ethics, and any waivers of our Code of Business Conduct and Ethics for directors and executive officers, on the same website. Risk Management Risk is inherent with every business, and we face a number of risks, including strategic, financial, business and operational, legal and compliance, and reputational. We have designed and implemented processes to manage risk in our operations. Management is responsible for the day-to-day management of risks the company faces, while our board of directors, as a whole and assisted by its committees, has responsibility for the oversight of risk management. In its risk oversight role, our board of directors has the responsibility to satisfy itself that the risk management processes designed and implemented by management are appropriate and functioning as designed. Our board of directors believes that open communication between management and our board of directors is essential for effective risk management and oversight. Our board of directors meets with our Chief Executive Officer and other members of the senior management team at quarterly meetings of our board of directors, where, among other topics, they discuss strategy and risks facing the company, as well as at such other times as they deem appropriate. While our board of directors is ultimately responsible for risk oversight, our board committees assist our board of directors in fulfilling its oversight responsibilities in certain areas of risk. Our audit committee assists our board of directors in fulfilling its oversight responsibilities with respect to risk management in the areas of internal control over financial reporting and disclosure controls and procedures, legal and regulatory compliance, and discusses with management and the independent auditor guidelines and policies with respect to risk assessment and risk management. Our audit committee also reviews our major financial, cybersecurity, information technology and data security risk exposures and the steps our management has taken to monitor and control these exposures, including the review of any programs and policies, as well as oversight of our enterprise risk management program. In addition, our audit committee monitors certain key risks on a regular basis throughout the fiscal year, such as risks associated with internal control over financial reporting, liquidity, cybersecurity, information technology and data security. Furthermore, our audit committee monitors compliance with legal and regulatory requirements and oversees the performance of our internal audit function. Our nominating and corporate governance committee assists our board of directors in fulfilling its oversight responsibilities with respect to the management of risk associated with board organization, membership and structure, and corporate governance. Our compensation committee assesses risks created by the incentives inherent in our compensation programs, policies and practices. Finally, our full board of directors reviews strategic and operational risk in the context of reports from the management team, receives reports on all significant committee activities at each regular meeting, and evaluates the risks inherent in significant transactions. Stockholder Engagement We believe that effective corporate governance includes regular, constructive conversations with our stockholders, and we value our stockholders’ continued opinions and feedback. We are committed to maintaining an active dialogue to understand the priorities and concerns of our stockholders. In the last 12 months, as part of our ongoing stockholder engagement program, we have engaged in substantive discussions on our executive compensation, corporate governance and corporate performance and strategy with our institutional stockholders, including the majority of our top 20 stockholders. These discussions covered a variety of topics, including our executive compensation philosophy, the composition of our board of directors, our commitment to board diversity and our strategies to achieve profitable growth in the future. -23- P r o x y S t a t e m e n t Maintaining an active dialogue with our stockholders is consistent with our corporate values of transparency and accountability, and we intend to continue these efforts in the future. Outside Director Compensation Policy Members of our board of directors who are not our employees are eligible for awards under our Outside Director Compensation Policy, which our board of directors approved in August 2014 and subsequently amended in June 2016 and March 2017. Under our Outside Director Compensation Policy, non-employee directors will receive compensation in the form of equity awards, or a mixture of equity and cash awards, as described below: Initial Award Upon joining our board of directors, each new non-employee director elected or appointed will automatically receive an equity award of restricted stock units with a total value of $400,000. This award will vest as to 1/3 of the shares subject to the award annually over a three-year period, subject to continued service through the applicable vesting date. Annual Awards On the date of each annual meeting of stockholders, each non-employee director who has been a non-employee director for at least six months will be entitled to receive an annual fee with a total value based on board and other service as set forth in the following table, provided that no award will be granted to any non-employee director who is not continuing as a director following the applicable annual meeting of stockholders: Annual Fee Board Member: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $200,000 $45,000 Chairperson of the Board (if applicable): . . . . . . . . . . . . . . $20,000 . . . . . . . . . . . . Lead Independent Director (if applicable): Committee Service: Chair Member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Audit: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Compensation: Nominating and Corporate Governance: . . . . . . . . . . Government Classified Information and Security: . . . . . $20,000 $10,000 $6,250 $6,250 $7,000 $5,000 $2,500 $2,500 Unless an eligible non-employee director elects to receive all of his or her annual fee in the form of an equity award of restricted stock units, 50% of an eligible non-employee director’s annual fee will be awarded in the form of an equity award of restricted stock units and the other 50% of such non-employee director’s annual fee will be awarded in the form of cash. All of a non-employee director’s equity award of restricted stock units will be granted to him or her on the date of the annual meeting of stockholders and will fully vest upon the earlier of the first anniversary of the grant date or the day prior to the next annual meeting of stockholders, in each case, subject to his or her continued service through the vesting date. All of a non-employee director’s cash, if any, will be paid to him or her in four equal installments on a quarterly basis, with one installment paid on the 15th day of each of the first four calendar quarters following the date of such annual meeting, in each case subject to his or her continued service through the applicable payment date. For purposes of our Outside Director Compensation Policy, equity awards are valued at the fair market value of the shares subject to the award on the grant date of the award or such other methodology determined by our board of directors or our compensation committee. -24- 2018 Director Compensation Table The table below shows all compensation awarded to or paid in 2018 to the directors who served during 2018 (other than our Chief Executive Officer, who is both a director and one of our named executive officers for 2018). Name(1) Fees earned or paid in cash ($)(2) Stock Awards ($)(3) Kimberly Alexy(4) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ronald E. F. Codd(5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Stephen Pusey(6) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Enrique Salem(7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Robert E. Switz(8) 55,625 109,125 102,500 — — 111,240 109,111 102,487 257,494 207,000 Total ($) 166,865 218,236 204,987 257,494 207,000 (1) Mr. McDermott was appointed as a member of our board of directors subsequent to December 31, 2018. On February 5, 2019, Mr. McDermott received a restricted stock unit award covering 21,645 shares of our common stock. (2) The amounts reported in this column represent the aggregate amount of quarterly cash awards paid in 2018 in accordance with the Outside Director Compensation Policy. (3) On June 7, 2018, we granted awards of restricted stock units to our non-employee directors for service on our board of directors, in accordance with the Outside Director Compensation Policy. Each such award will fully vest upon the earlier of the first anniversary of the grant date or the day prior to our next annual meeting of stockholders that follows the grant date, in each case, subject to continued service through the vesting date. Messrs. Salem and Switz elected to receive all of their 2018 annual fees in the form of awards of restricted stock units. The amounts reported in this column represent the aggregate grant date fair value of the awards as computed in accordance with Financial Accounting Standard Board Accounting Standards Codification Topic 718. The assumptions used in calculating the grant date fair value of the awards reported in this column are set forth in the notes to our audited consolidated financial statements included in our Annual Report on Form 10-K, as filed with the SEC on February 25, 2019. (4) As of December 31, 2018, Ms. Alexy held 6,532 shares of common stock issuable upon the vesting of restricted stock units. (5) As of December 31, 2018, Mr. Codd held (i) options to purchase 118,000 shares of common stock at an exercise price of $2.48 per share, all of which were fully vested as of December 31, 2018, and (ii) 6,407 shares of common stock issuable upon the vesting of restricted stock units. (6) As of December 31, 2018, Mr. Pusey held 6,018 shares of common stock issuable upon the vesting of restricted stock units. (7) As of December 31, 2018, Mr. Salem held 15,120 shares of common stock issuable upon the vesting of restricted stock units. (8) As of December 31, 2018, Mr. Switz held 28,306 shares of common stock issuable upon the vesting of restricted stock units. See the section titled “Executive Compensation” for information about the compensation of our Chief Executive Officer, who is both a director and one of our named executive officers for 2018. P r o x y S t a t e m e n t -25- PROPOSAL NO. 1 ELECTION OF DIRECTORS Our board of directors is currently composed of seven members. In accordance with our certificate of incorporation, our board of directors is divided into three classes with staggered three-year terms. At the Annual Meeting, stockholders are being asked to elect three Class III directors for a three-year term to succeed the same class whose term is then expiring. Each director’s term continues until the election and qualification of such director’s successor, or such director’s earlier death, resignation, or removal. This classification of our board of directors may have the effect of delaying or preventing changes in control of our company. Nominees Our nominating and corporate governance committee has recommended, and our board of directors has approved, Ronald E. F. Codd, Kevin R. Mandia and Enrique Salem as nominees for election as Class III directors at the Annual Meeting. If elected, each of Messrs. Codd, Mandia and Salem will serve as Class III directors until the 2022 annual meeting of stockholders or until their successors are duly elected and qualified. Each of the nominees is currently a director of our company. For information concerning the nominees, please see the section titled “Board of Directors and Corporate Governance.” If you are a stockholder of record and you sign your proxy card or vote over the Internet or by telephone but do not give instructions with respect to the voting of directors, your shares will be voted FOR the re-election of Messrs. Codd, Mandia and Salem. We expect that Messrs. Codd, Mandia and Salem will accept such nomination; however, in the event that a director nominee is unable or declines to serve as a director at the time of the Annual Meeting, the proxies will be voted for any nominee who shall be designated by our board of directors to fill such vacancy. If you are a beneficial owner of shares of our common stock and you do not give voting instructions to your broker, bank or other nominee, then your broker, bank or other nominee will leave your shares unvoted on this matter. Vote Required Our bylaws and Corporate Governance Guidelines provide for a majority voting standard in uncontested elections of directors. An uncontested election is one in which the number of nominees for director does not exceed the number of directors to be elected. The director election taking place at this meeting is uncontested, and therefore, the majority voting standard will apply. That means, in order for a nominee to be elected, the votes cast “FOR” such nominee’s election must exceed the votes cast “AGAINST” such nominee’s election. Abstentions and broker non-votes with respect to the election of any nominee will have no effect on such nominee’s election. Under our Corporate Governance Guidelines, each director is required to submit in advance an irrevocable, conditional resignation that will be effective only upon both (1) the failure to receive the required vote at the next stockholders’ meeting at which the director faces reelection and (2) our board of directors’ acceptance of such resignation. If an incumbent director fails to receive the required vote for reelection, our nominating and corporate governance committee will act the director’s resignation and will submit its recommendation to our board of directors for consideration. to determine whether to accept THE BOARD OF DIRECTORS RECOMMENDS A VOTE “FOR” THE THREE NOMINEES NAMED ABOVE. -26- PROPOSAL NO. 2 RATIFICATION OF APPOINTMENT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM Our audit committee has appointed Deloitte & Touche LLP (“Deloitte”), as our independent registered public accounting firm to audit our consolidated financial statements for our fiscal year ending December 31, 2019. Deloitte also served as our independent registered public accounting firm for our fiscal year ended December 31, 2018. At the Annual Meeting, stockholders are being asked to ratify the appointment of Deloitte as our independent registered public accounting firm for our fiscal year ending December 31, 2019. Stockholder ratification of the appointment of Deloitte is not required by our bylaws or other applicable legal requirements. However, our board of directors is submitting the appointment of Deloitte to our stockholders for ratification as a matter of good corporate governance. In the event that this appointment is not ratified by the affirmative vote of a majority of the shares present in person or by proxy at the Annual Meeting and entitled to vote, such appointment will be reconsidered by our audit committee. Even if the appointment is ratified, our audit committee, in its sole discretion, may appoint another independent registered public accounting firm at any time during our fiscal year ending December 31, 2019 if our audit committee believes that such a change would be in the best interests of FireEye and its stockholders. A representative of Deloitte is expected to be present at the Annual Meeting, will have an opportunity to make a statement if he or she wishes to do so, and is expected to be available to respond to appropriate questions from stockholders. Fees Paid to the Independent Registered Public Accounting Firm The following table presents fees for professional audit services and other services rendered to us by Deloitte for our fiscal years ended December 31, 2018 and 2017. P r o x y S t a t e m e n t Audit Fees(1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Audit-Related Fees(2) . . . . . . . . . . . . . . . . . . . . . . . . . Tax Fees(3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . All Other Fees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $3,064,952 — — — $3,275,233 — — — 2018 2017 $3,064,952 $3,275,233 (1) “Audit Fees” consist of fees for professional services rendered in connection with the audit of our annual financial statements, review of our quarterly financial statements, and services that are normally provided by Deloitte in connection with statutory and regulatory filings or engagements for those fiscal years. Fees for 2018 also included fees billed for professional services rendered in connection with the adoption of ASC 842, Form S-8 consent issuance and our offering circular related to our convertible notes offering completed in the second quarter of 2018. Fees for 2017 also included fees billed for professional services rendered in connection with the adoption of ASC 606 and Form S-8 consent issuance. (2) “Audit-Related Fees” consist of fees for professional services for assurance and related services that are reasonably related to the performance of the audit or review of our consolidated financial statements and are not reported under “Audit Fees.” (3) “Tax Fees” consist of fees for professional services rendered by Deloitte for tax compliance, tax advice and tax planning. Auditor Independence In 2018, there were no other professional services provided by Deloitte that would have required our audit committee to consider their compatibility with maintaining the independence of Deloitte. -27- Audit Committee Policy on Pre-Approval of Audit and Permissible Non-Audit Services of Independent Registered Public Accounting Firm Our audit committee has established a policy governing our use of the services of our independent registered public accounting firm. Under the policy, our audit committee is required to pre-approve all audit and permissible non-audit services performed by our independent registered public accounting firm in order to ensure that the provision of such services does not impair such accounting firm’s independence. All fees paid to Deloitte for our fiscal years ended December 31, 2017 and 2018 were pre-approved by our audit committee. Vote Required The ratification of the appointment of Deloitte requires the affirmative vote of a majority of the shares of our common stock present in person or by proxy at the Annual Meeting and entitled to vote thereon. Abstentions will have the effect of a vote AGAINST the proposal. THE BOARD OF DIRECTORS RECOMMENDS A VOTE “FOR” THE RATIFICATION OF THE APPOINTMENT OF DELOITTE & TOUCHE LLP AS OUR INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM FOR OUR FISCAL YEAR ENDING DECEMBER 31, 2019. -28- PROPOSAL NO. 3 ADVISORY VOTE TO APPROVE NAMED EXECUTIVE OFFICER COMPENSATION In accordance with Section 14A of the Exchange Act and SEC rules, we are providing our stockholders with the opportunity to vote to approve, on an advisory (and non-binding) basis, the compensation of our named executive officers as disclosed in accordance with SEC rules in the “Executive Compensation” section of this proxy statement beginning on page 33 below. This proposal, commonly known as a “say-on-pay” proposal, gives our stockholders the opportunity to express their views on our named executive officers’ compensation as a whole. This vote is not intended to address any specific item of compensation or any specific named executive officer, but rather the overall compensation of all of our named executive officers and the philosophy, policies and practices described in this proxy statement. The say-on-pay vote is advisory, and therefore not binding on FireEye, our compensation committee or our board of directors. The say-on-pay vote will, however, provide information to us regarding investor sentiment about our executive compensation philosophy, program, policies and practices, which our compensation committee will be able to consider when determining executive compensation for the remainder of the current fiscal year and beyond. Our board of directors and our compensation committee value the opinions of our stockholders and to the extent there is any significant vote against our named executive officers’ compensation as disclosed in this proxy statement, we will consider our stockholders’ concerns and our compensation committee will evaluate whether any actions are necessary to address those concerns. We believe that the information we’ve provided in the “Executive Compensation” section of this proxy statement, and in particular the information discussed in “Executive Compensation—Compensation Discussion and Analysis—Compensation Philosophy and Objectives” beginning on page 37 below, demonstrates that our executive compensation program was designed appropriately and is working to ensure management’s interests are aligned with our stockholders’ interests to support long-term value creation. Accordingly, we ask our stockholders to vote “FOR” the following resolution at the Annual Meeting: “RESOLVED, that FireEye’s stockholders approve, on an advisory basis, the compensation paid to the named executive officers, as disclosed in FireEye’s proxy statement for the 2019 Annual Meeting pursuant to the compensation disclosure rules of the SEC, including the compensation discussion and analysis, compensation tables and narrative discussion, and other related disclosure.” Vote Required The approval, on an advisory basis, of named executive officer compensation requires an affirmative vote of a majority of the shares of our common stock present in person or by proxy at the Annual Meeting and entitled to vote thereon to be approved. Accordingly, abstentions will have the effect of a vote AGAINST the proposal. Broker non-votes will have no effect on this proposal. THE BOARD OF DIRECTORS RECOMMENDS A VOTE “FOR” THE APPROVAL, ON AN ADVISORY BASIS, OF THE COMPENSATION PAID TO OUR NAMED EXECUTIVE OFFICERS AS DISCLOSED IN THIS PROXY STATEMENT. P r o x y S t a t e m e n t -29- AUDIT COMMITTEE REPORT The information contained in the following Audit Committee Report shall not be deemed to be soliciting material or to be filed with the Securities and Exchange Commission, nor shall such information be incorporated by reference into any future filing under the Securities Act of 1933, as amended, or the Securities Exchange Act of 1934, as amended, except to the extent that FireEye, Inc., or the Company, specifically incorporates it by reference in such filing. The audit committee has reviewed and discussed the Company’s audited consolidated financial statements with management and Deloitte & Touche LLP (“Deloitte”), the Company’s independent registered public accounting firm. The audit committee has discussed with Deloitte the matters required to be discussed by Auditing Standard No. 1301, Communications with Audit Committees, issued by the Public Company Accounting Oversight Board. The audit committee has received and reviewed the written disclosures and the letter from Deloitte required by the applicable requirements of the Public Company Accounting Oversight Board regarding Deloitte’s communications with the audit committee concerning independence, and has discussed with Deloitte its independence. Based on the review and discussions referred to above, the audit committee recommended to the board of directors that the Company’s audited consolidated financial statements be included in the Company’s Annual Report on Form 10-K for the fiscal year ended December 31, 2018 for filing with the Securities and Exchange Commission. Respectfully submitted by the members of the audit committee of the board of directors: Kimberly Alexy (Chair) Ronald E. F. Codd Robert E. Switz -30- EXECUTIVE OFFICERS The following table identifies certain information about our executive officers as of March 25, 2019. Each executive officer serves at the discretion of our board of directors and holds office until his or her successor is duly elected and qualified or until his or her earlier resignation or removal. There are no family relationships among any of our directors or executive officers. Name Age Position(s) Alexa King . . . . . . . . . . . . . . . . . . . . Kevin R. Mandia . . . . . . . . . . . . . . . . Travis M. Reese . . . . . . . . . . . . . . . . William T. Robbins . . . . . . . . . . . . . . Frank E. Verdecanna . . . . . . . . . . . . . 51 Executive Vice President, General Counsel and Secretary 48 Chief Executive Officer and Director 47 51 Executive Vice President of Worldwide Sales 48 Executive Vice President, Chief Financial Officer and Chief President Accounting Officer Alexa King has served as our General Counsel and Secretary since April 2012 and as our Executive Vice President since May 2016. She previously served as our Senior Vice President from April 2012 to May 2016. Prior to joining FireEye, Ms. King was Vice President, General Counsel and Secretary of Aruba Networks, Inc. from December 2005 to April 2012. From 2000 to 2005, Ms. King served as Senior Director of Legal at Siebel Systems, Inc. and her early career included working at Pillsbury Madison & Sutro (now Pillsbury Winthrop) and Fenwick & West. Ms. King has served on the board of directors of Vocera Communications, Inc. since July 2016. Additionally, Ms. King served as founding director of Pathbrite, Inc. (f/k/a RippleSend, Inc.) from 2008 to 2009 and as advisor from 2009 to 2011. Ms. King graduated magna cum laude from Harvard College with a degree in Eastern European Studies and received her J.D. from the University of California, Berkeley, Boalt Hall School of Law, where she was named to the Order of the Coif. P r o x y S t a t e m e n t Kevin R. Mandia has served as our Chief Executive Officer since June 2016 and as a member of our board of directors since February 2016. He previously served as our President from February 2015 to June 2016 and as our Senior Vice President and Chief Operating Officer from the date of our acquisition of Mandiant in December 2013 through February 2015. Prior to joining FireEye, Mr. Mandia was the Chief Executive Officer of Mandiant and had served in that capacity since he founded Mandiant in 2004. Prior to forming Mandiant, Mr. Mandia served as the Director of Computer Forensics at Foundstone (later acquired by McAfee Corporation) from 2000 to 2003 and as the Director of Information Security for Sytex (later acquired by Lockheed Martin) from 1998 to 2000. From 1993 to 2000, Mr. Mandia was an officer in the United States Air Force, where he served in various capacities, including as a computer security officer in the 7th Communications Group at the Pentagon, and later as a special agent in the Air Force Office of Special Investigations (AFOSI). Mr. Mandia holds a B.S. in Computer Science from Lafayette College and an M.S. in Forensic Science from The George Washington University. In 2011, Mr. Mandia was named Ernst & Young Entrepreneur of the Year for the Greater Washington area. He completed the Harvard Business School’s Owner/President Management Program in February 2013. Mr. Mandia has taught graduate level courses at Carnegie Melon University and The George Washington University and has co-authored two books on responding to security breaches: Incident Response: Performing Computer Forensics (McGraw-Hill, 2003) and Incident Response: Investigating Computer Crime (McGraw-Hill, 2001). Travis M. Reese has served as our President since June 2016. He previously served as our President of Mandiant Consulting and iSIGHT Intelligence from January 2016 to June 2016 and as our President of Mandiant Consulting from December 2013 to January 2016. Prior to joining FireEye, Mr. Reese had been with Mandiant from April 2006 to December 2013, where he started as the Vice President of Federal and culminated as the President and Chief Operating Officer. From May 2000 to April 2006, Mr. Reese was a Vice President at Aegis Research Corporation which later became a business unit of ManTech International through an acquisition in August 2002. Prior to Aegis Research Corporation, Mr. Reese spent ten years in the United States Air Force from 1990 to 2000, as a Special Agent with the United States Air Force Office of Special Investigations (AFOSI). -31- Mr. Reese completed the Harvard Business School’s Finance for Senior Executives program in 2010. Mr. Reese holds a B.S. in Criminal Justice from Wayland Baptist University. William T. Robbins has served as our Executive Vice President of Worldwide Sales since November 2016. Prior to joining FireEye, Mr. Robbins was Executive Vice President of Worldwide Sales of Nuance Communications, Inc. from December 2013 to November 2016. From January 2013 to December 2013, Mr. Robbins served as Chief Operating Officer of [24]7. From May 2005 to December 2012, Mr. Robbins held various positions at Symantec Corporation, most recently as Executive Vice President, Worldwide Sales & Services. Mr. Robbins holds both a B.S. in Economics and a B.B.A. in Finance from Southern Methodist University. Frank E. Verdecanna has served as our Executive Vice President and Chief Financial Officer since February 2017 and as our Chief Accounting Officer since August 2016. He previously served as our Senior Vice President of Finance from November 2015 to February 2017, as our interim Chief Financial Officer from August 2015 to September 2015 and as our Vice President of Finance from November 2012 to November 2015. Prior to joining FireEye, Mr. Verdecanna was the Chief Financial Officer of Apptera, Inc., a mobile communications and advertising company, from February 2010 to November 2012. From October 2000 to July 2009, Mr. Verdecanna held various finance positions, most recently as Vice President and Chief Financial Officer, at iPass Inc., a publicly traded global provider of mobility software and services. Mr. Verdecanna holds a B.S. in Business Administration from California Polytechnic State University-San Luis Obispo. -32- EXECUTIVE COMPENSATION Compensation Discussion and Analysis This Compensation Discussion and Analysis provides information regarding the 2018 compensation of our principal executive officer, our principal financial officer, and the three executive officers (other than our principal executive officer and our principal financial officer) who were our most highly-compensated executive officers as of the end of 2018. These individuals were: • • • Alexa King, our Executive Vice President, General Counsel and Secretary; Kevin R. Mandia, our Chief Executive Officer (our “CEO”); Travis M. Reese, our President; • William T. Robbins, our Executive Vice President of Worldwide Sales; and • Frank E. Verdecanna, our Executive Vice President, Chief Financial Officer and Chief Accounting Officer. These individuals were our named executive officers (our “Named Executive Officers”) for 2018. Overview This Compensation Discussion and Analysis describes the material elements of our executive compensation program during the fiscal year ended December 31, 2018. It also provides an overview of our executive compensation philosophy, as well as our principal compensation policies and practices. Finally, it analyzes how and why the Compensation Committee of our Board of Directors (the “Compensation Committee”) arrived at the specific compensation decisions for our executive officers, including our Named Executive Officers, in 2018, and discusses the key factors that the Compensation Committee and our Board of Directors considered in determining the compensation of our Named Executive Officers. Executive Summary, Strategic Context and 2018 Business Highlights We provide a broad portfolio of intelligence-based cybersecurity solutions and services that allow organizations to prepare for, prevent, respond to and remediate cyber attacks. Our products include detection and prevention solutions for network, email and endpoint security, forensics appliances, security orchestration software, subscription-based threat intelligence and analytics solutions, and our Helix security operations platform. These products are complemented by our technology-enabled Managed Defense security service and our Mandiant incident response and cybersecurity consulting services. Our portfolio of cybersecurity solutions and services is designed to minimize the risk of costly cybersecurity breaches by detecting and preventing advanced, targeted attacks and other evasive threats, as well as enable more efficient management of security operations, including alert management, investigation and response when a breach occurs. The cybersecurity industry is highly competitive. We believe the market opportunity is substantial, but we must adapt rapidly to changes in the threat environment and the development of new technologies to be successful. Our long-term business strategy is based on the fundamental belief that our hands-on cybersecurity expertise and threat intelligence, combined with our innovative technology, can protect our customers from catastrophic consequences of cyber attacks. Our real-time knowledge of the threat landscape and the tools and techniques used by today’s threat actors allows us to establish trusted advisor relationships with our customers, contributing to high customer retention and follow-on purchases of additional solutions. Additionally, we apply our threat intelligence and the expertise gained on the front lines of cyber conflict in a unique learning system and innovation cycle that guides our product development efforts and helps our Managed Defense and Mandiant consulting teams identify, respond to and remediate breaches. -33- P r o x y S t a t e m e n t In August 2016, we accelerated our evolution from a pioneer in appliance-based detection of advanced threats to a leading provider of a comprehensive security operations platform by restructuring our operations and reducing our operating expense. 2017 was a transformative year for FireEye as we made steady progress against our financial and operational objectives. Our operating performance improved throughout the year, and in the fourth quarter of 2017, we returned to growth in both billings and revenue and also achieved non-GAAP profitability for the first time in our history. In 2018, we continued our transition to a recurring subscription model with innovations across our offerings and a simplified pricing model for our network, email, and endpoint security solutions. Innovations introduced across our solution portfolio, combined with more efficient sales processes and higher sales productivity, resulted in non-GAAP operating profitability, positive operating cash flow, and free cash flow generation for the full year. 2018-Related Executive Compensation Actions Consistent with our performance and compensation objectives, the Compensation Committee or our Board of Directors, as applicable, approved the following actions related to the 2018 compensation for our Named Executive Officers: • • • • • • Base Salary. Increased the annual base salaries of certain of our Named Executive Officers to reflect competitive market conditions in amounts ranging from 3% to 21%, with our CEO’s annual base salary for 2018 increased 21% from his 2017 level; Target Cash Incentive Compensation Opportunities. Increased the target annual cash incentive compensation opportunities of certain of our Named Executive Officers to reflect competitive market conditions in amounts ranging from approximately 4% to 21%, with our CEO’s target annual cash incentive compensation opportunity for 2018 increased 21% from his 2017 level; Short-Term Incentive Compensation. Based upon the levels of achievement of the corporate performance objectives and individual performance objectives established under our Employee Incentive Plan for the 2018 annual cash incentive compensation opportunities of our Named Executive Officers, approved cash payouts ranging from $183,333 to $425,000, with a cash payout for our CEO in the amount of $425,000 (representing 100% of his 2018 target annual cash incentive compensation opportunity); Long-Term Incentive Compensation. Continued the practice of providing long-term incentive compensation in the form of restricted stock unit (“RSU”) awards and performance-based restricted stock unit (“PSU”) awards for shares of our common stock; Equity Awards. Granted a combination of RSU and PSU awards to certain of our Named Executive Officers, subject to a time-based vesting requirement in the case of the RSU awards and both a performance condition and a time-based vesting requirement in the case of the PSU awards, with the aggregate grant date fair value of the equity awards granted to such Named Executive Officers ranging from $1,417,000 to $5,668,000. The aggregate grant date fair value of our CEO’s equity awards was $5,668,000; and Payout of PSU Awards Granted in 2018. Based upon the level of achievement of the performance conditions for the PSU awards granted in 2018, determined that 87.5% of the target number of shares of our common stock subject to the PSU awards had been earned, subject to the continued service of the applicable Named Executive Officers through the applicable vesting dates (i.e., one-fourth in each of February 2019, 2020, 2021 and 2022). -34- Pay for Performance A significant portion of the target total direct compensation provided to our Named Executive Officers each year is at-risk and subject to our achieving our operating results as follows: • • Our short-term incentive compensation program requires achievement of corporate and/or individual objectives for any payment to be made thereunder. A significant portion (i.e., approximately 50%) of the equity awards granted in 2018 to our Named Executive Officers were both at-risk and subject to achievement of pre-established performance objectives. If the performance objectives were not achieved at a threshold level, then none of the shares of our common stock subject to the PSU awards would be earned. Executive Compensation-Related Policies and Practices We endeavor to maintain sound executive compensation policies and practices, including compensation- related corporate governance standards that are consistent with our executive compensation philosophy. During 2018, we maintained the following executive compensation policies and practices, including both policies and practices we have implemented to drive performance and policies and practices that either prohibit or minimize behavior that we do not believe serve our stockholders’ long-term interests: What We Do • • • • • • • • Independent Compensation Committee. We maintain a Compensation Committee comprised solely of independent directors who have established effective means for communicating with our stockholders regarding their executive compensation opinions and concerns. Independent Compensation Advisors. We enable the Compensation Committee to engage and retain its own advisors. During 2018, the Compensation Committee engaged Compensia, Inc., a national compensation consulting firm, to assist with its responsibilities. Annual Executive Compensation Review. We support the Compensation Committee in its annual review of our executive compensation strategy, including its review of the compensation peer group used for comparative purposes and, to help avoid creating compensation-related risks that would be reasonably likely to have a material adverse effect on us, its annual review of our compensation-related risk profile. Equity-Based Compensation with Multi-Year Vesting Requirements. The Compensation Committee designs the equity awards granted to our executive officers to be consistent with current market practice. The majority of the equity awards vest over multi-year periods, which serves our long-term value creation goals and retention objectives. Hedging and Pledging Prohibitions. We prohibit our executive officers and the non-employee members of our Board of Directors from speculating in our equity securities or engaging in any other hedging transactions with respect to our equity securities. In addition, we prohibit our executive officers and the non-employee members of our Board of Directors from pledging their equity securities or using such securities as collateral for a loan. Annual Succession Planning. We support our Board of Directors in its review of the risks associated with our key executive positions on an annual basis so that we have an adequate succession strategy and plans are in place for our most critical positions. Stock Ownership Guidelines. We maintain formal stock ownership guidelines for our executive officers and the non-employee members of our Board of Directors to support these individuals acting as owners of the Company. Clawback Policy. We maintain a clawback policy which provides that, in the event we are required to prepare an accounting restatement as a result of fraud or intentional misconduct, we may recover from -35- P r o x y S t a t e m e n t those current and former executive officers who are subject to the reporting requirements of Section 16 of the Exchange Act and were involved in the fraud or misconduct any incentive compensation erroneously paid or awarded in excess of what would have been paid pursuant to the restated financial statements. What We Do Not Do • • • No Retirement Plans Other than Standard 401(k) Offered to All Employees. We do not offer pension arrangements, defined benefit retirement plans, or nonqualified deferred compensation plans to our executive officers. No Repricing of Stock Options. We do not reprice options to purchase shares of our common stock without stockholder approval. Limited Perquisites. We do not provide perquisites and other personal benefits to our executive officers unless they serve a sound business purpose. Response to Stockholder Advisory Vote on Named Executive Officer Compensation The Compensation Committee considers the results of the annual stockholder advisory vote on the compensation of our named executive officers, as well as stockholder feedback on our executive compensation program, as part of its annual executive compensation review. In response to stockholder feedback, as well as concerns expressed by the major proxy advisory firms in their annual compensation review and voting recommendations, we continue to revise and enhance our executive compensation program while remaining consistent with our compensation objectives, “pay for performance” philosophy and corporate values. In 2017, we asked our stockholders to approve, on a non-binding advisory basis, the compensation of our named executive officers for the year ended December 31, 2016. This “say on pay” proposal received support from approximately 61% of the votes cast. In response to the 2017 say-on-pay vote, as well as feedback from our stockholders received through our ongoing stockholder engagement efforts and commentary from the major proxy advisory firms in their annual compensation analysis and voting recommendations, we made several changes to our 2018 executive compensation program compared to 2017: • • • For our 2018 annual cash incentive program, we selected revenue instead of billings as one of the three corporate performance measures. This change reflected specific feedback we received from our stockholders requesting that we refrain from using billings as a performance measure for both our short-term and long-term incentive compensation programs. For most equity awards granted in 2018 (both time-based and performance-based), we increased the vesting period to four years, with 25% of the shares subject to such awards scheduled to vest per year subject to continued service through the applicable vesting date. For both our 2018 annual cash incentive program and performance-based equity awards granted in 2018, we established a 0% payout with respect to any corporate performance measure that does not improve, on an absolute dollar basis, compared to 2017 when calculated in accordance with the same accounting standards. At our 2018 annual meeting of stockholders, approximately 62% of the votes cast approved the compensation program for our named executive officers for the fiscal year ended December 31, 2017, as described in our 2018 proxy statement. In response to our 2018 say-on-pay vote, as well as feedback from our stockholders received through our ongoing stockholder engagement efforts and commentary from the major proxy advisory firms in their annual compensation analysis and voting recommendations, we have made the following changes to our 2019 executive compensation program: • For our 2019 annual cash incentive program, we removed non-GAAP operating income as one of the corporate performance measures. This change reflected specific feedback we received that we refrain -36- • • from using the same performance measure for both our short-term and long-term incentive compensation programs. For the performance-based equity awards granted in 2019, we tied 80% of the awards to our billings and non-GAAP operating income performance over three separate consecutive annual performance periods (e.g., for the 80% portion, 1/3 is tied to 2019 performance, 1/3 is tied to 2020 performance and 1/3 is tied to 2021 performance), with any shares earned for a performance period vesting shortly after the completion of that performance period (so that the award, to the extent earned, will vest 1/3 per year). This is different than our prior practice where the awards were based on a single year’s performance followed by time-based vesting of earned shares in subsequent years. This change reflected specific feedback we received that we shift more of our executive officers’ long-term compensation toward sustained multi-year company performance. For the performance-based equity awards granted in 2019, we tied 20% of the awards to a new relative Total Shareholder Return (rTSR) performance measure. The rTSR measure is based on our stock performance relative to the stock performance of companies in the Russell 2000 Index over a three- year performance period (2019-2021). Given that half of the equity awards granted to our executive officers in 2019 were performance-based equity awards, 10% of all such equity awards are based on the rTSR measure. The introduction of the rTSR measure reflected specific feedback we received that we shift more of our executive officers’ compensation toward long-term stock performance. The following table summarizes the performance measures and related target share percentages by performance period underlying the performance-based equity awards granted to our executive officers in 2019: Performance Measure Target Number of Shares under PSU Awards Tied to 2019 Performance Target Number of Shares under PSU Awards Tied to 2020 Performance Target Number of Shares under PSU Awards Tied to 2021 Performance Target Number of Shares under PSU Awards Tied to rTSR for 2019-2021 Billings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Non-GAAP operating income . . . . . . . . . . . . . . . . Relative Total Shareholder Return . . . . . . . . . . . . Total . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17% 10% — 27% 17% 10% — 27% 17% 10% — 27% — — 20% 20% Total 50% 30% 20% 100% The Compensation Committee will continue to consider best practices from a stockholder and corporate governance perspective when it designs our executive compensation program. Further, the Compensation Committee will continue to consider feedback received through our stockholder engagement efforts, as well as the results of the annual advisory vote on our executive compensation program and policies, and use this feedback in shaping our future executive compensation program. Compensation Philosophy and Objectives Compensation Philosophy As a cybersecurity provider, we operate in a rapidly evolving and intensely competitive industry sector. To succeed in this environment, we must attract and retain a highly talented executive team, including executive officers with strong leadership skills who can run our business functions, achieve results that meet our clients’ objectives, and sell our products, subscriptions and services. We compete with other companies in our industry and other technology companies in the San Francisco Bay Area to attract and retain a skilled management team. We have designed our executive compensation program to accomplish our goals in the highly competitive area for top talent, while at the same time fostering a “pay for performance” environment that aligns the long-term interests of our executive officers with the interests of our stockholders. -37- P r o x y S t a t e m e n t Compensation Program Objectives To be successful in our industry requires that we continually build on our expertise in the cybersecurity space, expand the breadth and quality of our solutions, continuously enhance our technology platforms, and manage our expanding operations efficiently and effectively. Our executive compensation program is designed to achieve these objectives so that we are able to: • • • • attract and retain talented and experienced executive officers, who possess the knowledge, skills, and leadership criteria critical to our success; motivate these executive officers to achieve our business objectives and uphold our core values; promote teamwork within the executive team, while also recognizing the unique role each executive officer plays in our success; and ensure the alignment of the long-term interests of our executive officers with the interests of our stockholders. As we continue to grow as a publicly-traded company, we will evaluate our compensation philosophy and program objectives as circumstances require. At a minimum, we expect the Compensation Committee to review executive compensation annually. Further, as part of this review process, we expect the Compensation Committee to apply our values and the objectives described above, while considering the compensation levels needed to ensure that our executive compensation program remains competitive. Compensation-Setting Process Role of Compensation Committee The Compensation Committee oversees our executive compensation and other compensation and benefit programs, administers our equity compensation plans, and reviews, formulates, and determines the design and amount of compensation for our executive officers, including our Named Executive Officers, except that any approvals by the Compensation Committee relating to the compensation of our Chief Executive Officer are subject to the ratification of our Board of Directors (with any non-independent directors abstaining from the vote). At the beginning of each year, the Compensation Committee reviews our executive compensation program, including any incentive compensation plans and arrangements to determine whether they are appropriate, properly coordinated, and achieve their intended purposes and makes any modifications to existing plans and arrangements or adopts new plans or arrangements. The Compensation Committee also conducts an annual review of our executive compensation strategy to ensure that it is appropriately aligned with our business strategy and the achievement of our desired objectives. Further, the Compensation Committee reviews market trends and changes in competitive compensation practices, as further described below. Based on its review and assessment, the Compensation Committee, from time to time, makes changes in our executive compensation program or recommends changes to our Board of Directors. The factors considered by the Compensation Committee in determining the compensation of our executive officers and developing its recommendations to our Board of Directors for 2018 included: • • • • the recommendations of our Chief Executive Officer (except with respect to his own compensation) as described below; our corporate growth and other elements of financial performance; the individual achievement of each executive officer against his or her management objectives; a review of the relevant competitive market data (as described below); -38- • • the expected future contribution of the individual executive officer; and internal pay equity based on the impact on our business and performance. The Compensation Committee does not weigh these factors in any predetermined manner, nor does it apply any formulas in developing its compensation determinations and recommendations. Rather, in making its determinations and recommendations, the members of the Compensation Committee consider all of this information in light of their individual experience, knowledge of the Company, knowledge of the competitive market, knowledge of each executive officer, and business judgment. The Compensation Committee’s authority, duties, and responsibilities are described in its charter, which is reviewed annually and revised and updated as warranted. The charter is available on our website at www.FireEye.com in the Governance section of our Investor Relations webpage. Role of Management Our Chief Executive Officer works closely with the Compensation Committee in determining the compensation of our other executive officers, including our other Named Executive Officers. Typically, our Chief Executive Officer works with the Compensation Committee to recommend the structure of the annual cash incentive compensation opportunities, to identify and develop corporate and individual performance objectives for such cash incentive compensation opportunities, and to evaluate actual performance against the selected measures. Our Chief Executive Officer also makes recommendations to the Compensation Committee as described in the following paragraph and is involved in the determination of compensation for the respective executive officers who report to him. At the beginning of each year, our Chief Executive Officer reviews the performance of our other executive officers for the previous year, and then shares these evaluations with, and makes recommendations to, the Compensation Committee for each element of compensation. These recommendations concern the base salary, annual cash incentive compensation, and long-term incentive compensation for each of our executive officers (other than himself) based on our results, the individual executive officer’s contribution to these results, and his or her performance toward achieving his or her individual performance objectives. The Compensation Committee then reviews these recommendations and considers the other factors described above and makes decisions as to the target total direct compensation of each executive officer (other than our Chief Executive Officer), as well as each individual compensation element. While the Compensation Committee considers our Chief Executive Officer’s recommendations, it only uses these recommendations as one of several factors in making its decisions with respect to the compensation of our executive officers. In all cases, the final decisions on compensation matters are made by the Compensation Committee or our Board of Directors (with any non-independent directors abstaining from the vote). Moreover, no executive officer participates in the determination of the amounts or elements of his or her own compensation. At the request of the Compensation Committee, our Chief Executive Officer typically attends a portion of each Compensation Committee meeting in which executive compensation is discussed, including meetings at which the Compensation Committee’s compensation consultant is present. Role of Compensation Consultant Pursuant to its charter, the Compensation Committee has the authority to retain the services of one or more executive compensation advisors, as it determines in its sole discretion, including compensation consultants, legal counsel, accounting, and other advisors, in the creation of our compensation plans and to assist arrangements and related policies and practices. The Compensation Committee makes all determinations regarding the engagement, fees, and services of these external advisors, and any such external advisor reports directly to the Compensation Committee. -39- P r o x y S t a t e m e n t During 2018, the Compensation Committee engaged Compensia, Inc., a national compensation consulting firm, to provide information, analysis, and other assistance relating to our executive compensation program on an ongoing basis. The nature and scope of the services provided to the Compensation Committee by Compensia in 2018 were as follows: • • • • • • conducted a review and updating of the compensation peer group; conducted an analysis of the levels of overall compensation and each element of compensation for our executive officers; provided advice with respect to compensation best practices and market trends for our executive officers and the non-employee members of our Board of Directors; assessed our compensation risk profile and reported on this assessment; conducted an analysis of the levels of overall compensation and each element of compensation for the non-employee members of our Board of Directors; and provided ad hoc advice and support throughout the year. The Compensation Committee may replace its compensation consultant or hire additional advisors at any time. Representatives of Compensia attend meetings of the Compensation Committee, as requested, and communicate with the Compensation Committee Chair and with management as circumstances warrant. All decisions regarding the compensation of our executive officers, however, are made by the Compensation Committee (provided that any approvals by the Compensation Committee relating to the compensation of our Chief Executive Officer are subject to the ratification of our Board of Directors, with any non-independent directors abstaining from the vote) or our Board of Directors (with any non-independent directors abstaining from the vote). Compensia reports directly to the Compensation Committee. The Compensation Committee has assessed the independence of Compensia taking into account, among other things, the enhanced independence standards and factors set forth in Exchange Act Rule 10C-1 and the applicable NASDAQ Listing Standards, and concluded that that there are no conflicts of interest with respect to the work that Compensia performs for the Compensation Committee. Use of Competitive Market Data As one of many factors in its deliberations on compensation matters, the Compensation Committee considers competitive market data on executive compensation levels and practices and a related analysis of such data, but does not use this data for setting compensation levels to meet specific percentiles. This market data is drawn from a select group of peer companies developed by the Compensation Committee. At the direction of the Compensation Committee, Compensia developed a revised compensation peer group in October 2017 to ensure that our executive compensation decisions for 2018 were positioned to be competitive with comparable peer companies. This updated peer group was based on an evaluation of companies that the Compensation Committee believed were comparable to us, taking into consideration the size of each company (based on revenues and market capitalization) and the following additional factors: • • • • • the comparability of the company’s business model; the company’s business services focus; the comparability of the company’s operating history; the comparability of the company’s organizational complexities and growth attributes; the stage of the company’s maturity curve (which increases its likelihood of attracting the type of executive talent for whom we compete); and -40- • the comparability of the company’s operational performance (for consistency with our strategy and future performance expectations). Based on these criteria, the Compensation Committee approved an updated compensation peer group consisting of 20 publicly-traded business services and related technology companies. At the time Compensia updated the peer group, the selected companies had revenues ranging from approximately $337 million to approximately $1.8 billion, with a median of $603 million, and market capitalizations ranging from approximately $1.2 billion to approximately $12.8 billion, with a median of $4.2 billion. The companies comprising the compensation peer group were as follows: Aspen Technology Box Cornerstone OnDemand Envestnet Fortinet GrubHub Guidewire Software LendingClub Medidata Solutions Palo Alto Networks Progress Software Proofpoint Splunk Tableau Software Twillo Ultimate Software Group Web.com Group Yelp Zendesk Zillow Group Of the 20 companies in our 2018 compensation peer group, 17 were carried over from 2017 (Aspen Technology, Cornerstone OnDemand, Envestnet, Fortinet, GrubHub, Guidewire Software, LendingClub, Medidata Solutions, Palo Alto Networks, Progress Software, Proofpoint, Splunk, Tableau Software, The Ultimate Software Group, Yelp, Zendesk and Zillow Group). The Compensation Committee removed InfoBlox from our 2017 compensation peer group as a result of their acquisition and removed Arista Networks and Costar Group because they no longer met the targeted selection criteria for revenue and/or market capitalization. The Compensation Committee added Box, Twilio and Web.com Group based on market capitalization, revenue and industry comparability. P r o x y S t a t e m e n t least in at The Compensation Committee believes that information regarding the compensation practices at other the Compensation Committee recognizes that our companies is useful compensation policies and practices must be competitive in the marketplace. Second, this information is useful in assessing the reasonableness and appropriateness of individual executive compensation elements and of our overall executive compensation packages. This information is only one of several factors that the Compensation Committee considers, however, in making its decisions with respect to the compensation of our executive officers. two respects. First, Compensation Elements Our executive compensation program consists primarily of three elements: base salary, short-term incentive compensation in the form of cash awards, and long-term incentive compensation in the form of equity awards. Our executive officers also participate in several Company-wide welfare and health benefit plans, which are consistent with the arrangements offered to our other employees. Finally, our executive officers are eligible to receive certain post-employment compensation arrangements. We use these compensation elements to make up our executive compensation program because (i) they are consistent with the programs of other companies in our competitive market and allow us to effectively compete for highly-qualified talent, (ii) each element supports achievement of one or more of our compensation objectives, and (iii) collectively, they have been and, we believe, will continue to be, effective means for motivating our executive officers. We view the three primary compensation elements as related, but distinct, components of our total compensation program. We do not believe that total compensation should be derived from a single element, or that significant compensation from one element should negate or reduce compensation from other elements. -41- Each of these compensation elements is discussed in detail below, including a description of the particular element and how it fits into our overall executive compensation and a discussion of the amounts of compensation paid to our Named Executive Officers in 2018 under each of these elements. Base Salary We believe that a competitive base salary is necessary to attract and retain a stable executive team. Base salaries for our executive officers are also intended to be competitive with those received by other individuals in similar positions at the companies with which we compete for talent, as well as equitable across the executive team. Generally, we establish the initial base salaries of our executive officers through arm’s-length negotiation at the time we hire the individual executive officer, taking into account his or her position, qualifications, experience, prior salary level, and the base salaries of our other executive officers. Thereafter, the Compensation Committee or our Board of Directors reviews the base salaries of our executive officers, including our Named Executive Officers, at least annually and makes adjustments to base salaries as it determines to be necessary or appropriate. In February 2018, our Board of Directors (with our CEO not present at the meeting) reviewed the base taking into consideration a competitive market analysis performed by salaries of our executive officers, Compensia and the recommendations of our CEO (except with respect to his own base salary), as well as the other factors described above. Following this review, our Board of Directors (with our CEO not present at the meeting) determined that adjustments were necessary and appropriate in most cases to maintain the competitiveness of our executive officers’ target total cash compensation and in those cases decided to increase the base salaries compared to their 2017 levels, effective as of February 1, 2018. The ending base salaries of our Named Executive Officers for 2018 compared to 2017 levels were as follows: Named Executive Officer Ending 2017 Base Salary Ending 2018 Base Salary Amount Increase Percentage Increase Ms. King . . . . . . . . . . . . . . . Mr. Mandia . . . . . . . . . . . . . Mr. Reese . . . . . . . . . . . . . . . Mr. Robbins . . . . . . . . . . . . . Mr. Verdecanna . . . . . . . . . . $366,667 $350,000 $335,000 $450,000 $370,000 $366,667 $425,000 $400,000 $462,500 $400,000 — $75,000 $65,000 $12,500 $30,000 — 21% 19% 3% 8% The base salaries earned by our Named Executive Officers for 2018 are set forth in the “Summary Compensation Table for Fiscal Year 2018” below. Annual Cash Incentive Compensation—Overview We use annual cash incentive compensation paid under our Employee Incentive Plan (the “Incentive Plan”) to motivate our executive officers, including our Named Executive Officers, and designated employees to achieve our short-term financial and operational objectives while making progress towards our longer-term growth and other goals. Consistent with our executive compensation philosophy, this annual cash incentive compensation is intended to help us deliver a competitive total direct compensation opportunity to our executive officers. Under the Incentive Plan, the Compensation Committee or our Board of Directors establishes annual performance measures and related target levels applicable to any cash incentive compensation opportunity under the Incentive Plan each year. Performance objectives that involve our financial results may be determined in -42- accordance with GAAP or may consist of non-GAAP financial measures, and any actual results may be adjusted by the Compensation Committee or our Board of Directors for one-time items or unbudgeted or unexpected items when determining whether the performance objectives have been met. Individual performance objectives may be established on the basis of any factors the Compensation Committee or our Board of Directors determines relevant, and may be adjusted on an individual, divisional, business unit, or Company-wide basis. The performance objectives may differ from participant to participant and from cash incentive compensation opportunity to cash incentive compensation opportunity. The Compensation Committee or our Board of Directors may, in its sole discretion and at any time, increase, reduce, or eliminate a participant’s actual cash payment, and/or increase, reduce, or eliminate the amount of cash allocated for a particular performance period. The actual cash payment may be below, at, or above a participant’s target cash incentive compensation opportunity, in the Compensation Committee’s or our Board of Directors’ sole discretion. The Compensation Committee or our Board of Directors may determine the amount of any reduction or increase on the basis of such factors as it deems relevant, and it is not required to establish any allocation or weighting with respect to the factors it considers. Actual cash incentive compensation is paid only after it is earned. The Compensation Committee and our Board of Directors have the authority to amend, alter, suspend, or terminate annual performance measures and related target levels, provided that such action does not impair the existing rights of any participant with respect to any earned cash incentive compensation. Target Cash Incentive Compensation Opportunities The Compensation Committee or our Board of Directors reviews the performance of each executive officer, including each of our Named Executive Officers, relative to his or her target cash incentive compensation opportunity objectives at its regularly scheduled first quarter meeting. Based on this review, the Compensation Committee (with respect to each executive officer other than our CEO) or our Board of Directors determines and approves the cash payment for each of our eligible executive officers. In February 2018, our Board of Directors reviewed the annual target cash incentive compensation opportunities of our executive officers, taking into consideration a competitive market analysis performed by Compensia and the recommendations of our CEO (except with respect to his own annual target cash incentive compensation opportunity), as well as the other factors described above. Following this review, our Board of Directors (with our sole non-independent director not present at the meeting) determined that adjustments were necessary in most cases to maintain the competitiveness of our executive officers’ cash incentive compensation and in those cases decided to increase the annual target cash incentive compensation opportunities compared to 2017 levels, effective as of February 1, 2018. Additionally, in February 2018, under the terms of the Incentive Plan, our Board of Directors (with our sole non-independent director not present at the meeting) established annual performance measures and related target levels for potential 2018 cash incentive compensation for our executive officers (the “2018 Incentive Compensation Plan”). The 2018 Incentive Compensation Plan provided the eligible executive officers with an opportunity to receive cash incentive compensation in February 2019, subject to the achievement of corporate and individual performance objectives in 2018. P r o x y S t a t e m e n t -43- The annual target cash incentive compensation opportunities of our Named Executive Officers under the 2018 Incentive Compensation Plan were as follows: Named Executive Officer 2017 Target Cash Incentive Compensation Opportunity 2018 Target Cash Incentive Compensation Opportunity Amount Increase Percentage Increase 2018 Target Cash Incentive Compensation Opportunity (as a percentage of ending 2018 annual base salary) Ms. King . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Mandia . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Reese . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Robbins . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Verdecanna . . . . . . . . . . . . . . . . . . . . . . . . $183,333 $350,000 $268,000 $350,000 $185,000 $183,333 $425,000 $320,000 $362,500 $200,000 — $75,000 $52,000 $12,500 $15,000 — 21% 19% 4% 8% 50% 100% 80% 78% 50% Short-Term Incentive Compensation Weighting of Target Cash Incentive Compensation Opportunities Under the 2018 Incentive Compensation Plan, the target cash incentive compensation opportunities of our Named Executive Officers were weighted 75% to corporate performance objectives and 25% to individual performance objectives. Our Board of Directors determined these allocations to be appropriate to focus our executive officers on our short-term financial objectives as reflected in our annual operating plan while, at the same time, recognizing their contributions to the achievement of these objectives and the successful execution of their individual roles and responsibilities. Corporate Performance Objectives For 2018, our Board of Directors selected revenue, non-GAAP operating income, and free cash flow as the corporate performance measures for the 2018 Incentive Compensation Plan.1 Our Board of Directors believed these performance measures were appropriate for our business because they provided a balance between generating revenue and cash, managing our expenses, and growing our business, which it believes most directly influences long-term stockholder value. At the same time, for each of these measures, our Board of Directors established target performance levels that it believed would be challenging, but attainable, through the successful execution of our annual operating plan. For the 2018 Incentive Compensation Plan, each of these corporate performance measures was equally weighted. The actual cash payment with respect to each measure was to be determined independently, in accordance with the following schedules (each, a “2018 Incentive Compensation Plan Payout Schedule”): Achievement Level of 2018 Revenue Payment Factor $986 million or greater At least $906 million but less than $986 million At least $826 million but less than $906 million At least $791 million but less than $826 million At least $756 million but less than $791 million Less than $756 million 150% 125% 100% 75% 50% 0% 1 Free cash flow and non-GAAP operating income are non-GAAP financial measures. A reconciliation of GAAP to non-GAAP financial measures is provided in Annex A included at the end of this proxy statement. -44- Achievement Level of 2018 Non-GAAP Operating Income Payment Factor $45 million or greater At least $30 million but less than $45 million At least $15 million but less than $30 million At least $7.5 million but less than $15 million At least $0 but less than $7.5 million Less than $0 150% 125% 100% 75% 50% 0% Achievement Level of 2018 Free Cash Flow Payment Factor $60 million or greater At least $40 million but less than $60 million At least $20 million but less than $40 million At least $10 million but less than $20 million At least $0 but less than $10 million Less than $0 150% 125% 100% 75% 50% 0% Under the 2018 Incentive Compensation Plan, our Board of Directors or Compensation Committee could adjust the target or achievement levels for each corporate performance measure in the event a merger, acquisition or other unforeseeable future event occurred. Our Board of Directors established the following target levels for the corporate performance measures based on revenue, non-GAAP operating income and free cash flow under the 2018 Incentive Compensation Plan: Financial Measure Revenue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Non-GAAP operating income . . . . . . . . . . . . . . . . . . . . . . Free cash flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Fiscal 2018 Target Level $826.4 million $ 15.0 million $ 20.0 million Percentage of 2018 Target Cash Incentive Compensation Opportunity Based on Three Financial Measures 25% 25% 25% P r o x y S t a t e m e n t Individual Performance Objectives In addition to the corporate performance objectives, the annual cash incentive compensation for our executive officers was also based on each executive officer’s achievement against his or her individual performance objectives. The individual performance objectives for our Named Executive Officers were established by the Compensation Committee in discussions with our CEO (except with respect to his own individual performance objectives). The individual performance objectives could be quantitative or qualitative goals, depending on the organizational priorities for a given year, and typically focused on key departmental or operational objectives or functions. Most of these objectives were intended to provide a set of common goals that facilitated collaborative management and engagement, although our executive officers could also be assigned individual goals. These objectives set expectations for what our Chief Executive Officer and the Compensation Committee anticipated would be the means by which the individual component of cash incentive compensation were determined. In all cases, the individual performance objectives were intended to be challenging, but attainable, and designed to produce annual cash incentive payments that reflect meaningful performance requirements. The individual performance objectives for our Named Executive Officers under the 2018 Incentive Compensation Plan were established at the beginning of 2018, were qualitative in nature and were closely linked to their roles at the time. • Ms. King: Ms. King’s specific goals included building a privacy function, supporting our mergers and acquisition activity, developing and building our patent portfolio and trademarks, managing our equity program, and managing the legal function with respect to commercial, corporate and securities matters. -45- • Mr. Mandia: Mr. Mandia’s specific goals included customer engagement activities, participating in media and press engagements, providing product strategy and vision overall, and other goals related to achieving our externally-communicated financial targets. • Mr. Reese: Mr. Reese’s specific goals included customer engagement activities, business planning tactics for our products, activities, and translating global business priorities into operational subscriptions and services. • Mr. Robbins: Mr. Robbins’ specific goals included driving our sales efforts, assisting with business planning activities, and customer engagement activities. • Mr. Verdecanna: Mr. Verdecanna’s specific goals included business planning activities, public financial reporting activities, investor relations activities, and identifying additional opportunities for corporate performance optimization. The evaluation of our CEO under the 2018 Incentive Compensation Plan was based on an assessment by our Board of Directors (with our CEO not present at the meeting) against his individual performance objectives for the year. The evaluation of each of our other executive officers under the 2018 Incentive Compensation Plan was based on an assessment by our CEO against their respective individual performance objectives for the year. Because our CEO is closest to the performance of the other executive officers, he determined if the individual performance objectives were met, how they were met and whether there were other objectives that were more relevant individual. Our CEO then made his recommendations about to the Compensation Committee, which the achievement Compensation Committee then took into consideration. The Compensation Committee had complete discretion to accept our CEO’s recommendation, or to increase, reduce, or eliminate this aspect of an executive officer’s cash incentive compensation based on any factors it deemed relevant. the individual performance objectives indicators of performance for that for In January 2019, the level of achievement and payment associated with the individual performance objectives established for each executive officer (other than our CEO) were determined by our CEO and then submitted to the Compensation Committee for review and approval. Payments for the individual performance component of the 2018 Incentive Compensation Plan could be up to 150% of the portion of each executive officer’s target cash incentive compensation opportunity allocated to individual performance. 2018 Performance Results and Award Decisions In January 2019, the Compensation Committee determined (with respect to our Named Executive Officers other than our CEO) and our Board of Directors (with our sole non-independent director not present at the meeting and therefore not voting) determined (with respect to our CEO) the levels of our achievement, and corresponding payout levels pursuant to the 2018 Incentive Compensation Plan Payout Schedules, with respect to the corporate performance objectives under the 2018 Incentive Compensation Plan, and approved the following payout levels: Corporate Performance Objective 2018 Target Level Actual 2018 Achievement Corresponding Payout Level Approved Payout Level Revenue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Non-GAAP operating income . . . . . . . . . . . . . . . Free cash flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . $826.4 million $ 15.0 million $ 20.0 million $831.0 million $ 23.7 million $ 10.1 million 100% 100% 75% 100% 100% 75% -46- Also in January 2019, the Compensation Committee (with respect to our Named Executive Officers other than our CEO) and our Board of Directors (with respect to our CEO) determined (with our sole non-independent director not present at the meeting and therefore not voting) that the individual performance objectives had been attained at the following percentage levels: Named Executive Officer Individual Performance Objectives Attainment Level Ms. King . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Mandia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Reese . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Robbins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Verdecanna . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125% 125% 125% 125% 125% Additionally, in January 2019, based on its review of our overall performance in 2018 against the corporate performance objectives and, to the extent applicable, the achievement of individual performance objectives of our Named Executive Officers as described above, the Compensation Committee determined (with respect to our Named Executive Officers other than our CEO), and our Board of Directors (with respect to our CEO) determined (with our sole non-independent director not present at the meeting and therefore not voting), to award cash payments under the 2018 Incentive Compensation Plan as follows to our Named Executive Officers: Named Executive Officer 2018 Target Cash Incentive Compensation Opportunity Ms. King . . . . . . . . . . . . . . . . . . . . . . Mr. Mandia . . . . . . . . . . . . . . . . . . . . Mr. Reese . . . . . . . . . . . . . . . . . . . . . . Mr. Robbins . . . . . . . . . . . . . . . . . . . . Mr. Verdecanna . . . . . . . . . . . . . . . . . $183,333 $425,000 $320,000 $362,500 $200,000 Amount Related to Corporate Financial Objectives $137,500 $318,750 $240,000 $271,875 $150,000 Amount Related to Individual Performance Objectives $ 45,833 $106,250 $ 80,000 $ 90,625 $ 50,000 Actual Cash Incentive Payment $183,333 $425,000 $320,000 $362,500 $200,000 Percentage of Target Cash Incentive Compensation Opportunity 100% 100% 100% 100% 100% The cash amounts paid to our Named Executive Officers under the 2018 Incentive Compensation Plan are set forth in the “Summary Compensation Table for Fiscal Year 2018” below under the heading “Non-Equity Incentive Plan Compensation.” Long-Term Incentive Compensation We believe that if our executive officers own shares of our common stock in amounts that are significant to them, they will have an incentive to act to maximize long-term stockholder value. As discussed in the section “Other Compensation Policies” below, we use stock ownership guidelines to complement our long-term incentive compensation arrangements, so our executive officers maintain a strong link to the interests of our stockholders and to the movements in our stock price. We also believe that long-term incentive compensation in the form of equity awards is an integral component of our efforts to attract and retain exceptional executive officers. In the past five years, we have relied on RSU awards that may be settled for shares of our common stock and PSU awards pursuant to which shares of our common stock may be earned as the principal vehicles for delivering long-term incentive compensation opportunities to our executive officers. We believe this approach enables us to attract and retain key talent in our industry and aligns our executive team’s interests with the long- term interests of our stockholders. Generally, in determining the size of the equity awards granted to our executive officers, the Compensation Committee or our Board of Directors, as applicable, takes into consideration the recommendations of our Chief Executive Officer (except with respect to his own equity awards), as well as the factors described above. The Compensation Committee or our Board of Directors, as applicable, also considers the dilutive effect of our long- term incentive compensation practices, and the overall impact that these equity awards, as well as awards to other employees, will have on stockholder value. -47- P r o x y S t a t e m e n t 2018 Awards In February 2018, our Board of Directors granted equity awards to our Named Executive Officers, in recognition of our financial results and their individual performance for 2017 and, in the case of our CEO, his continued effectiveness in overseeing the efforts of our executive officers to achieve our short-term and long- term business objectives. In determining the amount of the equity awards for our Named Executive Officers (other than our CEO), our Board of Directors took into consideration the recommendations of our CEO, as well as the factors described above. With respect to the equity awards for our CEO, our Board of Directors (with our sole non-independent director not present at the meeting) took into consideration the factors described above and determined that, given his responsibilities and importance to us, our CEO’s equity awards should be larger than the awards of the other executive officers to reflect his greater role and responsibilities. Our Board of Directors also considered the existing equity holdings of our Named Executive Officers, including the current economic value of their unvested equity awards and the ability of these unvested holdings to satisfy our retention objectives. Later in February 2018, at the request of our CEO and in an effort to remain competitive in retaining our executive officers, the Compensation Committee further reviewed the existing equity holdings of Mr. Robbins, including the RSU award covering 75,000 shares and PSU award covering 75,000 shares at target granted to him earlier in February 2018. Following this review, the Compensation Committee granted two additional RSU awards covering 25,000 and 17,000 shares, respectively, and one additional PSU award covering 25,000 shares at target to Mr. Robbins based on its determination that such awards were necessary and appropriate to maintain the competitiveness of his target total direct compensation. In determining the amount of the additional equity awards for Mr. Robbins, the Compensation Committee took into consideration the competitive market analysis performed by Compensia, the recommendation of our CEO, the current economic value of Mr. Robbins’ unvested equity awards and the ability of these unvested holdings to satisfy our retention objectives. The equity awards granted to our Named Executive Officers in February 2018 consisted of both RSU and PSU awards, and the total number of shares of our common stock underlying all of the RSU awards and the target and maximum number of shares of our common stock underlying all of the PSU awards granted in February 2018 were as follows: RSU Awards PSU Awards Named Executive Officer Number of Shares Ms. King . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Mandia . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Reese . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Robbins . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Verdecanna . . . . . . . . . . . . . . . . . . . . . . . . 50,000 200,000 150,000 117,000 87,500 Target Number of Shares under PSU Awards for 2018 Performance Year Maximum Number of Shares (assuming overachievement) 50,000 200,000 150,000 100,000 87,500 75,000 300,000 225,000 150,000 131,250 The RSU awards were subject to a time-based vesting requirement. Pursuant to this vesting requirement, with respect to all of the RSU awards (other than the RSU award granted to Mr. Robbins for 17,000 shares), one-fourth of the shares of our common stock subject to the RSU awards will vest on each of the first four anniversaries of February 15, 2018, with the vesting in each case being subject to the executive officer’s continued service with us through the applicable vesting date. Mr. Robbins’ RSU award for 17,000 shares vested in full in May 2018. The PSU awards were subject to both a performance condition and a time-based vesting requirement. Pursuant to the performance condition, half of the number of shares of our common stock that could be earned under a PSU award was based on pre-established threshold, target, and maximum performance levels for our billings in 2018, and the other half of the number of shares of our common stock that could be earned under the PSU award was based on pre-established threshold, target, and maximum performance levels for our non-GAAP -48- operating income in 2018.2 The target performance level for our billings performance measure in 2018 was $859.0 million, and the target performance level for our non-GAAP operating income performance measure in 2018 was $15.0 million. The PSU awards provided that, for the performance period commencing on January 1, 2018 and ending on December 31, 2018, the number of shares of our common stock earned with respect to a particular performance measure would be determined independently, in accordance with the following payout schedules (each, a “2018 PSU Payout Schedule”): Achievement Level of 2018 Billings Payment Factor $1.029 billion or greater At least $949 million but less than $1.029 billion At least $859 million but less than $949 million At least $814 million but less than $859 million At least $769 million but less than $814 million Less than $769 million 150% 125% 100% 75% 50% 0% Achievement Level of 2018 Non-GAAP Operating Income Payment Factor $45 million or greater At least $30 million but less than $45 million At least $15 million but less than $30 million At least $7.5 million but less than $15 million At least $0 but less than $7.5 million Less than $0 150% 125% 100% 75% 50% 0% With respect to the time-based vesting requirement, the PSU awards provided that one-fourth of the total number of shares earned for the performance period and approved for release would vest on each of the first four anniversaries of February 15, 2018, with the vesting in each case being subject to the executive officer’s continued service with us through the applicable vesting date. Payout of 2018 PSU Awards In February 2019, our Board of Directors determined that, with our actual billings in 2018 being $855.7 million, the billings performance measure under the applicable PSU awards described above was achieved in the “at least $814 million but less than $859 million” band in the 2018 PSU Payout Schedule for billings, equating to 75% of the target number of shares of our common stock being earned pursuant to the performance requirements for the portions of the PSU awards tied to 2018 billings performance. Our Board of Directors also determined that, with our actual non-GAAP operating income in 2018 being the non-GAAP operating income performance measure under the applicable PSU awards $23.7 million, described above was achieved in the “at least $15 million but less than $30 million” band in the 2018 PSU Payout Schedule for non-GAAP operating income, equating to 100% of the target number of shares of our common stock earned pursuant to the performance requirements for the portions of the PSU awards tied to 2018 non-GAAP operating income performance. For the PSU awards which were measured half on 2018 billings performance and half on 2018 non-GAAP operating income performance, the blended payout for both measures represented 87.5% of the target number of shares of our common stock under such PSU awards being earned. 2 Billings and non-GAAP operating income are non-GAAP financial measures. A reconciliation of GAAP to non-GAAP financial measures is provided in Annex A included at the end of this proxy statement. -49- P r o x y S t a t e m e n t The following table sets forth the number of shares earned and approved for release, and the corresponding number of shares cancelled, for all of the PSU awards granted in 2018 to our Named Executive Officers: Named Executive Officer Target Number of Shares under PSU Awards Granted in 2018 Approved Payout Level Actual Number of Shares Approved for Release under PSU Awards Number of Shares Cancelled under PSU Awards Ms. King . . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Mandia . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Reese . . . . . . . . . . . . . . . . . . . . . . . . . . Mr. Robbins . . . . . . . . . . . . . . . . . . . . . . . . Mr. Verdecanna . . . . . . . . . . . . . . . . . . . . . 50,000 200,000 150,000 100,000 87,500 87.5% 87.5% 87.5% 87.5% 87.5% 43,748 175,000 131,248 87,496 76,562 6,252 25,000 18,752 12,504 10,938 The equity awards granted in 2018 to our Named Executive Officers are set forth in the “Summary Compensation Table for Fiscal Year 2018” and the “Grants of Plan-Based Awards Table for Fiscal Year 2018” below. 2016 Award for Mr. Robbins In December 2016, in connection with Mr. Robbins joining FireEye, the Compensation Committee granted him a PSU award with a target of 50,000 shares of our common stock to be earned based on 2018 company performance. While the entire award originally was based on a billings performance measure, in April 2018 it was amended to instead be based half to our billings in 2018 and the other half to our non-GAAP operating income in 2018 in order to align with the two performance measures and payout schedules for the PSU awards granted in 2018 to our executive officers. Pursuant to the performance condition under the PSU award, half of the number of shares of our common stock that could be earned for the 2018 performance year was based on pre-established threshold, target, and maximum performance levels for our billings in 2018, and the other half of the number of shares of our common stock that could be earned for the 2018 performance year was based on pre-established threshold, target, and maximum performance levels for our non-GAAP operating income in 2018. The target performance levels were the same as for the PSU awards granted to Mr. Robbins in February 2018. The PSU award provided that, for the 2018 performance year, the number of shares earned would be determined in accordance with the 2018 PSU Payout Schedules. Pursuant to the vesting requirement, the PSU award provided that the shares earned for the 2018 performance year would vest in February 2019, subject to Mr. Robbin’s continued service with us through the vesting date. In February 2019, our Board of Directors determined that, with our actual billings in 2018 being $855.7 million, the billings performance measure under the PSU award was achieved in the “at least $814 million but less than $859 million” band in the 2018 PSU Payout Schedule for billings, equating to 75% of the target number of shares of our common stock being earned pursuant to the performance requirements for the portion of the PSU award tied to 2018 billings performance. Our Board of Directors also determined that, with our actual non-GAAP operating income in 2018 being $23.7 million, the non-GAAP operating income performance measure under the PSU award was achieved in the “at least $15 million but less than $30 million” band in the 2018 PSU Payout Schedule for non-GAAP operating income, equating to 100% of the target number of shares of our common stock earned pursuant to the performance requirements for the portion of the PSU award tied to 2018 non-GAAP operating income performance. As a result, the approved payout under the PSU award for both measures was 43,750 shares of our common stock, which represented 87.5% of the target number of shares of our common stock under the PSU award being earned, and 6,250 shares of our common stock underlying the PSU award were cancelled. -50- 2015 Award for Mr. Verdecanna In connection with our annual equity refresh program for non-executive employees in 2015, the Compensation Committee granted to Mr. Verdecanna a PSU award in May 2015 with a target of 1,625 shares of our common stock tied to 2018 company performance. While the entire award originally was based on a bookings performance measure, in April 2018 it was amended to instead be based on our billings in 2018 in order to align with the billings performance measure and payout schedule under the PSU awards granted in 2018 to our executive officers. Pursuant to the performance condition under the PSU award, the number of shares of our common stock that could be earned under the PSU award for the 2018 performance year was based on pre-established threshold, target, and maximum performance levels for our billings in 2018 year. The target performance level for our billings in 2018 was the same as for the PSU award granted to Mr. Verdecanna in February 2018. The PSU award provided that, for the 2018 performance year, the number of shares of our common stock earned would be determined in accordance with the 2018 PSU Payout Schedule for billings. Pursuant to the vesting requirement, the PSU award provided that the shares earned for the 2018 performance year would vest in February 2019, subject to Mr. Verdecanna’ continued service with us through the vesting date. In February 2019, our Board of Directors determined that, with our actual billings in 2018 being $855.7 million, the billings performance measure under the PSU award was achieved in the “at least $814 million but less than $859 million” band in the 2018 PSU Payout Schedule for billings, equating to 75% of the target number of shares of our common stock being earned pursuant to the performance requirements for the PSU award. As a result, the approved payout under the PSU award was 1,218 shares of our common stock, which represented 75% of the target number of shares of our common stock under the PSU award being earned, and 407 shares of our common stock underlying the PSU award were cancelled. Welfare and Health Benefits We maintain a tax-qualified retirement plan (the “FireEye 401(k) plan”) under Section 401(k) of the Internal Revenue Code (the “Code”) for our executive officers and other employees who satisfy certain eligibility requirements, including requirements relating to age and length of service. The FireEye 401(k) plan provides eligible employees with an opportunity to save for retirement on a tax-advantaged basis. This plan is intended to qualify under Sections 401(a) and 501(a) of the Code so that contributions by employees to the plans, and income earned on plan contributions, are not taxable to employees until distributed from the applicable plan. In addition, all contributions are deductible by us when made. All participants’ interests in their deferrals are 100% vested when contributed under the FireEye 401(k) plan. Pre-tax contributions are allocated to each participant’s individual account and are then invested in selected investment alternatives according to the participants’ directions. In 2018, we made no matching contributions into the FireEye 401(k) plan. In addition, we provide other benefits to our executive officers on the same basis as all of our full-time employees. These benefits include health, dental and vision benefits, health and dependent care flexible spending accounts, short-term and long-term disability insurance, accidental death and dismemberment insurance, and basic life insurance coverage. We also provide flexible time off and other paid holidays to all employees, including our executive officers. We do not offer our employees a non-qualified deferred compensation plan or pension plan. We design our employee benefits programs to be affordable and competitive in relation to the market, as well as compliant with applicable laws and practices. We adjust our employee benefits programs as needed based upon regular monitoring of applicable laws and practices, the competitive market and our employees’ needs. -51- P r o x y S t a t e m e n t Perquisites and Other Personal Benefits Currently, we do not view perquisites or other personal benefits as a significant component of our executive compensation program. Accordingly, we do not provide perquisites to our executive officers, except in situations where we believe it is appropriate to assist an individual in the performance of his or her duties, to make our executive officers more efficient and effective, for recruitment and retention purposes, or consistent with benefits provided to our other full-time employees. For example, we may ask executive officers and their spouses to participate in our annual President’s Club events offered as rewards to certain other employees for excellent sales or other performance. We treat the expenses of spouses as taxable income to the executives. Because spousal participation is at our request and can be disruptive to other plans they may have, we provide a tax “gross up” payment on that imputed income. In the future, we may provide perquisites or other personal benefits to our executive officers in limited circumstances, such as where we believe it is appropriate to assist an individual executive officer in the performance of his or her duties, to make our executive officers more efficient and effective, for recruitment, motivation or retention purposes, or consistent with benefits provided to our other full-time employees. We do not expect that these perquisites or other personal benefits will be a significant aspect of our executive compensation program. All future practices with respect to perquisites or other personal benefits will be approved and subject to periodic review by the Compensation Committee. Employment Arrangements We have entered into written employment offer letters with each of our Named Executive Officers. Each of these arrangements was approved on our behalf by our Board of Directors or the Compensation Committee, as applicable. We believe that these arrangements were appropriate to induce these individuals to forego other employment opportunities or leave their current employer for the uncertainty of a demanding position in a new and unfamiliar organization. In filling these executive positions, our Board of Directors or the Compensation Committee, as applicable, was aware that it would be necessary to recruit candidates with the requisite experience and skills to manage a growing business in a dynamic and ever-changing industry. Accordingly, it recognized that it would need to develop competitive compensation packages to attract qualified candidates in a highly-competitive labor market. At the same time, our Board of Directors or the Compensation Committee, as applicable, was sensitive to the need to integrate new executive officers into the executive compensation structure that it was seeking to develop, balancing both competitive and internal equity considerations. Each of these employment offer letters provides for “at will” employment and sets forth the initial compensation arrangements for our Named Executive Officer, including an initial base salary, an annual target cash incentive compensation opportunity, and, in some instances, a recommendation for an equity award. For a summary of the material terms and conditions of the employment offer letters with each of our Named Executive Officers, see the section titled “—Employment Agreements for Executive Officers” below. Post-Employment Compensation Prior to July 2013, the employment offer letters that we entered into with certain of our executive officers provided for certain payments and benefits in the event of their termination of employment under specified circumstances, including following a change in control of the Company. We believed that these arrangements were significant factors in the recruitment of these executive officers and would help these individuals maintain continued focus and dedication to their responsibilities to help maximize stockholder value if there was a potential transaction that could involve a change in control of the Company. In July 2013, the Compensation Committee adopted a Change of Control Severance Policy for Officers (the “Severance Policy”), a standardized approach for the payment of severance and change in control benefits to our -52- executive officers. Under the Severance Policy, the rights of our executive officers upon an involuntary termination of employment, including an involuntary termination of employment following a change in control of the Company, were established on a uniform basis. In addition, the post-employment compensation and benefits of our executive officers were established separately from their other compensation elements. The Severance Policy is applicable to all new executive officers hired since July 2013. In addition, our executive officers were given the opportunity to waive the existing severance and change in control protections in their employment offer letters in favor of the Severance Policy. Ms. King, our only Named Executive Officer who was an executive officer at July 2013, agreed to relinquish the severance payments and benefits otherwise provided in her employment offer letter in exchange for eligibility to receive payments and benefits under the Severance Policy. We believe the Severance Policy serves several objectives. First, it eliminates the need to negotiate separation payments and benefits on a case-by-case basis. It also helps assure an executive officer that his or her severance payments and benefits are comparable to those of other executive officers with similar levels of responsibility. Further, it acts as an incentive for our executive officers to remain employed and focused on their responsibilities during the threat or negotiation of a change-in-control transaction, which we believe will help preserve our value and the potential benefit to be received by our stockholders in any such transaction. Finally, the Severance Policy is easier for us to administer, as it requires less time and expense. The Severance Policy contemplates that the payments and benefits in the event of a change in control of the Company are payable only upon a “double trigger”; that is, only following a change in control and a qualifying termination of employment, including a termination of employment without cause or a resignation for good reason, and in each case requires that the executive officer execute a general release of claims in favor of the Company. In addition, the Severance Policy provides payments and benefits to our executive officers for qualified terminations of employment unrelated to a change in control of the Company. For a summary of the material terms and conditions of the Severance Policy, see the sections titled “—Change of Control Severance Policy for Officers” and “—Potential Payments upon a Change of Control, upon Termination or upon Termination Following a Change of Control” below. Other Compensation Policies Stock Ownership Guidelines We believe that stock ownership by our executive officers and the non-employee members of our Board of Directors is important to link the risks and rewards inherent in stock ownership of these individuals and our stockholders. Our Board of Directors has adopted formal stock ownership guidelines that require our executive officers and the non-employee members of our Board of Directors to own a minimum number of shares of our common stock. These mandatory ownership levels are intended to create a clear standard that ties a portion of these individuals’ economic interests to the performance of our stock price. Compliance is evaluated on an annual basis, as determined by the Compensation Committee, and not on an ongoing basis. Shares of our common stock underlying RSU awards that are not then subject to achievement of performance conditions and the shares of our common stock subject to vested stock options (on a net exercise basis) count toward meeting the requirements. The current required ownership levels are as follows: Individual Subject to Ownership Guidelines Minimum Required Level of Stock Ownership Chief Executive Officer Other Executive Officers Non-employee members of Board of Directors 6x base salary 1x base salary 3x annual retainer During any year in which an individual’s required ownership level is not met, he or she is required to retain at least 50% of the net shares following the exercise of stock options, the vesting of RSU awards or the vesting of -53- P r o x y S t a t e m e n t PSU awards until the required ownership level has been met. The guidelines provide that in the event the annual retainer (or any portion thereof) is paid to a non-employee member of our Board of Directors in equity instead of cash, the annual retainer (or applicable portion thereof) means the grant date fair value of the annual equity award (or applicable portion thereof) for regular service on our Board of Directors. In March 2019, the Compensation Committee evaluated executive officer and director compliance with the guidelines for 2018 and determined that our CEO, each of our other executive officers and three non-employee members of our Board of Directors had satisfied his or her required stock ownership level. Messrs. McDermott, Pusey and Switz, who are non-employee members of our Board of Directors, are within a grace period, defined as five years from the date of first becoming subject to the guidelines, and, thus, are still in the process of satisfying their required stock ownership level. Clawback Policy Our Board of Directors has adopted a clawback policy allowing it to require the repayment or forfeiture of all or part of any performance-based cash incentive compensation, performance-based equity award or other performance-based award paid or granted to our executive officers where the payment, grant or vesting of such compensation or award was based on the achievement of financial results that were subsequently the subject of a financial restatement and where the restatement was intended to correct the result of fraud or intentional misconduct. This policy only applies to current and former executive officers subject to the reporting requirements of Section 16 of the Exchange Act who were involved in the fraud or misconduct. In addition to the foregoing, our Chief Executive Officer and our Chief Financial Officer are subject to the compensation recovery provisions of Section 304 of the Sarbanes-Oxley Act. Equity Award Grant Policy We maintain an Equity Award Grant Policy that provides the following guidelines to be observed by the Compensation Committee and our Board of Directors when granting equity awards under the Company’s equity compensation plans: • • • • Any equity awards granted by the Compensation Committee to our Chief Executive Officer are subject to the ratification of our Board of Directors (with any non-independent directors abstaining from the vote). Generally, equity awards for new hires will be granted on a monthly basis. An equity award granted to a new hire may not have a grant date prior to such individual’s first date of bona fide employment or service. The Compensation Committee, our Board of Directors, and/or the Equity Award Committee (a committee, consisting of our Chief Financial Officer and our General Counsel, to which the Compensation Committee has delegated non-exclusive authority to grant equity awards to employees where the award falls within prescribed guidelines approved by the Compensation Committee) has the authority to grant occasional retention, promotion, or merit equity awards during the year in a manner that is consistent with the terms of this policy. Equity awards should not be timed in relation to the release of material non-public information, and it is the intent of the policy to specify the timing of effectiveness of equity award grants to avoid such timing. Under our current equity compensation plan, the exercise price of any option to purchase shares of our common stock may not be less than the fair market value of our common stock on the date of grant. Derivatives Trading, Hedging, and Pledging Policies Our insider trading policy prohibits our executive officers and the non-employee members of our Board of Directors from, among other things, derivative securities transactions, including any hedging, with respect to -54- shares of our common stock and from pledging Company securities as collateral or holding Company securities in a margin account. Risk Assessment and Compensation Practices Our management assesses and discusses with the Compensation Committee our compensation policies and practices for our employees as they relate to our risk management, and based upon this assessment, we believe that, for the following reasons, any risks arising from such policies and practices are not reasonably likely to have a material adverse effect on us in the future: • • Our annual incentive plan considers a multiple of corporate and individual performance factors and allows the Compensation Committee to review performance on a holistic basis minimizing risk related to our short-term variable compensation; and Our equity awards include multi-year vesting and/or performance schedules requiring a long-term employee commitment. Tax and Accounting Considerations Deductibility of Executive Compensation Section 162(m) of the Code limits the amount of compensation that we may deduct in any one year for compensation paid to the Chief Executive Officer and certain other most highly compensated executive officers for compensation earned after 2017) to $1 million. While the (including the Chief Financial Officer Compensation Committee considers the deductibility of compensation as a factor in making compensation decisions, the Compensation Committee retains the flexibility to provide compensation that is consistent with our goals for our executive compensation program even if such compensation is not fully tax deductible. Accordingly, the Compensation Committee may make decisions that result in compensation expense that is not fully deductible under Section 162(m) of the Code. Taxation of Nonqualified Deferred Compensation Section 409A of the Code requires that amounts that qualify as “nonqualified deferred compensation” satisfy requirements with respect to the timing of deferral elections, timing of payments, and certain other matters. Generally, the Compensation Committee intends to administer our executive compensation program and design individual compensation components, as well as the compensation plans and arrangements for our employees generally, so that they are either exempt from, or satisfy the requirements of, Section 409A. From time to time, we may be required to amend some of our compensation plans and arrangements to ensure that they are either exempt from, or compliant with, Section 409A. Taxation of “Parachute” Payments Sections 280G and 4999 of the Code provide that executive officers and directors who hold significant equity interests and certain other service providers may be subject to significant additional taxes if they receive payments or benefits in connection with a change in control of the Company that exceeds certain prescribed limits, and that the Company (or a successor) may forfeit a deduction on the amounts subject to this additional tax. We are not obligated to provide any Named Executive Officer with a “gross-up” or other reimbursement payment for any tax liability that he or she may owe as a result of the application of Sections 280G or 4999 in the event of a change in control of the Company. Accounting for Stock-Based Compensation The Compensation Committee takes accounting considerations into account in designing compensation plans and arrangements for our executive officers and other employees. Chief among these is Financial Accounting Standards Board Accounting Standards Codification Topic 718 (“ASC Topic 718”), the standard which governs the accounting treatment of stock-based compensation awards. -55- P r o x y S t a t e m e n t ASC Topic 718 requires us to recognize in our financial statements all share-based payment awards to employees, including grants of options to purchase shares of our common stock and restricted stock awards that may be settled for shares of our common stock to our executive officers, based on their fair values. For certain performance-based stock awards, we also must apply judgment in determining the periods when, and if, the achievement of the related performance targets becomes probable. ASC Topic 718 also requires us to recognize the compensation cost of our share-based payment awards in our income statement over the period that an employee, including our executive officers, is required to render service in exchange for the award (which, generally, will correspond to the award’s vesting schedule). Compensation Committee Report The information contained in the following Compensation Committee Report shall not be deemed to be soliciting material or to be filed with the Securities and Exchange Commission, nor shall such information be incorporated by reference into any future filing under the Securities Act of 1933, as amended, or the Securities Exchange Act of 1934, as amended, except to the extent that the Company specifically incorporates it by reference in such filing. Our compensation committee has reviewed and discussed the Compensation Discussion and Analysis required by 402(b) of Regulation S-K with management. Based on this review and discussion, our compensation committee recommended to our board of directors that the Compensation Discussion and Analysis be included in this proxy statement. Respectfully submitted by the members of the compensation committee of our board of directors: Enrique Salem (Chair) Ronald E. F. Codd Adrian McDermott Stephen Pusey -56- Summary Compensation Table for Fiscal Year 2018 The following table provides information regarding the compensation awarded to, or earned by, our Named Executive Officers during 2016, 2017 and 2018. Name and Principal Position Kevin R. Mandia, . . . . . . . . . . . . . . . . . . . . . . . . Chief Executive Officer Frank E. Verdecanna, . . . . . . . . . . . . . . . . . . . . Executive Vice President, Chief Financial Officer and Chief Accounting Officer Alexa King, . . . . . . . . . . . . . . . . . . . . . . . . . . . . Executive Vice President, General Counsel and Secretary Travis M. Reese, President . . . . . . . . . . . . . . . . . . . . . . . . William T. Robbins, . . . . . . . . . . . . . . . . . . . . . Executive Vice President of Worldwide Sales Year 2018 2017 2016 2018 2017 2016 2018 2017 2016 2018 2017 2016 2018 2017 2016 Salary ($) Bonus ($)(1) Stock Awards ($)(2) Option Awards ($) Non-Equity Incentive Plan Compensation ($)(3) All Other Compensation ($)(4) 418,750 350,000 343,750 — — 48,125 5,668,000 6,095,000 7,175,000 397,500 360,833 260,000 — — — 2,479,750 3,801,250 192,320 366,667 337,500 305,000 — — 21,771 1,417,000 2,111,250 2,001,000 394,583 335,000 331,250 — — 36,850 4,251,000 3,275,534 6,077,000 461,458 450,000 52,841 — — 5,784 3,220,280 — 6,502,125 — — — — — — — — — — — — — — — 425,000 353,500 214,375 200,000 186,850 90,090 183,333 185,166 96,979 320,000 270,680 164,150 362,500 353,500 25,772 32,918 990 34,644 1,320 1,757 15,559 1,518 990 30,836 990 108,250 126,057 17,678 1,848 110 Total ($) 6,544,668 6,799,490 7,815,894 3,078,570 4,350,690 557,969 1,968,518 2,634,906 2,455,586 4,966,573 3,989,464 6,735,307 4,061,916 805,348 6,586,632 (1) The amounts reported in this column represent discretionary cash bonuses earned in 2016 but paid in 2017. All other annual cash incentive compensation is shown in the column for “Non-Equity Incentive Plan Compensation.” (2) The amounts reported in this column represent the aggregate grant date fair value of time-based restricted stock units (“RSUs”) and performance-based restricted stock units (“PSUs”) as computed in accordance with Financial Accounting Standard Board Accounting Standards Codification Topic 718. The assumptions used in calculating the grant date fair value of the awards reported in this column are set forth in the notes to our audited consolidated financial statements included in our Annual Report on Form 10-K, as filed with the SEC on February 25, 2019. The PSUs were valued based on the probable (target) outcome of performance- based conditions (i.e., based on 100% achievement). If the PSUs were instead valued based on the maximum outcome of performance-based conditions (i.e., based on 150% achievement), the total amount represented in this column for 2018 would be as follows: Ms. King: $1,771,250; Mr. Mandia: $7,085,000; Mr. Reese: $5,313,750; Mr. Robbins: $3,955,905; and Mr. Verdecanna: $3,099,688. (3) The amounts reported in this column represent amounts paid under the Employee Incentive Plan, except with respect to Mr. Verdecanna for 2016. With respect to Mr. Verdecanna for 2016, represents amounts paid under the FireEye 2016 Incentive Plan. (4) For 2018, the amounts reported in this column include: (i) for Mr. Mandia, $31,928 in tax gross-up payments relating to travel expenses for his spouse for our President’s Club sales awards event; and (ii) for Mr. Robbins, $15,830 in tax gross-up payments relating to travel expenses for his spouse for our President’s Club sales awards event. P r o x y S t a t e m e n t -57- Grants of Plan-Based Awards Table for Fiscal Year 2018 The following table provides information regarding the amount of equity awards granted to our Named Executive Officers during 2018. Name Alexa King . . . . . . . . . . . . Kevin R. Mandia . . . . . . . Travis M. Reese . . . . . . . . William T. Robbins . . . . . Frank E. Verdecanna . . . . Estimated Future Payouts Under Non-Equity Incentive Plan Awards(1) Estimated Future Payouts Under Equity Incentive Plan Awards(2) Grant Date Threshold ($) Target ($) Maximum ($) Target (#) Maximum (#) All Other Stock Awards: Number of Shares of Stock or Units(#)(3) Grant Date Fair Value of Stock and Option Awards($)(4) — — — — 2/7/18 — 2/7/18 — — 2/7/18 — 2/7/18 — — 2/7/18 — 2/7/18 — — 2/7/18 — 2/7/18 — 2/18/18 — 2/18/18 — 2/18/18 — — 2/7/18 — 2/7/18 — — — — — — — — — — — 183,333 275,000 708,500 708,500 — 50,000 — — 2,834,000 2,834,000 — — 75,000 — 50,000 — — — — — 425,000 637,500 — 200,000 300,000 — 200,000 — — — — — 320,000 480,000 — 2,125,500 — 150,000 225,000 — 150,000 — 2,125,500 — — — — 362,500 543,750 — 1,062,750 — 75,000 112,500 1,062,750 — — — 408,500 37,500 — 25,000 408,500 — — — 277,780 — — — — — — 200,000 300,000 — 87,500 131,250 — — — 75,000 — 25,000 17,000 — — 1,239,875 1,239,875 — — — — — 87,500 — — — — (1) The amounts reported in the Estimated Future Payouts Under Non-Equity Incentive Plan Awards columns relate to amounts payable for the achievement of the 2018 performance metrics established by our compensation committee under our Employee Incentive Plan. The target column assumes the achievement of the corporate performance metrics and the individual performance metrics at the target level. The maximum column assumes the achievement of the corporate performance metrics and the individual performance metrics at the maximum level. Notwithstanding the level of performance achieved by our Named Executive Officers, our compensation committee reserves the right to increase, reduce or eliminate any incentive compensation in its discretion. The actual amounts paid to our Named Executive Officers are set forth in the Summary Compensation Table for Fiscal Year 2018 above. For more information, see the section titled “Compensation Discussion and Analysis—Compensation Elements” above. (2) Represents performance-based restricted stock unit awards which were granted under the FireEye, Inc. 2013 Equity Incentive Plan. For more information, see the section titled “Compensation Discussion and Analysis—Compensation Elements” above. (3) Represents restricted stock unit awards which were granted under the FireEye, Inc. 2013 Equity Incentive Plan. (4) The amounts reported in this column represent the aggregate grant date fair value of the award as computed in accordance with Financial Accounting Standard Board Accounting Standards Codification Topic 718. The assumptions used in calculating the grant date fair value of the awards reported in this column are set forth in the notes to our audited consolidated financial statements included in our Annual Report on Form 10-K, as filed with the SEC on February 25, 2019. -58- Outstanding Equity Awards at 2018 Fiscal Year-End Table The following table presents certain information concerning equity awards held by our Named Executive Officers as of December 31, 2018. Option Awards Stock Awards(1) Equity incentive plan awards: market or payout value of unearned shares, units or other rights that have not vested($)(2) Equity incentive plan awards: number of unearned shares, units or other rights that have not vested(#) Number of Shares or Units of Stock that have not Vested (#) Market Value of Shares or Units of Stock that have not Vested ($)(2) Number of Securities Underlying Unexercised Options (#) Exercisable Number of Securities Underlying Unexercised Options (#) Unexercisable Option Exercise Price ($) Option Expiration Date — — — — — — — — — — — — — — — — 20,657 93,961 — — — — — — — — — — — — — — — 29,497 58,495 — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — 7.92 9.56 — — — — — — — — — — — — — — — 3.66 3.66 — — — — — — — — — 40,525 2,500 — 270,172 16,667 — 40,525 2,500 — 202,625 — 12,500 1,175,193 — 72,498 1,013,125 — 62,500 709,155 — 43,748 810,500 — 50,000 101,313 6,250 — 675,422 — 41,667 202,625 — 12,500 1,013,125 — 62,500 3,133,912 — 193,332 2,701,672 — 166,667 2,836,750 — 175,000 3,242,000 — 200,000 — — — — 202,625 12,500 — 40,525 2,500 — 270,172 16,667 — 202,625 12,500 — 1,013,125 62,500 — 1,823,317 112,481 — 1,571,835 99,967 — 2,127,530 — 131,248 — 150,000 2,431,500 — 43,750(16) 709,188 1,621,000 — 100,000 1,063,765 — 65,624 1,215,750 — 75,000 354,545 — 21,872 405,250 — 25,000 — — — — 19,744 1,218 — 13,179 813 — — — — 940,180 — 58,000 810,500 — 50,000 783,462 — 48,332 675,406 — 41,666 1,241,070 — 76,562 1,418,375 — 87,500 P r o x y S t a t e m e n t — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — 100,000(17) 1,621,000 — — — — — — — — — 8,000(20) 129,680 — — — — — — — — — — — — — — — — — — — — — 1/23/2023 11/15/2023 11/10/2022 11/10/2022 Name Alexa King . . . . . . . . . Kevin R. Mandia . . . . . Travis M. Reese . . . . . . Grant Date 2/9/16(3) 2/9/16(4) 5/5/16(5) 5/5/16(6) 2/9/17(5) 2/9/17(7) 2/7/2018(8) 2/7/2018(9) 2/9/16(3) 2/9/16(4) 5/3/16(5) 5/3/16(10) 3/27/2017(5) 3/27/2017(11) 2/7/2018(8) 2/7/2018(9) 1/24/13(12) 11/16/13(12) 5/27/15(13) 2/9/16(3) 2/9/16(4) 5/5/16(5) 5/5/16(10) 2/9/17(14) 2/9/17(15) 2/7/2018(8) 2/7/2018(9) William T. Robbins . . . 12/27/16 12/27/16(18) 2/7/2018(8) 2/7/2018(9) 2/18/2018(8) 2/18/2018(9) Frank E. Verdecanna . . 11/11/12(12) 11/11/12(12) 5/27/15(3) 5/27/15(19) 2/9/16 2/1/17(5) 2/1/17(7) 7/31/17(5) 7/31/2017(21) 2/7/2018(8) 2/7/2018(9) (1) Unless otherwise described in the footnotes below, represents (i) restricted stock unit awards and (ii) performance based restricted stock unit awards, in each case that remained unvested and/or unearned as of December 31, 2018. If the holder of an award ceases to provide services to us prior to the date on which all shares subject to the award have vested in accordance with the applicable vesting schedule described in the footnotes below, we have a right to cancel the then unvested portion of the award. -59- (2) The market value of unvested shares is calculated by multiplying the number of unvested shares held by the applicable Named Executive Officer by the closing market price of our common stock on The NASDAQ Global Select Market on December 31, 2018, which was $16.21 per share. (3) Represents the actual number of shares issuable upon the vesting of restricted stock units. 100% of the amount earned, which was based on the achievement of certain performance conditions, vested on February 15, 2019. (4) 100% of the shares subject to the restricted stock unit award vested on February 15, 2019. (5) Represents the actual number of shares issuable upon the vesting of restricted stock units. One-half of the amount earned, which was based on the achievement of certain performance conditions, vested on February 15, 2019, and the remaining amount earned will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on such vesting date. (6) One-half of the shares subject to the restricted stock unit award will vest on May 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on each such vesting date. (7) One-half of the shares subject to the restricted stock unit award vested on February 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on such vesting date. (8) Represents the actual number of shares issuable upon the vesting of restricted stock units. 25% of the amount earned, which was based on the achievement of certain performance conditions, vested on February 15, 2019, and the remaining amount earned will vest annually in three equal installments on the anniversary of such date, subject to the holder’s continuous status as a service provider on each such vesting date. (9) 25% of the shares subject to the restricted stock unit award vested on February 15, 2019, and the remaining shares subject to the restricted stock unit award will vest annually in three equal installments on the anniversary of such date, subject to the holder’s continuous status as a service provider on each such vesting date. (10) One-half of the shares subject to the restricted stock unit award will vest on June 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on such vesting date. (11) 83,333 of the shares subject to the restricted stock unit award vested on February 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on such vesting date. (12) The stock option is fully vested and immediately exercisable. (13) One-half of the shares subject to the restricted stock unit award vested on February 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on May 15, 2019, subject to the holder’s continuous status as a service provider on such vesting date. (14) Represents the actual number of shares issuable upon the vesting of restricted stock units. 56,240 shares of the amount earned, which was based on the achievement of certain performance conditions, vested on February 15, 2019, and the remaining amount earned will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on such vesting date. (15) 48,483 of the shares subject to the restricted stock unit award vested on February 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on such vesting date. (16) Upon the achievement of certain performance conditions, 43,750 of the eligible restricted stock units relating to the 2018 performance year were earned and vested on February 15, 2019. (17) Upon the achievement of the target outcome of certain performance conditions, one-half of the eligible restricted stock units will vest on February 15, 2020, and one-half of the eligible restricted stock units will vest on February 15, 2021, subject to the holder’s continuous status as a service provider on each such vesting date. (18) One-eighth of the shares subject to the restricted stock unit award vested on February 15, 2019, and the remaining shares subject to the restricted stock unit award will vest quarterly thereafter in seven equal installments, subject to the holder’s continuous status as a service provider on each such vesting date. (19) 406 of the shares subject to the restricted stock unit award vested on February 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on May 15, 2019, subject to the holder’s continuous status as a service provider on such vesting date. (20) Upon the achievement of the target outcome of a performance condition, 100% of the eligible restricted stock units will vest on our next regular quarterly vesting date following the determination of such achievement, subject to the holder’s continuous status as a service provider on such vesting date. (21) One-half of the shares subject to the restricted stock unit award will vest on August 15, 2019, and the remaining shares subject to the restricted stock unit award will vest on the anniversary of such date, subject to the holder’s continuous status as a service provider on each such vesting date. -60- Option Exercises and Stock Vested for Fiscal Year 2018 Table The following table sets forth the number of shares acquired and the value realized upon the exercise of stock options and the vesting of restricted stock unit awards during 2018 by each of our Named Executive Officers. Name Alexa King . . . . . . . . . . . Kevin R. Mandia . . . . . . Travis M. Reese . . . . . . . William T. Robbins . . . . Frank Verdecanna . . . . . Option Awards Stock Awards Number of Shares Acquired on Exercise (#) Value Realized on Exercise ($)(1) Number of Shares Acquired on Vesting (#) Value Realized on Vesting ($)(2) — — 100,000 — — — — 1,054,757 — — 114,815 265,415 210,639 108,000 106,202 1,914,765 4,421,688 3,519,214 1,829,540 1,725,369 (1) Based on the market price per share of the Company’s common stock on the date of exercise less the option exercise price paid for those shares, multiplied by the number of shares for which the option was exercised. (2) Based on the market price per share of the Company’s common stock on the vesting date, multiplied by the number of shares vested. Employment Agreements for Executive Officers Kevin R. Mandia Effective December 30, 2013, we entered into an employment offer letter with Kevin R. Mandia, our Chief Executive Officer. The offer letter is for no specific term and provides that Mr. Mandia is an “at-will” employee. Mr. Mandia’s current annual base salary is $425,000, and he is eligible for annual target incentive payments equal to $425,000 for 2019. Mr. Mandia is also eligible for severance payments and benefits under our Change of Control Severance Policy for Officers. The offer letter also contains certain covenants regarding external consulting and other activities that Mr. Mandia cannot engage in while providing services to us. Alexa King Effective August 1, 2013, we entered into a confirmatory employment offer letter with Alexa King, our Executive Vice President, General Counsel and Secretary. The offer letter is for no specific term and provides that Ms. King is an “at-will” employee. Ms. King’s current annual base salary is $383,000, and she is eligible for annual target incentive payments equal to $191,500 for 2019. Ms. King is also eligible for severance payments and benefits under our Change of Control Severance Policy for Officers. Travis M. Reese Effective July 20, 2016, we entered into an amended and restated employment offer letter with Travis M. Reese, our President. The offer letter is for no specific term and provides that Mr. Reese is an “at-will” employee. Mr. Reese’s current annual base salary is $400,000, and he is eligible for annual target incentive payments equal to $320,000 for 2019. Mr. Reese is also eligible for severance payments and benefits under our Change of Control Severance Policy for Officers. William T. Robbins Effective November 14, 2016, we entered into an employment offer letter with William T. Robbins, our Executive Vice President of Worldwide Sales. The offer letter is for no specific term and provides that -61- P r o x y S t a t e m e n t Mr. Robbins is an “at-will” employee. Mr. Robbins’ current annual base salary is $462,500, and he is eligible for annual target incentive payments equal to $362,500 for 2019. Mr. Robbins is also eligible for severance payments and benefits under our Change of Control Severance Policy for Officers. Frank E. Verdecanna Effective February 20, 2018, we letter with Frank E. Verdecanna, our Executive Vice President, Chief Financial Officer and Chief Accounting Officer. The offer letter is for no specific term and provides that Mr. Verdecanna is an “at-will” employee. Mr. Verdecanna’s current annual base salary for 2019 is $400,000, and he is eligible for annual target incentive payments equal to $200,000 for 2019. Mr. Verdecanna is also eligible for severance payments and benefits under our Change of Control Severance Policy for Officers entered into a confirmatory employment offer Change of Control Severance Policy for Officers In July 2013, our compensation committee adopted and approved a Change of Control Severance Policy for Officers (the “Severance Policy”). All of our executive officers and certain of our non-executive officers (collectively referred to as “eligible employees”) are generally eligible for severance payments and benefits under the Severance Policy, subject to the conditions described below. Each eligible employee may receive payments and benefits upon a qualified termination of employment anytime from three months prior to a change of control through 12 months following a change of control of the Company (the “change of control period”). In addition, eligible employees may receive severance payments and benefits for qualified terminations of employment unrelated to a change of control. The payments and benefits in the Severance Policy vary based on whether an eligible employee is an executive officer, or Tier 1 Executive, or a non-executive officer, or Tier II Executive. In the event of a termination of employment without “cause” or a resignation for “good reason” (as such terms are generally defined below), in each case, during the change of control period, an eligible employee will receive the following: • Tier I Executive or Tier II Executive: • • • • lump-sum 12 months base salary payment; pro-rata bonus for the year of termination; 100% acceleration of unvested equity awards with unvested performance awards vesting at maximum level; and paid COBRA continuation for 12 months. In the event of a termination of employment without “cause” (as generally defined below) outside of the change of control period, an eligible employee will receive the following: • • Tier I Executive: • • lump-sum 12 months base salary payment; and paid COBRA continuation for 12 months. Tier II Executive: • • lump-sum 6 months base salary payment; and paid COBRA continuation for 6 months. To be an eligible employee, the participant must enter into a participation agreement with us. Also, all severance payments and benefits under the Severance Policy are subject to the eligible employee executing a release of clams in favor of the Company. Payments and benefits under the Severance Policy replace any then- -62- existing severance and/or change of control payment and benefit that an eligible employee had previously. All of our Named Executive Officers have entered into a participation agreement with us. For purposes of the Severance Policy, “cause” means generally: • • • • • • • the unauthorized use or disclosure of our confidential information or trade secrets, which use or disclosure causes material harm to us; the material breach of any agreement between us and the named executive officer; the material failure to comply with our written policies or rules; the conviction of, or plea of “guilty” or “no contest” to, a felony under the laws of the United States or any State; gross negligence or willful misconduct in the performance of the named executive officer’s duties; the continuing failure to perform assigned duties after receiving written notification of the failure from our Chief Executive Officer; or the failure to cooperate in good faith with a governmental or internal investigation of the company or our directors, officers or employees, if we have requested such cooperation; provided, however, that “cause” will not be deemed to exist in certain of the events above unless the named executive officer has been provided with (i) 30 days’ written notice by our board of directors of the act or omission constituting “cause” and (ii) 30 days’ opportunity to cure such act or omission, if capable of cure. For purposes of the Severance Policy, “good reason” means generally any of the following without an eligible employee’s consent: • • • • • a material reduction in duties, authority, reporting relationship, or responsibilities; a material reduction in annual cash compensation; a requirement to relocate to a location more than 20 miles from the eligible employee’s then-current office location; a material breach by us of the eligible employee’s employment agreement or any other agreement between the eligible employee and us; or a failure by any successor entity to assume the Severance Policy. Potential Payments upon a Change of Control, upon Termination or upon Termination Following a Change of Control Potential Payments Upon Termination of Employment Outside of the Change of Control Period The table below shows the estimated payments and benefits that each Named Executive Officer would have received under the Severance Policy if his or her employment had been terminated without cause on December 31, 2018, assuming that such termination occurred outside of a change of control period. Name Salary Continuation($) Value of Continued Health Care Premiums($)(1) Alexa King . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kevin R. Mandia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Travis M. Reese . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . William T. Robbins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Frank E. Verdecanna . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366,667 425,000 400,000 462,500 400,000 24,492 24,492 17,909 24,492 24,492 (1) Estimates of COBRA value are based on coverage in effect as of December 31, 2018. Total($) 391,159 449,492 417,909 486,992 424,492 -63- P r o x y S t a t e m e n t Potential Payments Upon Termination of Employment During the Change of Control Period The table below shows the estimated payments and benefits that each Named Executive Officer would have received under the Severance Policy if his or her employment had been terminated without cause, or he or she had resigned for good reason, on December 31, 2018, assuming that such termination or resignation for good reason occurred within a change of control period. Acceleration Name Salary Continuation($) Pro rata Cash Incentive($)(1) Option Awards($) Stock Awards($) Value of Continued Health Care Premiums($)(2) Alexa King . . . . . . . . . . Kevin R. Mandia . . . . . . Travis M. Reese . . . . . . William T. Robbins . . . Frank E. Verdecanna . . 366,667 425,000 400,000 462,500 400,000 183,333 425,000 320,000 362,500 200,000 — — — — — 4,768,415 15,933,068 11,202,974 9,320,750 6,937,856 24,492 24,492 17,909 24,492 24,492 (1) Represents amount of target annual cash incentive opportunity as of December 31, 2018. (2) Estimates of COBRA value are based on coverage in effect as of December 31, 2018. Total($) 5,342,907 16,807,560 11,940,883 10,170,242 7,562,348 Equity Compensation Plan Information The following table provides information as of December 31, 2018 with respect to shares of our common stock that may be issued under our existing equity compensation plans. The table does not include information with respect to shares of our common stock subject to outstanding stock options that were assumed by us in connection with our acquisition of Mandiant or nPulse Technologies, which originally granted those stock options. However, footnote 3 to the table sets forth the total number of shares of our common stock issuable upon the exercise of those assumed options as of December 31, 2018, and the weighted average exercise price of those assumed stock options. (a) Number of Securities to be Issued Upon Exercise of Outstanding Options, Warrants and Rights (b) Weighted Average Exercise Price of Outstanding Options, Warrants and Rights(1) (c) Number of Securities Remaining Available for Future Issuance Under Equity Compensation Plans (Excluding Securities Reflected in Column (a)) Plan Category Equity compensation plans approved by stockholders(2) . . . . . . . . . . . . . . . . . . . . . . . . 23,273,842 $ 12.8791 15,109,196 Equity compensation plans not approved by stockholders(3) . . . . . . . . . . . . . . . . . . . . . . . . Total . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . — 23,273,842 — $ 12.8791 — 15,109,196 (1) The weighted average exercise price is calculated based solely on outstanding stock options. It does not take (2) into account restricted stock unit awards, which have no exercise price. Includes the following plans: FireEye, Inc. 2008 Stock Plan, FireEye, Inc. 2013 Equity Incentive Plan (“2013 Plan”) and FireEye, Inc. 2013 Employee Stock Purchase Plan (“ESPP”). Our 2013 Plan provides that on the first day of each fiscal year, the number of shares available for issuance thereunder is automatically increased by a number equal to the least of (i) 12,100,000 shares of common stock, (ii) five percent (5.0%) of the aggregate number of shares of common stock outstanding on December 31st of the preceding fiscal year, or (iii) such other amount as may be determined by our board of directors. Our ESPP provides that on the first day of each fiscal year, the number of shares available for issuance thereunder is automatically increased by a number equal to the least of (i) 3,700,000 shares of common stock, (ii) one percent (1.0%) of the aggregate number of shares of common stock outstanding on such date, or (iii) such other amount as -64- may be determined by our board of directors. On January 1, 2019, the number of shares available for issuance under our 2013 Plan and our ESPP increased by 9,980,579 shares and 1,996,115 shares, respectively, pursuant to these provisions. These increases are not reflected in the table above. (3) The table does not include information for the Mandiant Corporation 2006 Equity Incentive Plan, Mandiant Corporation 2011 Equity Incentive Plan and nPulse Technologies, Inc. 2012 Stock Incentive Plan, which are equity compensation plans governing stock options assumed by us in connection with the acquisitions of Mandiant and nPulse Technologies. As of December 31, 2018, there were a total of 374,653 shares subject to outstanding stock options assumed by us in connection with the acquisitions of Mandiant and nPulse Technologies. Those outstanding stock options had a weighted average exercise price of $9.4014 per share. No additional awards may be made under those plans. CEO Pay Ratio As required by Section 953(b) of the Dodd-Frank Wall Street Reform and Consumer Protection Act, and Item 402(u) of Regulation S-K, we are providing the following information about the relationship of the annual total compensation of our employees and the annual total compensation of our Chief Executive Officer: For 2018, our last completed fiscal year: • • the median of the annual total compensation of all employees of our company (other than our Chief Executive Officer) was $152,601; and the annual Compensation Table presented elsewhere in this proxy statement, was $6,544,668. total compensation of our Chief Executive Officer, as reported in the Summary Based on this information, for 2018, the ratio of the annual total compensation of our Chief Executive Officer to the median of the annual total compensation of all employees was approximately 43 to 1. This pay ratio is a reasonable estimate calculated in a manner consistent with Item 402(u) of Regulation S-K. To identify the median of the annual total compensation of all our employees, as well as to determine the total compensation of the “median employee,” the methodology and the material assumptions, annual adjustments and estimates that we used were as follows: • We selected December 31, 2018, which is the last day of our fiscal year, as the date upon which we would identify the median employee. • • As of December 31, 2018, our employee population consisted of 3,232 individuals. To identify the “median employee” from our employee population we used payroll and equity plan records for January 1, 2018 through December 31, 2018 (the “compensation measurement period”). • The compensation measure included the following: base salary, bonus payments, grant date fair value of equity awards, and sales commissions. Such cash amounts reflected amounts actually paid during the compensation measurement period. • We did not annualize any amounts of employees who were hired in fiscal year 2018 but did not work for us or our subsidiaries for the entire fiscal year. • We did not exclude any non-U.S. employee under the de minimis exception set forth in Item 402(u) of Regulation S-K. • We did not include the amount of non-cash tax gross ups for relocation benefits and employee recognition awards. • Amounts paid in foreign currency were converted into United States dollars using exchange rates in effect as of December 31, 2018. -65- P r o x y S t a t e m e n t • With respect to the annual total compensation of the “median employee,” we identified and calculated the elements of such employee’s compensation for 2018 in accordance with the requirements of Item 402(c)(2)(x) of Regulation S-K, resulting in annual total compensation of $152,601. • With respect to the annual total compensation for our Chief Executive Officer, we used the amount reported in the “Total” column of our Summary Compensation Table for Fiscal Year 2018. -66- SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT The following table sets forth certain information with respect to the beneficial ownership of our common stock as of March 25, 2019 for: • • • • each of our directors and nominees for director; each of our Named Executive Officers; all of our current directors and current executive officers as a group; and each person or group who is known by us to be the beneficial owner of more than 5% of our common stock. We have determined beneficial ownership in accordance with the rules of the SEC and the information is not necessarily indicative of beneficial ownership for any other purpose. Unless otherwise indicated below, to our knowledge, the persons and entities named in the table have sole voting and sole investment power with respect to all shares that they beneficially owned, subject to community property laws where applicable. We have based our calculation of the percentage of beneficial ownership on 203,166,974 shares of our common stock outstanding as of March 25, 2019. We have deemed shares of our common stock subject to stock options that are currently exercisable or exercisable within 60 days of March 25, 2019, or issuable pursuant to restricted stock units that are subject to vesting conditions expected to occur within 60 days of March 25, 2019, to be outstanding and to be beneficially owned by the person holding the stock option or restricted stock units for the purpose of computing the percentage ownership of that person. We did not deem these shares outstanding, however, for the purpose of computing the percentage ownership of any other person. Unless otherwise indicated, the address of each beneficial owner listed in the table below is c/o FireEye, Inc., 601 McCarthy Blvd., Milpitas, CA 95035. P r o x y S t a t e m e n t Number of Shares Beneficially Owned Percentage of Shares Beneficially Owned Name of Beneficial Owner 5% Stockholders: The Vanguard Group(1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . Shapiro Capital Management LLC(2) . . . . . . . . . . . . . . . . . Directors and Named Executive Officers: Alexa King(3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kevin R. Mandia(4) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Travis M. Reese(5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . William T. Robbins(6) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Frank E. Verdecanna(7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kimberly Alexy(8) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ronald E. F. Codd(9) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Adrian McDermott . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Stephen Pusey(10) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Enrique Salem(11) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Robert E. Switz(12) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . All current directors and current executive officers as a 16,835,762 13,430,689 295,406 3,063,090 648,504 95,861 239,258 48,696 237,849 — 26,858 239,064 20,231 8.3% 6.6% * 1.5% * * * * * — * * * 2.4% group (11 persons)(13) . . . . . . . . . . . . . . . . . . . . . . . . . . . 4,914,817 * Represents beneficial ownership of less than one percent (1%) of the outstanding shares of our common stock. (1) As of December 31, 2018, the reporting date of The Vanguard Group’s filing with the SEC on February 11, 2019 pursuant to Section 13(g) of the Exchange Act, The Vanguard Group, as investment advisor, has sole voting power with respect to 101,527 shares of our common stock, shared voting power with respect to -67- 38,480 shares of our common stock, sole dispositive power with respect to 16,714,055 shares of our common stock and shared dispositive power with respect to 121,707 shares of our common stock. Vanguard Fiduciary Trust Company, a wholly-owned subsidiary of The Vanguard Group, Inc., is the beneficial owner of 83,227 shares of our common stock as a result of its serving as investment manager of collective trust accounts. Vanguard Investments Australia, Ltd., a wholly-owned subsidiary of The Vanguard Group, Inc., is the beneficial owner of 56,780 shares of our common stock as a result of its serving as investment manager of Australian investment offerings. The address of The Vanguard Group is 100 Vanguard Blvd., Malvern, PA 19355. (2) As of December 31, 2018, the reporting date of the filing by Shapiro Capital Management LLC with the SEC on February 14, 2019 pursuant to Section 13(g) of the Exchange Act, Shapiro Capital Management LLC, as investment advisor, has sole voting power with respect to 12,844,584 shares of our common stock, shared voting power with respect to 586,105 shares of our common stock, sole dispositive power with respect to 13,430,689 shares of our common stock and shared dispositive power with respect to zero shares of our common stock. The principal business address of Shapiro Capital Management LLC is 3060 Peachtree Road, Suite 1555 N.W., Atlanta, Georgia 30305. (3) Consists of (i) 289,156 shares of our common stock held of record by Ms. King and David Yamamoto as community property with the right of survivorship and (ii) 6,250 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. Ms. King has shared voting and investment power with respect to the shares held of record by Ms. King and David Yamamoto as community property with the right of survivorship. (4) Consists of (i) 2,578,214 shares of our common stock held of record by Mr. Mandia, (ii) 340,691 shares of our common stock held of record by Kevin R. Mandia 2011 Irrevocable Trust Dated July 29, 2011, and (iii) 144,185 shares of our common stock held of record by Mr. Mandia’s wife. Mr. Mandia’s wife, as trustee, has shared voting and investment power with respect to the shares held of record by the Kevin R. Mandia 2011 Irrevocable Trust dated July 29, 2011. Mr. Mandia disclaims beneficial ownership of the shares held of record by the Kevin R. Mandia 2011 Irrevocable Trust dated July 29, 2011 and the shares held of record by Mr. Mandia’s wife. (5) Consists of (i) 350,936 shares of our common stock held of record by Mr. Reese, (ii) 114,618 shares of our common stock issuable pursuant to outstanding stock options exercisable within 60 days of March 25, 2019, all of which were fully vested as of such date, (iii) 6,250 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019, (iv) 121,585 shares of our common stock held of record by the Travis M Reese Family Trust, for which Mr. Reese and his wife serve as trustees, (v) 35,000 shares of our common stock held of record by the Travis M. Reese Revocable Trust, for which Mr. Reese serves as a trustee, and (vi) 20,115 shares of our common stock held of record by Mr. Reese’s wife. Mr. Reese’s wife, as trustee, has shared voting and investment power with respect to the shares held of record by the Travis M Reese Family Trust. Mr. Reese disclaims beneficial ownership of the shares held of record by his wife. (6) Consists of (i) 83,361 shares of our common stock held of record by Mr. Robbins and (ii) 12,500 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. (7) Consists of (i) 150,859 shares of our common stock held of record by Mr. Verdecanna, (ii) 87,992 shares of our common stock issuable pursuant to outstanding stock options exercisable within 60 days of March 25, 2019, all of which were fully vested as of such date, and (iii) 407 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. (8) Consists of (i) 42,164 shares of our common stock held of record by Ms. Alexy and (ii) 6,532 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. (9) Consists of (i) 113,442 shares of our common stock held of record by the Codd Revocable Trust Dtd March 6, 1998, (ii) 118,000 shares of our common stock issuable pursuant to outstanding stock options exercisable within 60 days of March 25, 2019, all of which were fully vested as of such date, and (iii) 6,407 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. Mr. Codd, as trustee, has shared voting and investment power with respect to the shares held of record by the Codd Revocable Trust Dtd March 6, 1998. -68- (10) Consists of (i) 20,840 shares of our common stock held of record by Mr. Pusey and (ii) 6,018 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. (11) Consists of (i) 223,944 shares of our common stock held of record by Mr. Salem and (ii) 15,120 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. (12) Consists of (i) 8,076 shares of our common stock held of record by Mr. Switz and (ii) 12,155 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. (13) Consists of (i) 4,522,568 shares of our common stock beneficially owned by our current directors and current executive officers, (ii) 320,610 shares of our common stock issuable pursuant to outstanding stock options exercisable within 60 days of March 25, 2019, all of which were fully vested as of such date, and (iii) 71,639 shares of our common stock issuable upon the vesting of restricted stock units within 60 days of March 25, 2019. P r o x y S t a t e m e n t -69- RELATED PERSON TRANSACTIONS We describe below transactions and series of similar transactions, since the beginning of our last fiscal year, to which we were or will be a party, in which: • • the amounts involved exceeded or will exceed $120,000; and any of our directors, nominees for director, executive officers or holders of more than 5% of our outstanding capital stock, or any immediate family member of, or person sharing the household with, any of these individuals or entities, had or will have a direct or indirect material interest. Other than as described below, there has not been, nor is there any currently proposed, transactions or series of similar transactions to which we have been or will be a party. Indemnification Agreements We have also entered into indemnification agreements with our directors and certain of our executive officers. The indemnification agreements and our certificate of incorporation and bylaws require us to indemnify our directors and officers to the fullest extent permitted by Delaware law. Policies and Procedures for Related Party Transactions Our audit committee has adopted a formal written policy providing that our audit committee is responsible for reviewing “related party transactions,” which are transactions (i) in which we were, are or will be a participant, (ii) in which the aggregate amount involved exceeds or may be expected to exceed $50,000, and (iii) in which a related person had, has or will have a direct or indirect material interest. For purposes of this policy, a related person is defined as a director, nominee for director, executive officer, or greater than 5% beneficial owner of our common stock and their immediate family members. Under this policy, all related party transactions may be consummated or continued only if approved or ratified by our audit committee. In determining whether to approve or ratify any such proposal, our audit committee will take into account, among other factors it deems appropriate, (i) whether the transaction is on terms no less favorable than terms generally available to an unaffiliated third party under the same or similar circumstances and (ii) the extent of the related party’s interest in the transaction. The policy grants standing pre-approval of certain transactions, including (i) certain compensation arrangements of executive officers, (ii) certain director compensation arrangements, (iii) transactions with another company at which a related party’s only relationship is as a non-executive employee, director or beneficial owner of less than 10% of that company’s shares and the aggregate amount involved does not exceed the greater of $500,000 or 2% of the company’s total annual revenue, (iv) transactions where a related party’s interest arises solely from the ownership of our common stock and all holders of our common stock received the same benefit on a pro rata basis, and (v) transactions available to all U.S. employees generally. CEO Travel Policy Our board of directors adopted a travel reimbursement policy in May 2016. Under the policy, as amended by our board of directors in April 2017, the individual serving as our Chief Executive Officer is eligible for reimbursement of expenses incurred in traveling by private aircraft if and when, on the infrequent occasion, such method of travel is reasonably necessary for FireEye business trips. The total reimbursement for all eligible expenses with respect to private aircraft travel is capped at $1 million per year. For fiscal 2018, our Chief Executive Officer did not incur any such expenses. -70- OTHER MATTERS Section 16(a) Beneficial Ownership Reporting Compliance Section 16(a) of the Exchange Act requires that our executive officers and directors, and persons who own more than 10% of our common stock, file reports of ownership and changes of ownership with the SEC. Such directors, executive officers and 10% stockholders are required by SEC regulation to furnish us with copies of all Section 16(a) forms they file. SEC regulations require us to identify in this proxy statement anyone who filed a required report late during the most recent fiscal year. Based on our review of forms we received, or written representations from reporting persons stating that they were not required to file these forms, we believe that during our fiscal year ended December 31, 2018, all Section 16(a) filing requirements were satisfied on a timely basis. Available Information Our financial statements for our fiscal year ended December 31, 2018 are included in our Annual Report on Form 10-K. This proxy statement and our annual report are posted on the Investor Relations section of our website at investors.FireEye.com and are available from the SEC at its website at www.sec.gov. You may also obtain a copy of our annual report without charge by sending a written request to FireEye, Inc., Attention: Investor Relations, 601 McCarthy Blvd., Milpitas, California 95035. Company Website We maintain a website at www.FireEye.com. Information contained on, or that can be accessed through, our website is not intended to be incorporated by reference into this proxy statement, and references to our website address in this proxy statement are inactive textual references only. P r o x y S t a t e m e n t * * * Our board of directors does not know of any other matters to be presented at the Annual Meeting. If any additional matters are properly presented at the Annual Meeting, the persons named on the enclosed proxy card will have discretion to vote the shares of common stock they represent in accordance with their own judgment on such matters. It is important that your shares of common stock be represented at the Annual Meeting, regardless of the number of shares that you hold. You are, therefore, urged to vote over the Internet or by telephone as instructed on the enclosed proxy card or execute and return, at your earliest convenience, the enclosed proxy card in the envelope that has also been provided. THE BOARD OF DIRECTORS Milpitas, California April 8, 2019 -71- ANNEX A RECONCILIATION OF NON-GAAP FINANCIAL MEASURES RECONCILIATION OF NON-GAAP BILLINGS TO REVENUE (in thousands) 2017* Q1’18 Q2’18 Q3’18 Q4’18 2018 Total Revenue . . . . . . . . . . . . . . . . . . . . . $ 779,648 $ 199,070 $ 202,696 $ 211,651 $ 217,533 $ 830,950 24,728 Plus change in deferred revenue . . . (23,964) (17,649) (6,580) 47,673 7,599 Non-GAAP Billings . . . . . . . . . . . . . . . . . $ 761,999 $ 175,106 $ 196,116 $ 219,250 $ 265,206 $ 855,678 * Certain prior period amounts have been adjusted as a result of adoption of ASU 2014-09, Revenue from Contracts with Customers (Topic 606) on a full retrospective basis, effective January 1, 2018. RECONCILIATION OF NON-GAAP OPERATING INCOME (LOSS) TO GAAP OPERATING INCOME (LOSS) (in thousands) Q1’18 Q2’18 Q3’18 Q4’18 2018 Operating loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Stock based compensation . . . . . . . . . . . . . . . . . . . Amortization of stock-based compensation $(60,724) $(48,536) $(36,441) $(36,701) $(182,402) 153,675 37,326 42,148 38,892 35,309 capitalized in software development costs . . . . Amortization of intangibles . . . . . . . . . . . . . . . . . . Acquisition related costs . . . . . . . . . . . . . . . . . . . . — 12,614 264 497 12,646 — 624 12,644 — 707 12,424 — 1,828 50,328 264 Non-GAAP operating income (loss) . . . . . . . . . . . . . . . $ (5,698) $ 3,499 $ 14,153 $ 11,739 $ 23,693 RECONCILATION OF NON-GAAP FREE CASH FLOW TO GAAP OPERATING CASH FLOW (in thousands) Net cash provided by (used in) operating activities . . . . Plus: deemed repayment of convertible senior notes Q1’18 Q2’18 Q3’18 Q4’18 2018 $ 9,187 $(44,287) $ 21,899 $ 30,582 $ 17,381 attributable to accreted debt discount . . . . . . . . . . . . . — 43,575 — — 43,575 Less: purchase of property and equipment and demonstration units . . . . . . . . . . . . . . . . . . . . . . . . . . . (14,487) (12,158) (10,375) (13,811) (50,831) Free cash flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ (5,300) $(12,870) $ 11,524 $ 16,771 $ 10,125 -A-1- UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 FORM 10-K (Mark One) È ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the fiscal year ended December 31, 2018 or ‘ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the transition period from to Commission File Number 001-36067 FireEye, Inc. (Exact name of registrant as specified in its charter) Delaware (State or other jurisdiction of incorporation or organization) 20-1548921 (I.R.S. Employer Identification Number) 601 McCarthy Blvd. Milpitas, CA 95035 (408) 321-6300 (Address, including zip code, and telephone number, including area code, of registrant’s principal executive offices) Securities registered pursuant to Section 12(b) of the Act: Title of each class Name of each exchange on which registered Common Stock, par value $0.0001 per share The NASDAQ Global Select Market Securities registered pursuant to Section 12(g) of the Act: None Indicate by check mark if the registrant Act. Yes È No ‘ Indicate by check mark if the registrant Act. Yes ‘ No È is a well-known seasoned issuer, as defined in Rule 405 of the Securities is not required to file reports pursuant to Section 13 or Section 15(d) of the Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes È No ‘ Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes È No ‘ Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K (§229.405 of this chapter) is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. È A n n u a l R e p o r t Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act. Large accelerated filer È Non-accelerated filer ‘ ‘ Accelerated filer Smaller reporting company ‘ Emerging growth company ‘ If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ‘ Indicate by check mark whether Act). Yes ‘ No È the registrant is a shell company (as defined in Rule 12b-2 of the Exchange As of June 29, 2018, the last business day of the registrant’s most recently completed second fiscal quarter, the aggregate market value of the registrant’s common stock held by non-affiliates was approximately $2.9 billion, based on the closing sales price of such stock reported for such date on The NASDAQ Global Select Market. This calculation does not reflect a determination that persons are affiliates for any other purposes. The number of outstanding shares of the registrant’s common stock was 203,093,510 as of February 20, 2019. Portions of the registrant’s Proxy Statement for the 2019 Annual Meeting of Stockholders to be filed with the Securities and Exchange Commission within 120 days after the end of the registrant’s fiscal year ended December 31, 2018 are incorporated by reference into Part III of this Annual Report on Form 10-K. DOCUMENTS INCORPORATED BY REFERENCE PART I Item 1. Item 1A. Item 1B. Item 2. Item 3. Item 4. Item 5. Item 6. Item 7. Item 7A. Item 8. Item 9. Item 9A. Item 9B. Item 10. Item 11. Item 12. Item 13. Item 14. Business . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Risk Factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Unresolved Staff Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Legal Proceedings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mine Safety Disclosures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PART II Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Selected Consolidated Financial Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Management’s Discussion and Analysis of Financial Condition and Results of Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Quantitative and Qualitative Disclosures About Market Risk . . . . . . . . . . . . . . . . . . . . . . Financial Statements and Supplementary Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Changes in and Disagreements With Accountants on Accounting and Financial Disclosure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Controls and Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Other Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PART III Directors, Executive Officers and Corporate Governance . . . . . . . . . . . . . . . . . . . . . . . . . Executive Compensation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Certain Relationships and Related Transactions, and Director Independence . . . . . . . . . . Principal Accountant Fees and Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Item 15. Item 16. Exhibits, Financial Statement Schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Form 10-K Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PART IV Page 5 15 51 51 51 51 52 54 56 84 86 129 129 131 132 132 132 132 132 133 136 137 2 SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS This Annual Report on Form 10-K, including the sections entitled “Business,” “Risk Factors,” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” contains forward- looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. The words “believe,” “may,” “will,” “potentially,” “estimate,” “continue,” “anticipate,” “intend,” “could,” “would,” “project,” “plan” “expect,” the negative and plural forms of these words and similar expressions that convey uncertainty of future events or outcomes are intended to identify forward-looking statements. These forward-looking statements include, but are not limited to, statements concerning the following: • • • • • • • • • • • • • • • • • • • • • • • the evolution of the threat landscape facing our customers and prospects; our ability, and the effects of our efforts, to educate the market regarding the advantages of our security solutions; our ability to continue to grow revenues; our future financial and operating results; our business plan and our ability to effectively manage our growth and associated investments; our beliefs, forecasts and objectives for future operations; our ability to expand our leadership position in advanced network security; our ability to attract and retain customers and to expand our solutions footprint within each of these customers; our expectations concerning customer retention rates, as well as expectations for the value of subscriptions and services renewals; our ability to maintain our competitive technological advantages against new entrants in our industry; our ability to timely and effectively scale and adapt our existing technology; our ability to innovate new products and solutions and bring them to market in a timely manner; our ability to maintain, protect, and enhance our brand and intellectual property; our ability to expand internationally; the effects of increased competition in our market and our ability to compete effectively; cost of revenue, including changes in costs associated with products, subscriptions, manufacturing and customer support; operating expenses, including changes in research and development, sales and marketing, and general and administrative expenses; anticipated income tax rates; potential attrition and other impacts associated with restructuring; sufficiency of cash to meet cash needs for at least the next 12 months; our ability to generate cash flows from operations and free cash flows; our ability to capture new, and renew existing, contracts with the United States and international governments; our expectations concerning relationships with third parties, including our manufacturers, channel and technology alliance partners and logistics providers; 3 A n n u a l R e p o r t • • • • • the release of new products and solutions; economic and industry trends or trend analysis; the attraction, training, integration and retention of qualified employees and key personnel; future acquisitions of or investments in complementary companies, products, subscriptions or technologies; and the effects of seasonal trends on our results of operations. These forward-looking statements are subject to a number of risks, uncertainties, and assumptions, including those described in “Risk Factors” included in Part I, Item 1A and elsewhere in this Annual Report on Form 10-K. Moreover, we operate in a very competitive and rapidly changing environment, and new risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties, and assumptions, the forward-looking events and circumstances discussed in this Annual Report on Form 10-K may not occur, or unanticipated events or circumstances that we did not foresee may materialize, either of which could cause actual results to differ materially and adversely from those anticipated or implied in our forward-looking statements. You should not rely upon forward-looking statements as predictions of future events. Although we believe that the expectations reflected in our forward-looking statements are reasonable, we cannot guarantee that the future results, levels of activity, performance or events and circumstances described in the forward-looking statements will be achieved or occur. Moreover, neither we nor any other person assumes responsibility for the accuracy and completeness of the forward-looking statements. We undertake no obligation to update publicly any forward-looking statements for any reason after the date of this Annual Report on Form 10-K to conform these statements to actual results or to changes in our expectations, except as required by law. You should read this Annual Report on Form 10-K and the documents that we reference in this Annual Report on Form 10-K and have filed with the SEC as exhibits to this Annual Report on Form 10-K with the understanding that our actual future results, levels of activity, performance and events and circumstances may be materially different from what we expect. 4 Item 1. Business General PART I We provide comprehensive intelligence-based cybersecurity solutions that allow organizations to prepare for, prevent, investigate, respond to and remediate cyber attacks. Our portfolio of cybersecurity products and services is designed to minimize the risk of costly cyber security breaches by detecting and preventing advanced, targeted and other evasive attacks, as well as enabling more efficient management of security operations, including alert management, investigation and response when a breach occurs. We accomplish this through the integration of our core competitive advantages in solutions and services that adapt to changes in the threat environment through a cycle of intelligence-driven innovation. Our core competitive advantages include: • Our technologies, including our machine-learning, behavioral-based, and rules-based threat detection, analysis and correlation technologies, combined with our proprietary Multi-vector Virtual Execution (“MVX”) engine, • Our intelligence on threats and threat actors based on the continuous flow of machine-, attacker- and victim-based attack data from our global network of threat sensors and virtual machines, as well as threat intelligence gathered by our security analysts, consultants and incident responders, and • Our accumulated security expertise derived from responding to thousands of significant breaches over the past decade. Our threat detection and prevention products encompass appliance-based, virtual and cloud solutions for web security, email security and endpoint security. These products are complemented by our cloud-based threat intelligence, security analytics and security automation and orchestration technologies, as well as our managed security services, cybersecurity consulting and incident response offerings. In combination, our solutions and services enable a proactive approach to cybersecurity that extends across the threat management lifecycle to minimize the risk of costly cybersecurity breaches. We have organized our cybersecurity solutions in a hub and spokes model designed to integrate machine- generated threat data from our detection and prevention products with our analytics, response and orchestration technologies delivered through our Helix cybersecurity operations platform. Helix is designed to enable more efficient security operations by correlating security and event data across an organization’s environment to determine which threats present the greatest risk, automating repetitive security processes, and providing tools and workflows to investigate alerts and respond to attacks. The Helix cloud-based interface presents a unified view of an organization’s attack surface, including on-premise and cloud environments, and provides the contextual threat intelligence and threat management tools to enable a rapid response. We were founded in 2004 to address the inability of signature-based security solutions to detect the new generation of dynamic, stealthy and targeted cyber attacks, known as advanced persistent threats. To meet the challenges of detecting these previously unknown threats, for which there were no signatures, we developed our MVX engine, a purpose-built virtual machine-based threat detection and analysis engine. MVX works in conjunction with our intelligence-driven analysis (“IDA”) technologies in our network, email and endpoint security solutions to detect and block attacks that evade detection by signature-based security solutions. Our approach allows us to detect both known and unknown threats while minimizing costly false positive alerts. In addition to providing customers with high fidelity alerts on cyber attacks, MVX generates a continuous flow of real-time, anonymized “victim-based” threat data to FireEye through our Dynamic Threat Intelligence (“DTI”) cloud. In December 2013, we acquired Mandiant, a leading provider of advanced endpoint security products and security incident response management solutions. As a result of the Mandiant acquisition, we expanded our 5 A n n u a l R e p o r t threat intelligence to include contextual information on cyber attackers’ tools and techniques, augmented our threat detection technologies with additional detection and forensic capabilities, and added a comprehensive suite of incident response and other cyber related professional services. Since the Mandiant acquisition, we have expanded our business from a narrow focus on the detection of advanced persistent threats to helping our customers detect and prevent all types of cyber attacks and improve their resilience to new cyber threats using our technologies, intelligence and expertise. Additionally, our threat researchers correlate the attack data from our network, email, and endpoint security solutions with the intelligence on adversaries generated by our global network of security researchers and consultants. This deep knowledge of the threat environment and attacker tools and techniques is used to adapt our detection and analysis engines to new attack techniques and to develop new features and use cases for our security solutions. In the first quarter of 2017, we introduced our FireEye Helix cybersecurity operations platform. Helix integrates security alerts from our network, email and endpoint security solutions, as well as data from other information technology and cybersecurity solutions, with our advanced threat intelligence, threat analytics, and orchestration capabilities to enable more efficient security operations. The cloud-based Helix user interface provides a unified, customized view of an organization’s attack surface, and includes pre-determined threat response “playbooks” based on Mandiant expertise and best practices. Helix allows security analysts to prioritize critical alerts, hunt for new threats, and rapidly pivot from detection to response to reduce the business impact of an attack. As of December 31, 2018, we had approximately 7,700 end-customers, including more than 50% of the Forbes Global 2000. Our customers include leading enterprises in a diverse set of industries, including telecommunications, technology, financial services, public utilities, healthcare and oil and gas, as well as leading U.S. and international governmental agencies. For 2018, 2017 and 2016, our revenue was $831.0 million, $779.6 million and $706.0 million, respectively, representing year-over-year growth of 7% for 2018 and 10% for 2017, and our net losses were $243.1 million, $285.2 million and $485.4 million, respectively. We were incorporated in Delaware in February 2004 under the name NetForts, Inc., and changed our name to FireEye, Inc. in September 2005. Our principal executive offices are located at 601 McCarthy Blvd., Milpitas, California 95035, and our telephone number is (408) 321-6300. Our website is www.fireeye.com. Information contained on, or that can be accessed through, our website is not incorporated by reference into this report, and you should not consider information on our website to be part of this report. Our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K and amendments to reports filed or furnished pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended, are available free of charge on the Investor Relations portion of our website as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC. The SEC maintains an Internet site that contains reports, proxy and information statements and other information regarding issuers that file electronically with the SEC at www.sec.gov. The contents of these websites are not incorporated into this filing. Investors and others should note that we announce material financial information to our investors using our investor relations website (https://investors.fireeye.com), SEC filings, press releases, public conference calls and webcasts. We use these channels, as well as social media, to communicate with the public about our company, our services and other issues. It is possible that the information we post on social media could be deemed to be material information. Our Cybersecurity Solutions and Services Our solutions are designed to address cybersecurity requirements for small-to-mid sized enterprises, remote offices, large enterprises, governments and service providers. Customers may choose to deploy our detection and 6 prevention solutions on optimized appliances hardware, on virtual appliances, as a cloud-based service, or in hybrid deployments of all three options. All our detection and prevention solutions include subscriptions to our DTI cloud and support offerings, which are priced either as a percentage of the appliance hardware or as an all-inclusive subscription. Subscriptions are typically offered for one- or three-year terms. We typically invoice customers for the full term of subscriptions up-front. Our Helix cybersecurity platform, threat analytics, and Managed Defense security-as-a-service offerings are offered in one- or three-year subscriptions and are priced based on appropriate use metrics. These subscriptions are invoiced either for the full term of the subscription up front or annually, based on customer preference. Professional services are invoiced according to pre-determined contract terms for consulting services and on a time-and-materials basis for incident response. We recognize professional services revenue as our services are delivered. Product, Subscription and Support Threat Detection and Prevention Solutions. Our detection and prevention solutions utilize our advanced threat detection software, including our IDA technologies and MVX engine, to identify suspicious content embedded in Internet and network traffic, emails, software downloads and other data transfers and electronic communications. Our portfolio encompasses solutions for network security, email security, and endpoint security that are available in a variety of form factors and deployment options. • Network security solutions. Our network security solutions utilize our IDA technologies and MVX engine in a two-phase approach to detect, validate and block advanced, targeted and other evasive attacks hidden in Internet traffic, as well as threats embedded in internal network traffic. Our network security solutions may be deployed at the network perimeter, in conjunction with signature- and policy- based defenses, such as network firewalls to detect and validate attacks missed by those products. Additionally, our network security solutions may be deployed at the network core, across network segments or in front of servers to detect threats embedded in internal network traffic, such as ransomware. Our network security solutions require up-to-date dynamic threat intelligence and software support to maintain high detection efficacy. Customers may choose to purchase our network security software, dynamic threat intelligence, and support in a single “all inclusive” subscription, with optional appliance hardware, or they may purchase pre-configured appliance hardware with the required dynamic threat intelligence and support subscriptions priced as a percentage of the appliance hardware. Our network security solutions integrate with our email and endpoint security solutions through our Central Management System (“CMS”) or our Helix security operations platform to correlate threat intelligence and protect against multi-vector, blended attacks. Integrated network security. Our integrated network security appliances combine our IDA rules and correlation engines and our MVX engine in a single, standalone appliance to secure a single Internet access point. Customers may choose to deploy integrated network security on our optimized appliance hardware, or on a virtual appliance, with capacity scaling from 50 megabits per second to multiple gigabits per second of throughput. Distributed network security. In November 2016, we updated our advanced detection software to enable our IDA detection technologies to be deployed separately from our MVX engine without performance degradation. This allowed our IDA technologies to be deployed at multiple Internet access points in distributed, cloud and hybrid environments, using physical or virtual appliances known as Smart Nodes. Suspicious traffic detected by network sensors is submitted to a centrally shared MVX service over an encrypted connection. Distributed network security customers can choose to host the shared MVX service in their private cloud or utilize the FireEye-hosted Cloud MVX service. Network forensics. Our network forensics appliances capture, store and index full network packets at rapid speeds to allow organizations to investigate and resolve security incidents. • Email security solutions. Our email security solutions detect and stop spear phishing, ransomware, sender impersonation, credential phishing, typo-squatting, and other email-based attacks. We offer our 7 A n n u a l R e p o r t email security solution in a Server Edition with multiple deployment options, or as a cloud-based service. Both versions utilize our URL detection platform and our MVX engine to inspect emails for zero-day exploits, malicious URLs, behavioral anomalies, and other malware hidden in attachments. If an attack is confirmed, the malicious email is quarantined for further analysis and deletion. Our email security solutions integrate with FireEye network security through our CMS or our Helix security operations platform to protect against multi-vector, blended attacks. Email Security—Server Edition is an on-premises appliance-based solution that can be deployed with an integrated MVX engine or in a distributed architecture with a centralized, private cloud MVX service. Email Security—Cloud Edition is a FireEye-hosted version of our email security solution designed to integrate with cloud-based email systems such as Microsoft Office 365 with Exchange Online Protection and Google Mail. Email Security—Cloud Edition provides the same advanced correlation, analytics and MVX threat validation as Email Security—Server Edition, and also includes anti-spam and antivirus protection to defend against conventional signature-based threats. • • Endpoint security solutions. Our endpoint security solutions consist of a centralized management application, available through an on-premise appliance or as a cloud-based user interface, and lightweight endpoint agents deployed on desktops, laptops and other end-user devices. The solutions combine a signature-based endpoint protection platform with advanced endpoint detection and response capabilities to provide a comprehensive detection, protection and response solution in a single endpoint agent. The endpoint security agent also enables rapid containment and collects forensic data necessary for post-breach investigation and analysis of attacks. Our endpoint security solutions integrate with our email and endpoint security solutions through our CMS or our Helix security operations platform to correlate threat intelligence and protect against multi-vector, blended attacks. Customer Support and Maintenance Services. We offer technical support on our solutions. We provide multiple levels of support and have regional support centers located across the globe to help customers solve technical challenges they may encounter. In addition to post-sales support activities, our support organization works with our product management and engineering teams to ensure the attainment of defined pre-requisite quality levels for our products and services prior to release. Security Orchestration, Analytics and Management Solutions • • • Central Management System. Our Central Management System manages the overall deployment and integration of our on-premise network, email and endpoint security solutions by unifying reporting, configuration, and threat intelligence sharing. Customers generally purchase one or more CMS appliances to manage multiple FireEye detection and prevention appliances. FireEye Security Orchestrator. Our FireEye Security Orchestrator (“FSO”) accelerates and simplifies security operations by coordinating the response to critical alerts across the security and IT infrastructure using customized workflows, granular permissions, and bi-directional command and control plug-ins for many popular security and infrastructure products. FSO also provides an investigative dashboard and is a core enabling technology for the Helix cybersecurity platform. FireEye Helix. Our FireEye Helix security operations platform combines security alerts generated by our network, email and endpoint security solutions, as well as third-party security and IT products, with our contextual threat intelligence, threat analytics, and orchestration capabilities within a unified cloud- based interface. Helix enriches raw security event data with our contextual threat intelligence and our built-in analytics to identify and prioritize critical alerts. Helix also serves as an investigative platform with case management and workflow tools, as well as pre-loaded playbooks to automate and orchestrate the response across an organization. Helix also provides detailed reporting for compliance purposes. 8 Threat Intelligence Subscriptions • • Dynamic Threat Intelligence Cloud. Our DTI cloud is a bi-directional cloud-based service that collects, correlates and anonymizes machine-generated security data from our network, email and endpoint security solutions. DTI also distributes updated threat detection and prevention algorithms and software updates to our network, email and endpoint security solutions based on new threat intelligence and an evolving attack landscape. A subscription to our DTI cloud is required for all network, email and endpoint security solutions. FireEye Threat Intelligence is a subscription service based on our active monitoring of attacker personas, including nation-state sponsored groups. The resulting intelligence on adversaries is codified in reports and distributed through our Threat Intelligence portal to enable organizations to proactively defend against new and emerging cyber threats before an attack is launched. On-Demand and Managed Service Subscriptions • Managed Defense is a technology-enabled managed detection and response service that utilizes our latest adversary, machine-based, and victim threat intelligence to detect, investigate, and proactively hunt for known and previously undetected threats in our customers’ environments. • Expertise-on-Demand is a prepaid annual subscription that provides flexible, pay-per-use access to our threat intelligence and expertise as microservices. Customers purchase packages of units based on their anticipated needs and use the units to purchase threat intelligence and services at pre-determined unit values. Revenue is recognized in either the Cloud subscription and Managed services category or the Professional services category when the units are utilized, or upon expiration. Unused units expire one year after purchase. Professional Services • • • Incident response, compromise assessments and related security consulting services. Our cybersecurity experts help customers identify and remediate cyber breaches. Additionally, we offer security program assessments and planning, provide litigation support, and perform forensic analyses. These consulting services are marketed under the Mandiant brand. Cyber Threat Intelligence Services. Cyber threat intelligence services design and build cyber threat intelligence processes and solutions within customers’ security operations. Training. We offer training services to our customers and channel partners through our training department and authorized training partners. For contributions to total revenue by significant category of revenues, see “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included in Part II, Item 7 of this Annual Report on Form 10-K. A n n u a l R e p o r t Our Technologies We have developed proprietary technologies related to threat detection, virtual machine-based threat analysis, endpoint protection, and security orchestration. Our technologies leverage intelligence about threat actors’ tools and techniques, gathered through our incident response engagements and our network of security researchers, to adapt to new threats and changes in the threat environment. We believe these technologies, combined with our threat intelligence and security expertise, differentiate our products and services. Advanced Threat Detection and Prevention Technologies. At the core of our detection and protection capabilities for our network, email and endpoint security solutions is our proprietary, purpose-built MVX engine and our IDA technologies. Our IDA technologies include advanced correlation and analytics engines, our MalwareGuard machine-learning detection engine, behavior- and rules-based detection modules, and signature 9 matching capabilities. These detection technologies work in conjunction with our MVX engine and our Helix- based analytics to detect suspicious content and confirm malicious behavior in the targeted virtual environment. This allows our network, email and endpoint security solutions to provide high fidelity detection of known and unknown threats with negligible false-positive rates. We have built our IDA and MVX engine technologies over 10 years of research and development, and we believe they represent a significant competitive advantage for us. They first identify suspicious flows using intelligence-driven rules and analysis, including machine-learning and behavioral analysis, and then, through a separate process, use our MVX engine to determine whether such suspicious flows are malicious. Our detection technologies can be deployed on a single integrated appliance, as a cloud-based service, or in a hybrid appliance/cloud architecture. Advanced Endpoint Validation and Containment. Our endpoint security solution includes proprietary technologies that enable (i) automatic creation of indicators of compromise coupled with rapid enterprise-wide search, (ii) exploit detection and prevention, (iii) malware detection and prevention, (iv) forensic data capture and (v) rapid containment and investigation for connected and unconnected endpoints. Additionally, we have developed our endpoint technologies to correlate and consume threat intelligence from our network-based security solutions. Evolved Security Architecture and Security Orchestration. Our solutions are designed to operate as part of a comprehensive security architecture to defend organizations against today’s cyber threats and minimize the business impact of cyber attacks. The ability to monitor all network traffic, as well as stored files and forensic data, is critical to detecting cyber threats that enter through multiple vectors and move laterally across the network. We combine this visibility with our dynamic, contextual and strategic threat intelligence, advanced analytics and case management tools in our Helix security operations platform to enable rapid, prioritized responses to critical alerts. Our security orchestration tools and technologies integrate with Helix to extend security processes and response activities across the IT infrastructure. Customers Our customer base has grown to approximately 7,700 end-customers as of December 31, 2018, including more than 50% of the Forbes Global 2000. We provide products, subscriptions and services to customers of varying sizes, including enterprises, governmental agencies and educational and nonprofit organizations. Our customers include leading enterprises in a diverse set of industries, including telecommunications providers, financial services entities, Internet search engines, social networking sites, stock exchanges, electrical grid operators, networking vendors, oil and gas companies, healthcare and pharmaceutical companies and leading U.S. and international governmental agencies. Our business is not dependent on any particular end-customer as no end-customer represented more than 10% of our revenue for any of the years ended December 31, 2018, 2017 or 2016. For the years ended December 31, 2018, 2017 and 2016, one reseller represented 15%, 13% and 12%, respectively, of our total revenue. For the years ended December 31, 2018, 2017 and 2016, one distributor represented 20%, 19% and 19% respectively, of our total revenue. Backlog Orders for our appliances, software, subscriptions and services are typically shipped and billed in their entirety shortly after receipt of the order, even when the delivery term for the subscription or service extends over multiple periods. These amounts are included in deferred revenue, although the timing of revenue recognition for subscriptions and services may vary depending on the contractual service period or when the services are rendered. In certain instances, a customer may request periodic billing on a multi-period subscription or service contract or we may not have a contractual right to bill at period end. In these instances, the amount billed is included in deferred revenue and the amount to be billed in the future periods is included in backlog. Subscription and services backlog has historically represented less than 3% of our annual deferred revenue and revenue. As a result, we do not believe that our backlog at any particular time is meaningful because it does not represent a material component of future revenue in any given period. 10 We expect that the amount of backlog relative to the total value of our contracts will change from year to year due to several factors, including the amount invoiced early in the contract term, the timing and duration of customer agreements, varying invoicing cycles of agreements and changes in customer financial circumstances. Accordingly, we believe that fluctuations in backlog are not always a reliable indicator of future revenues and we do not utilize backlog internally as a key management metric. Sales and Marketing Sales. Our sales organization consists of in-house sales teams who work in collaboration with external channel partners to identify new sales prospects, sell additional products, subscriptions and services, and provide post-sale support. Our field sales team is organized by territory and is responsible for enterprise and government accounts within their region. Our inside sales organization is responsible for sales to medium-sized and smaller organizations, and for renewal of existing subscriptions. We also have a dedicated team focused on channel sales who manage the relationships with our value-added reseller and distributor partners and work with these channel partners to win and support customers. We believe this hybrid direct-touch sales approach allows us to leverage the benefits of broader market coverage provided by a reseller channel while maintaining a face-to-face connection with our customers, including key enterprise accounts. We have also cultivated alliances with non-traditional partners to generate customer referrals and extend our technologies and sales coverage to new market segments. These relationships include relationships with insurance providers, large systems integrators, and managed service providers, and we have engaged in joint solution development with leading providers of engineering services, payment systems, and public cloud platforms. Our sales organization is supported by sales engineers with deep technical domain expertise who are responsible for pre-sales technical support, solutions engineering for our customers, proof of concept work and technical training for our channel partners. Our sales engineers also act as the liaison between customers and our marketing and product development organizations. As part of our sales strategy, we often provide prospective customers with our detection and prevention products for a short-term evaluation period, typically ranging from one week to several months. During this period, the prospective customer conducts evaluations with the assistance of our system engineers and members of our security research team. We believe that by providing proof of concept evaluations to potential customers, we are able to contrast the effectiveness of our solutions versus our competitors in identifying suspicious and potentially malicious content in their actual IT environments. For our cloud-based email security solutions, we allow customers to submit emails previously scanned by their existing email security provider for analysis by our advanced detection technologies. Additionally, our Mandiant consultants use our technologies and products in their incident response and consulting engagements, providing de facto proof of concept evaluations in the customer’s environment. Our sales cycle varies by industry and can be long and unpredictable, but is typical of large, complex enterprise sales cycles that can last several months or more. However, some transactions can close in a few weeks when an active breach is discovered. Marketing. Our marketing is focused on building our brand reputation and market awareness for our solutions, driving customer demand and a strong sales pipeline, and working with our channel partners around the globe. Our marketing team consists primarily of corporate marketing, channel marketing, account/lead development, marketing operations and corporate communications. Marketing activities include demand generation, advertising, product launch activities, managing our corporate website and partner portal, trade shows and conferences, press and analyst relations, and customer awareness. We are also actively engaged in driving global thought leadership programs through blogs and media and developing rich content such as the global cyber map and threat reports. 11 A n n u a l R e p o r t Technology Alliance Partners FireEye has built a robust ecosystem of Technology Alliance Partners who, through integration and joint go-to-market efforts, extend the breadth and depth of the cybersecurity and protection we deliver to customers. Spanning multiple technology categories, including network monitoring vendors, security information and event management vendors, network equipment vendors, forensic software vendors and web application firewall vendors, these partnerships provide for threat intelligence sharing, cross-vendor technology integrations, and joint solution development. By helping to ease the complexity that organizations face when implementing multi- layered security solutions, our technology alliances facilitate integrated solution design, accelerate the time to realize value, and enhance our role as a strategic security partner. Government Affairs We maintain relationships with several governments around the globe. Our visibility into the threat landscape, knowledge of threat actors’ activities, and thought leadership in defending against cyber threats has helped to shape the legislative, regulatory and policy environment to enhance these governments’ individual and collective cyber posture. As part of this effort, we contribute to the evolving standard-making processes, help define best practices in various jurisdictions and help organizations of all sizes better understand the cyber threat landscape. We also help governments identify future needs and requirements. Through these and related activities, we engage on the front lines of emerging cybersecurity related public policy and use our knowledge and insight to improve the cybersecurity of our government and industry customers. Manufacturing The manufacturing of our security appliances is outsourced to principally one third-party contract manufacturer. This approach allows us to reduce our costs as it reduces our manufacturing overhead and inventory and also allows us to adjust quickly to changing customer demand. Our manufacturing partner assembles our products using design specifications, quality assurance programs, and standards that we establish, and it procures components and assembles our products based on our demand forecasts. These forecasts represent our estimates of future demand for our products based upon historical trends and analysis from our sales and product management functions as adjusted for overall market conditions. Our primary contract manufacturer is Flex Ltd. (“Flex”). The manufacturing agreement we entered into with Flex does not provide for any minimum purchase commitments and had an initial term of one year, which automatically renews for one-year terms, unless either party gives written notice to the other party not less than 90 days prior to the last day of the applicable term. Additionally, this agreement may be terminated by either party (i) with advance written notice provided to the other party, subject to certain notice period limitations, or (ii) with written notice, subject to applicable cure periods, if the other party has materially breached its obligations under the agreement. Research and Development We invest substantial resources in research and development to enhance our detection, analysis and correlation engines, expand our threat intelligence, build add-on functionality to our products, and improve our core technologies. We believe that adapting our hardware, software and cloud-based technologies to changes in the threat environment is critical to maintaining and expanding our leadership in the cyber security industry. Our engineering teams have deep networking, security and data management expertise and work closely with our customers and our Mandiant consultants to identify current and future needs. Because our Mandiant consultants use our products in their incident response and compromise assessment engagements and provide continual feedback to our engineering teams on product performance, detection efficacy, evasion techniques and attack trends, we are able to adapt our solutions as the threat environment evolves. 12 In addition to our focus on platform expansion and enhancement, our research and development teams are focused on developing automation tools and machine learning techniques to reduce the time to discover and distribute new threat intelligence, as well as generate efficiencies in our services offerings. We are also investing in security platform management and orchestration capabilities to provide unified reporting, automated response, and security orchestration features to customers in a single dashboard. We maintain research and development activities across the globe with teams located in Germany, India, Ireland, Japan, Singapore and the United States. Competition We operate in the intensely competitive IT security market which is characterized by constant change and in evolving customer innovation. Changes in the threat requirements for cyber security. Several vendors have either introduced new products or incorporated features into existing products that compete with our solutions. Our current and potential future competitors fall into six general categories: landscape and broader IT infrastructures result • • • • • • large networking vendors such as Cisco and Juniper that may emulate or integrate security features similar to ours into their own products; large companies such as IBM, Oracle and HPE that have acquired security solutions and have the technical and financial resources to bring competitive solutions to the market; independent security vendors such as Palo Alto Networks, Proofpoint and CrowdStrike that offer products or features that claim to perform similar functions to our platform; small and large companies, including new market entrants, that offer niche product solutions that compete with some of the features present in our platform; providers of traditional signature-based security solutions, such as Symantec and McAfee; and other providers of incident response and compromise assessment services. As our market grows and a larger share of IT budgets is allocated to cybersecurity, it will attract more highly specialized vendors as well as larger technology vendors that may continue to acquire or bundle their products more effectively. The principal competitive factors in our market include: • • • • • • • • ability to deliver the combination of technology, intelligence and expertise necessary to combat the current threat landscape; ability to detect and prevent known and unknown threats by overcoming the limitations of signature- based approaches, while maintaining a low rate of false-positive alerts; scalability, throughput and overall performance of our detection and prevention technologies; visibility into all stages of an attack, especially the exploit phase; ability to consolidate features onto a single platform, thereby reducing the complexity of maintaining solutions from multiple vendors; the ability to integrate with third-party IT providers to enable an orchestrated solution of products and services that detect, prevent and resolve cybersecurity threats across multiple attack vectors; breadth and richness of the shared threat threat intelligence, intelligence on cyber crime, cyber espionage, hacktivism, attacks on critical infrastructure and nation- state attacks; including dynamic and contextual flexible deployment options, including on-premise appliances, cloud-based software or a hybrid of both, as well as “as-a-service” options; 13 A n n u a l R e p o r t • • • • • brand awareness and reputation; strength and effectiveness of sales and marketing efforts; product extensibility and ability to integrate with other technologies in the network infrastructure; ease of use and customer experience; and price and total cost of ownership. We believe we compete favorably with our competitors on the basis of these factors as a result of the features and performance of our platform, the ease of integration of our products with network infrastructures, the breadth of our services and solution offerings and the relatively low total cost of ownership of our products. However, many of our competitors have substantially greater financial, technical and other resources, greater name recognition, larger sales and marketing budgets, deeper customer relationships, broader distribution, and larger and more mature intellectual property portfolios. Intellectual Property Our success depends in part upon our ability to protect our core technologies and intellectual property. We rely on, among other things, patents, trademarks, copyrights and trade secret laws, confidentiality safeguards and procedures, and employee non-disclosure and invention assignment agreements to protect our intellectual property rights. We file patent applications to protect our intellectual property and believe that the duration of our issued patents is sufficient when considering the expected lives of our products. We cannot assure you whether any of our patent applications will result in the issuance of a patent or whether the examination process will result in patents of valuable breadth or applicability. In addition, any patents that may issue may be contested, circumvented, found unenforceable or invalidated, and we may not be able to prevent third parties from infringing them. We also license software from third parties for integration into our products, including open source software and other software available on commercially reasonable terms. We control access to and use of our proprietary software, technology and other proprietary information through the use of internal and external controls, including contractual protections with employees, contractors, end-customers and partners, and our software is protected by U.S. and international copyright, patent and trade secret technology and other proprietary information, unauthorized parties may still copy or otherwise obtain and use our software, technology and other proprietary information. In addition, we intend to expand our international operations, and effective patent, copyright, trademark, and trade secret protection may not be available or may be limited in foreign countries. laws. Despite our efforts to protect our software, Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation regarding patent and other intellectual property rights. If we become more successful, we believe that competitors will be more likely to try to develop products that are similar to ours and that may infringe our proprietary rights. It may also be more likely that competitors or other third parties will claim that our products infringe their proprietary rights. In particular, large and established companies in the IT security industry have extensive patent portfolios and are regularly involved in both offensive and defensive litigation. From time-to-time, third parties, including certain of these large companies and non-practicing entities, may assert patent, copyright, trademark, and other intellectual property rights against us, our channel partners, or our end-customers, whom our standard license and other agreements obligate us to indemnify against such claims. Successful claims of infringement by a third party, if any, could prevent us from distributing certain products or performing certain services, require us to expend time and money to develop non-infringing solutions, or force us to pay substantial damages (including, in the United States, treble damages if we are found to have willfully infringed patents), royalties or other fees. We cannot assure you that we do not currently infringe, or that we will not in the future infringe, upon any third-party patents or other proprietary rights. See “Risk Factors—Risks Related to Our Business and Our Industry—Claims by others that we infringe their proprietary technology or other rights could harm our business” for additional information. 14 Business Seasonality For discussion of seasonal trends, see our quarterly results of operations discussion within “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included in Part II, Item 7 of this Annual Report on Form 10-K. Employees As of December 31, 2018, we had approximately 3,200 employees. None of our employees are represented by a labor organization or are a party to any collective bargaining arrangement. We have never had a work stoppage, and we consider our relationship with our employees to be good. Item 1A. Risk Factors Our operations and financial results are subject to various risks and uncertainties including those described below. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, also may become important factors that affect us. If any of the following risks or others not specified below materialize, our business, financial condition and results of operations could be materially adversely affected. In that case, the trading price of our common stock could decline. Risks Related to Our Business and Our Industry If the IT security market does not continue to adopt our security platforms, our sales will not grow as quickly as anticipated, or at all, and our business, results of operations and financial condition would be harmed. Our future success depends on market adoption of our unique approach to IT security. We are seeking to disrupt the IT security market with our security platforms. Our platforms interoperate with but do not replace most signature-based IT security products. Enterprises and governments that use signature-based security products, such as firewalls, intrusion prevention systems, or IPS, anti-virus, or AV, and Web and messaging gateways, for their IT security may be hesitant to purchase our security platforms if they believe that signature- based products are more cost effective, provide substantially the same functionality as our platforms or provide a level of IT security that is sufficient to meet their needs. Currently, many enterprises and governments have not allocated a fixed portion of their budgets to protect against next-generation advanced cyber attacks. As a result, to expand our customer base, we need to convince potential customers to allocate a portion of their discretionary budgets to purchase our platforms. However, even if we are successful in doing so, any future deterioration in general economic conditions may cause our customers to cut their overall IT spending, and such cuts may fall disproportionately on products and services like ours, for which no fixed budgetary allocation has been made. If we do not succeed in convincing customers that our platforms should be an integral part of their overall approach to IT security and that a fixed portion of their annual IT budgets should be allocated to our platforms, our sales will not grow as quickly as anticipated, or at all, which would have an adverse impact on our business, results of operations and financial condition. Even if there is significant demand for security solutions like ours, if our competitors include functionality that is, or is perceived to be, better than or equivalent to that of our platforms, we may have difficulty increasing the market penetration of our platforms. Furthermore, even if the functionality offered by other IT security providers is different and more limited than the functionality of our platforms, organizations may elect to accept such limited functionality in lieu of adding products from additional vendors like us, especially if competitor offerings are free or available at a lower cost. In addition, changes in customer requirements could reduce customer demand for our security solutions. For example, if customers were to reduce their number of web egress points in order to reduce their cyber attack surface, they would not need to purchase as many of our Network Threat Prevention appliances, which currently 15 A n n u a l R e p o r t account for the largest portion of our threat prevention product revenue. Similarly, if one or more governments share, on a free or nearly free basis, threat intelligence with other governmental agencies or organizations, such as critical infrastructure companies, then those agencies or organizations might have less demand for additional threat intelligence and may purchase less of our threat intelligence offerings. If enterprises and governments do not continue to adopt our security platforms for any of the reasons discussed above or for other reasons not contemplated, our sales would not grow as quickly as anticipated, or at all, and our business, results of operations and financial condition would be harmed. We have had operating losses each year since our inception, and may not achieve or maintain profitability in the future. We have incurred operating losses each year since our inception, including net losses of $243.1 million, $285.2 million and $485.4 million during the years ended December 31, 2018, 2017 and 2016, respectively. Any failure to increase our revenue and manage our cost structure as we grow our business could prevent us from achieving or, if achieved, maintaining profitability. Even if we do achieve profitability, we may not be able to sustain or increase profitability on a quarterly or annual basis. If we are unable to become and remain profitable, the value of our company could decrease and our ability to raise capital, maintain our research and development efforts, and expand our business could be negatively impacted. We face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations. The market for security products and services is intensely competitive and characterized by rapid changes in technology, customer requirements, industry standards, threat vectors and frequent new product introductions and improvements. We anticipate continued challenges from current competitors, which in many cases are more established and enjoy greater resources than us, as well as by new entrants into the industry. If we are unable to anticipate or effectively react to these competitive challenges, our competitive position could weaken, and we could experience a decline in our growth rate or revenue that could adversely affect our business and results of operations. Our competitors and potential competitors include large networking vendors such as Cisco Systems and Juniper Networks that may emulate or integrate security features similar to ours into their own products; large companies such as IBM, Oracle and HPE that have acquired security solutions in recent years and have the technical and financial resources to bring competitive solutions to the market; independent security vendors such as Palo Alto Networks, Proofpoint and CrowdStrike that offer products or features that claim to perform similar functions to our platform; small and large companies, including new market entrants, that offer niche product solutions that compete with some of the features present in our platform; providers of traditional signature-based security solutions, such as Symantec and McAfee; and other providers of incident response and compromise assessment services. Other IT providers offer, and may continue to introduce, security features that compete with our platform, either in stand-alone security products or as additional features in their network infrastructure products. Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as: • • • • • • greater name recognition, longer operating histories and larger customer bases; larger sales and marketing budgets and resources; broader distribution and established relationships with channel and distribution partners and customers; greater customer support resources; greater resources to make acquisitions or enter into strategic partnerships; lower labor and research and development costs; 16 • • larger and more mature intellectual property portfolios; and substantially greater financial, technical and other resources. In addition, some of our larger competitors have substantially broader product offerings and may be able to leverage their relationships with distribution partners and customers based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products, subscriptions and services, including by selling at zero or negative margins, product bundling or offering closed technology platforms. Potential customers may also prefer to purchase from their existing suppliers rather than a new supplier regardless of product performance or features. As a result, even if the features of our platform are superior, customers may not purchase our products. In addition, new innovative start-up companies, and larger companies that are making significant investments in research and development, may invent similar or superior products and technologies that compete with our platform. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. Further, as our customers refresh the security products bought in prior years, they may seek to consolidate vendors, which may result in current customers choosing to purchase products from our competitors on an ongoing basis. Some of our competitors have made or could make acquisitions of businesses that allow them to offer more competitive and comprehensive solutions. As a result of such acquisitions, our current or potential competitors may be able to accelerate the adoption of new technologies that better address end-customer needs, devote greater resources to bring these products and services to market, initiate or withstand substantial price competition, or develop and expand their product and service offerings more quickly than we do. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share. If we are unable to compete successfully, or if competing successfully requires us to take costly actions in response to the actions of our competitors, our business, financial condition and results of operations could be adversely affected. Real or perceived defects, errors or vulnerabilities in our products or services, the misconfiguration of our products, the failure of our products or services to block malware or prevent a security breach, or the failure of customers to take action on attacks identified by our products could harm our reputation and adversely impact our business, financial position and results of operations. Because our products and services are complex, they have contained and may contain design or manufacturing defects or errors that are not detected until after their deployment. Our products also provide our customers with the ability to customize a multitude of settings, and it is possible that a customer could misconfigure our products or otherwise fail to configure our products in an optimal manner. Such defects and misconfigurations of our products could cause our products or services to be vulnerable to security attacks, cause them to fail to secure networks and detect and block threats, or temporarily interrupt the networking traffic of our customers. In addition, because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, there is a risk that an advanced attack could emerge that our products and services are unable to detect or prevent. Moreover, as our products and services are adopted by an increasing number of enterprises and governments, it is possible that the individuals and organizations behind advanced malware attacks will focus on finding ways to defeat our products and services. If this happens, our networks, products, services and subscriptions could be targeted by attacks specifically designed to disrupt our business and undermine the perception that our products and services are capable of providing superior IT security, which, in turn, could have a serious impact on our reputation as a provider of security solutions. In addition, defects or errors in our subscription updates or our products could result in a failure of our subscriptions to effectively update customers’ hardware and cloud-based products. Our data centers and networks may experience technical failures and downtime, may fail to distribute appropriate 17 A n n u a l R e p o r t updates, or may fail to meet the increased requirements of a growing installed customer base, any of which could temporarily or permanently expose our customers’ networks, leaving their networks unprotected against the latest security threats. Moreover, our products must interoperate with our customers’ existing infrastructure, which often have different specifications, utilize multiple protocol standards, deploy products from multiple vendors, and contain multiple generations of products that have been added over time. As a result, unanticipated failures could occur if a customer deploys our products in an untested configuration. Similarly, if we inadvertently update our products with an erroneous configuration or untested detection content, invalid detections or product downtime could occur. Any of these situations could result in negative publicity to us, damage to our reputation, declining sales, increased expenses and customer relations issues, and therefore adversely impact our business, financial position and results of operations. If any of our customers becomes infected with malware after using our products or services, such customer could be disappointed with our products and services, regardless of whether our products or services blocked the theft of any of such customer’s data or would have blocked such theft if configured properly. Similarly, if our products detect attacks against a customer but the customer has not permitted our products to block the theft of customer data, customers and the public may erroneously believe that our products were not effective. For any security breaches against customers that use our services, such as customers that have hired us to monitor their networks and endpoints through our own or our co-branded security operation centers, breaches against those customers may result in customers and the public believing that our products and services failed. Furthermore, if any enterprises or governments that are publicly known to use our products or services are the subject of an advanced cyber attack that becomes publicized, our other current or potential customers may look to our competitors for alternatives to our products and services. Real or perceived security breaches of our customers’ networks could cause disruption or damage to their networks or other negative consequences and could result in negative publicity to us, damage to our reputation, declining sales, increased expenses and customer relations issues. Furthermore, our products and services may fail to detect or prevent malware, ransomware, viruses, worms or similar threats for any number of reasons, including our failure to enhance and expand our products and services to reflect industry trends, new technologies and new operating environments, the complexity of the environment of our clients and the sophistication of malware, viruses and other threats. In addition, from time to time, firms test our products against other security products. Our products may fail to detect or prevent threats in any particular test for a number of reasons, including misconfiguration. To the extent potential customers, industry analysts or testing firms believe that the occurrence of a failure to detect or prevent any particular threat is a flaw or indicates that our products or services do not provide significant value, our reputation and business could be harmed. Failure to keep pace with technological changes in the IT security industry and changes in the threat landscape could adversely affect our ability to protect against security breaches and could cause us to lose customers. In addition, in the event that a customer suffers a cyber attack, we could be subject to claims based on a misunderstanding of the scope of our contractual warranties or the protection afforded by the Support Anti- Terrorism by Fostering Effective Technologies Act of 2002 (the “SAFETY Act”). Any real or perceived defects, errors or vulnerabilities in our products and services, or any other failure of our products and services to detect an advanced threat, could result in: • • • • a loss of existing or potential customers or channel partners; delayed or lost revenue and harm to our financial condition and results of operations; a delay in attaining, or the failure to attain, market acceptance; the expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work around errors or defects, to address and eliminate vulnerabilities, or to identify and ramp up production with alternative third-party manufacturers; 18 • • • an increase in warranty claims, or an increase in the cost of servicing warranty claims, either of which would adversely affect our gross margins; harm to our reputation or brand; and litigation, regulatory inquiries, or investigations that may be costly and further harm our reputation. A network or data security incident against us, whether actual, alleged or perceived, may harm our reputation, create liability and adversely impact our financial results. Increasingly, companies are subject to a wide variety of attacks on their networks on an ongoing basis. In addition to traditional computer “hackers,” malicious code (such as viruses and worms), phishing attempts, employee theft or misuse, and denial of service attacks, sophisticated nation-state and nation-state supported actors engage in intrusions and attacks (including advanced persistent threat intrusions) and add to the risks to our internal networks, cloud deployed enterprise and customer facing environments and the information they store and process. We and/or our third-party service providers may face security threats and attacks from a variety of sources. Our data, corporate systems, third-party systems and security measures may be breached due to the actions of outside parties, employee error, malfeasance, a combination of these, or otherwise, and, as a result, an unauthorized party may obtain access to our data. Furthermore, as a well-known provider of security solutions, we may be a more attractive target for such attacks. A breach in our data security or an attack against our service availability, or that of our third-party service providers, could impact our networks or networks secured by our products and subscriptions, creating system disruptions or slowdowns and exploiting security vulnerabilities of our products, and the information stored on our networks or those of our third-party service providers could be accessed, publicly disclosed, altered, lost, or stolen, which could subject us to liability and cause us financial harm. Any actual, alleged or perceived breach of network security in our systems or networks, or any other actual, alleged or perceived data security incident we or our third-party service providers suffer, could result in damage to our reputation, negative publicity, loss of channel partners, customers and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise respond to any incident, regulatory investigations and enforcement actions, costly litigation, and other liability. In addition, we may incur significant costs and operational consequences of investigating, remediating, eliminating and putting in place additional tools and devices designed to prevent actual or perceived security incidents, as well as the costs to comply with any notification obligations resulting from any security incidents. Any of these negative outcomes could adversely impact the market perception of our products and subscriptions and end-customer and investor confidence in our company and could seriously harm our business or operating results. Our results of operations may vary significantly from period to period, which could cause the trading price of our common stock to decline. Our results of operations have varied significantly from period to period, and we expect that our results of operations, including, but not limited to our GAAP and non-GAAP measures, will continue to vary as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including: • • • • • • our ability to attract new and retain existing customers or sell additional products and subscriptions to our existing customers; changes in our mix of products, subscriptions and services sold, including changes in multi-year subscriptions and support; the timing and success of new product, subscription or service introductions by us or our competitors; real or perceived reductions in our product efficacy by our customers or in the marketplace; the budgeting cycles, seasonal buying patterns and purchasing practices of customers; the timing of new contracts or shipments of our products and length of our sales cycles; 19 A n n u a l R e p o r t • • • • • • • • • • • • • • • • • • • • • • changes in customer, distributor or reseller requirements or market needs; changes in the growth rate of the IT security market, particularly the market for threat protection solutions like ours that target next-generation advanced cyber attacks; any change in the competitive landscape of the IT security market, including consolidation among our customers or competitors and strategic partnerships entered into by and between our competitors; the level of awareness of IT security threats, particularly advanced cyber attacks, and the market adoption of our platform; deferral of orders from customers in anticipation of new products or product enhancements announced by us or our competitors; our ability to successfully and continuously expand our business domestically and internationally; reductions in customer retention rates for our subscriptions and support; decisions by organizations to purchase IT security solutions from larger, more established security vendors or from their primary IT equipment vendors; changes in our pricing policies or those of our competitors; any disruption in, or termination of, our relationships with channel partners; our inability to fulfill our customers’ orders due to supply chain delays or events that impact our manufacturers or their suppliers; the timing and costs related to the development or acquisition of technologies or businesses or strategic partnerships; the lack of synergy or the inability to realize expected synergies, resulting from acquisitions or strategic partnerships; our inability to execute, complete or integrate efficiently any acquisition that we may undertake; increased expenses, unforeseen liabilities, or write-downs and any impact on our operating results from any acquisitions we consummate; insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our products, subscriptions and services, or confronting our key suppliers, particularly our sole source suppliers, which could disrupt our supply chain; the cost and potential outcomes of future litigation; seasonality or cyclical fluctuations in our business; political, economic and social instability; future accounting pronouncements or changes in our accounting policies or practices; the amount and timing of operating costs and capital expenditures related to the expansion of our business; and increases or decreases in our revenues and expenses caused by fluctuations in foreign currency exchange rates. Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. For example, as we offer more and more solutions through subscriptions and services, it becomes increasingly difficult for us to predict whether customers will purchase our solutions as a product, a subscription or a service. If customers purchase our solutions through subscriptions and services that have less profit associated with them than our products, our operating results 20 could be harmed. Changes in the mix of offerings sold impacts the timing of recognition of revenue for our sales. Consequently, given the different revenue recognition policies associated with sales of our products, subscriptions and services, customers purchasing more of our subscription and services offerings and less of our product offerings than we anticipated could result in our actual revenue falling below our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in our stock price. As a result of this variability, our historical results of operations should not be relied upon as an indication of future performance. Moreover, this variability and unpredictability could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, the market price of our common stock could fall substantially, and we could face costly lawsuits, including securities class action suits. If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth and we may not achieve or maintain profitability in the future. From the year ended December 31, 2010 to the year ended December 31, 2018, our revenue grew from $11.8 million to $831.0 million, which represents a compounded annual growth rate of approximately 70%. Although we have experienced rapid growth in the past and currently have strong retention rates, we may not continue to grow in the future and our retention rates may decline. Any success that we may experience in the future will depend, in large part, on our ability to, among other things: • maintain, renew and expand our existing customer base; • win new customers to our solutions; • • • increase revenues from existing customers through increased use of our products, subscriptions and services within their organizations; improve the capabilities of our products and subscriptions through research and development; continue to develop our cloud-based solutions; • maintain the rate at which customers purchase our subscriptions and support; • • continue to successfully expand our business domestically and internationally; and successfully compete with other companies. If we are unable to maintain consistent or increasing revenue growth or if our revenues decline, it may be difficult to achieve and maintain profitability and our business and financial results could be adversely affected. Our revenue for any prior quarterly or annual periods should not be relied upon as any indication of our future revenue or revenue growth. If we are unable to sell additional products, subscriptions and services, as well as renewals of our subscriptions and services, to our customers, our future revenue and operating results will be harmed. Our future success depends, in part, on our ability to expand the deployment of our platform with existing customers by selling them additional products, subscriptions and services, such as our FireEye Helix platform. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. In addition, the rate at which our customers purchase additional products, subscriptions and services depends on a number of factors, including the perceived need for additional IT security, general economic conditions, and our customers’ level of satisfaction with our existing solutions they have previously purchased. If our efforts to sell additional products, subscriptions and services to our customers are not successful, our business may suffer. 21 A n n u a l R e p o r t Further, existing customers that purchase our platform have no contractual obligation to renew their subscriptions and support and maintenance services after the initial contract period, and given our limited operating history, we may not be able to accurately predict our retention rates. Our customers’ retention rates may decline or fluctuate as a result of a number of factors, including the level of their satisfaction with our platform, our customer support, customer budgets and the pricing of our platform compared with the products and services offered by our competitors. If our customers renew their subscriptions, they may renew for shorter contract lengths or on other terms that are less economically beneficial to us. We cannot assure you that our customers will renew their subscriptions, and if our customers do not renew their subscriptions or renew them on less favorable terms, our revenue may grow more slowly than expected, not grow at all, or even decline. We also depend on our installed customer base for future support and maintenance revenue. We offer our support and maintenance agreements for terms that generally range between one and five years. If customers choose not to renew their support and maintenance agreements or seek to renegotiate the terms of their support and maintenance agreements prior to renewing such agreements, our revenue may grow more slowly than expected, not grow at all, or even decline. Recent, past and future acquisitions and investments could disrupt our business and harm our financial condition and operating results. Our success will depend, in part, on our ability to expand our platform and grow our business in response to changing technologies, customer demands and competitive pressures. In some circumstances, we may decide to do so through the acquisition of complementary businesses and technologies rather than through internal development, including, for example, our acquisition of iSIGHT Security, Inc. (d/b/a iSIGHT Partners, Inc.) (“iSIGHT”), our acquisition of Invotas International Corporation (“Invotas”), our acquisition of Clean Communications Limited (d/b/a The Email Laundry) (“The Email Laundry”) and our acquisition of X15 Software, Inc. (“X15”). The identification of suitable acquisition candidates can be difficult, time-consuming and costly, and we may not be able to successfully complete acquisitions that we target in the future. The risks we face in connection with acquisitions, including our acquisitions of iSIGHT, Invotas, The Email Laundry and X15 include: • • • • • • • • • diversion of management integration challenges; time and focus from operating our business to addressing acquisition coordination of research and development and sales and marketing functions; integration of product and service offerings; retention of key employees from the acquired company; changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisition; cultural challenges associated with integrating employees from the acquired company into our organization; integration of the acquired company’s accounting, management information, human resources and other administrative systems, as well as the acquired operations, technology and rights into our offerings, and any unanticipated expenses related to such integration; the need to implement or improve controls, procedures, and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures and policies; financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that we don’t adequately address and that cause our reported results to be incorrect; 22 • • • • liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and other known and unknown liabilities; completing the transaction and achieving or utilizing the anticipated benefits of the acquisition within the expected timeframe, or at all; unanticipated write-offs or charges; and litigation or other claims in connection with the acquired company, including claims from terminated employees, customers, former stockholders or other third parties which may differ from or be more significant than the risks our business faces. Our failure to address these risks or other problems encountered in connection with our past or future acquisitions and investments could cause us to fail to realize the anticipated benefits of these acquisitions or investments, cause us to incur unanticipated liabilities, and harm our business generally. Future acquisitions could also result in dilutive issuances of equity securities. For example, in January 2016, we issued 1,793,305 shares of common stock in connection with our acquisition of iSIGHT; in February 2016, we issued 742,026 shares of common stock in connection with our acquisition of Invotas; in October 2017, we issued 259,425 shares of common stock in connection with our acquisition of The Email Laundry; and in January 2018, we issued 1,016,334 shares of common stock in connection with our acquisition of X15. There is also a risk that future acquisitions will result in the incurrence of debt, contingent liabilities, amortization expenses, incremental operating expenses or the write-off of goodwill, any of which could harm our financial condition or operating results. If we are unable to maintain successful relationships with our channel partners and technology alliance partners, or if our channel partners or technology alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, financial position and results of operations will be harmed. In addition to our direct sales force, we rely on our indirect channel partners to sell and support our platform. We derive a substantial portion of our revenue from sales of our products, subscriptions and services through, or with the assistance of, our indirect channel, and we expect that sales through channel partners will continue to be a significant percentage of our revenue. We also partner with our technology alliance partners to design go-to-market strategies that combine our platform with products or services provided by our technology alliance partners. A n n u a l R e p o r t Our agreements with our channel partners and our technology alliance partners are generally non-exclusive, meaning our partners may offer customers products from several different companies, including products that compete with ours. If our channel partners do not effectively market and sell our platform, choose to use greater efforts to market and sell their own products or those of our competitors, or fail to meet the needs of our customers, our ability to grow our business and sell our platform may be adversely affected. Our channel partners and technology alliance partners may cease marketing our platform with limited or no notice and with little or no penalty, and new channel partners require extensive training and may take several months or more to achieve productivity. The loss of a substantial number of our channel partners, our possible inability to replace them, or the failure to recruit additional channel partners could materially and adversely affect our results of operations. In addition, sales by channel partners are more likely than direct sales to involve collectability concerns, particularly in developing markets. Our channel partner structure could also subject us to lawsuits or reputational harm if, for example, a channel partner misrepresents the functionality of our platform to customers or violates applicable laws or our corporate policies. 23 Our ability to achieve revenue growth in the future will depend in part on our success in maintaining successful relationships with our channel partners, and in training our channel partners to independently sell and deploy our platform. If we are unable to maintain our relationships with these channel partners or otherwise develop and expand our indirect sales channel, or if our channel partners fail to perform, our business, financial position and results of operations could be adversely affected. Fluctuating economic conditions make it difficult to predict revenue for a particular period, and a shortfall in revenue may harm our business and operating results. Our revenue depends significantly on general economic conditions and the demand for products in the IT security market. Economic weakness, customer financial difficulties, and constrained spending on IT security may result in decreased revenue and earnings. Such factors could make it difficult to accurately forecast our sales and operating results and could negatively affect our ability to provide accurate forecasts to our contract manufacturers and manage our inventory purchases, contract manufacturer relationships and other costs and expenses. In addition, concerns regarding the effects of the U.K.‘s decision to exit the EU, commonly referred to as “Brexit”, uncertainties related to changes in public policies such as domestic and international regulations, taxes or international trade agreements as well as geopolitical turmoil and other disruptions to global and regional economies and markets in many parts of the world, have and may continue to put pressure on global economic conditions and overall spending on IT security. General economic weakness may also lead to longer collection cycles for payments due from our customers, an increase in customer bad debt, restructuring initiatives and associated expenses, and impairment of investments. Furthermore, the continued uncertainty in worldwide credit markets, including the sovereign debt situation in certain countries in the EU may adversely impact the ability of our customers to adequately fund their expected capital expenditures, which could lead to delays or cancellations of planned purchases of our platform. Uncertainty about future economic conditions also makes it difficult to forecast operating results and to make decisions about future investments. Future or continued economic weakness for us or our customers, failure of our customers and markets to recover from such weakness, customer financial difficulties, and reductions in spending on IT security could have a material adverse effect on demand for our platform and consequently on our business, financial condition and results of operations. If we fail to effectively manage our growth, our business, financial condition and results of operations would be harmed. Although our business has experienced significant growth in the past, we cannot provide any assurance that our business will continue to grow at the same rate or at all. To improve our infrastructure, we continue to enhance our enterprise resource planning system, including revenue recognition and management software, and implement and enhance additional systems and controls. There is no assurance that we will be able to successfully scale improvements to our enterprise resource planning system or implement or scale improvements to our other systems, processes and controls in a manner that keeps pace with our growth or that such systems, processes and controls will be effective in preventing or detecting errors, omissions or fraud. As part of our efforts to improve our internal systems, processes and controls, we have licensed technology from third parties. The support services available for such third-party technology are outside of our control and may be negatively affected by consolidation in the software industry. In addition, if we do not receive adequate support for the software underlying our systems, processes and controls, our ability to provide products and services to our customers in a timely manner may be impaired, which may cause us to lose customers, limit us to smaller deployments of our platform or increase our technical support costs. Many of our expenses are relatively fixed, at least in the short term. If our projections or assumptions on which we base our projections are incorrect, we may not be able to adjust our expenses rapidly enough to avoid an adverse impact on our profitability or cash flows. 24 To manage this growth effectively, we must continue to improve our operational, financial and management systems and controls by, among other things: • • • • • • effectively hiring, training and integrating new employees, particularly members of our sales and management teams; further improving our key business applications, processes and IT infrastructure, including our data centers, to support our business needs; continuing to refine our ability to forecast our bookings, billings, revenues, expenses and cash flows; enhancing our information and communication systems to ensure that our employees and offices around the world are well coordinated and can effectively communicate with each other and our growing base of channel partners and customers; improving our internal control over financial reporting and disclosure controls and procedures to ensure timely and accurate reporting of our operational and financial results; and appropriately documenting and testing our IT systems and business processes. These and other improvements in our systems and controls will require significant capital expenditures and the allocation of valuable management and employee resources. If we fail to implement these improvements effectively, our ability to manage our expected growth, ensure uninterrupted operation of key business systems and comply with the rules and regulations applicable to public reporting companies would be impaired, and our business, financial condition and results of operations would be harmed. If the general level of advanced cyber attacks declines, or is perceived by our current or potential customers to have declined, our business could be harmed. Our business is substantially dependent on enterprises and governments recognizing that advanced cyber attacks are pervasive and are not effectively prevented by legacy security solutions. High visibility attacks on prominent enterprises and governments have increased market awareness of the problem of advanced cyber attacks and help to provide an impetus for enterprises and governments to devote resources to protecting against advanced cyber attacks, such as testing our platform, purchasing it, and broadly deploying it within their organizations. If advanced cyber attacks were to decline, or enterprises or governments perceived that the general level of advanced cyber attacks have declined, our ability to attract new customers and expand our offerings within existing customers could be materially and adversely affected. A reduction in the threat landscape, for example, as a result of the 2015 cybersecurity agreement between China and the U.S., may reduce the demand from customers or prospects for our solutions, and therefore could increase our sales cycles and harm our business, results of operations and financial condition. A n n u a l R e p o r t Disruptions or other business interruptions that affect the availability of our Dynamic Threat Intelligence (“DTI”) cloud, our Helix platform, or other cloud-based products and services we offer or may offer could adversely impact our customer relationships as well as our overall business. When a customer purchases one or more of our threat prevention appliances, it must also purchase a subscription to our DTI cloud for a term of one to three years. Our DTI cloud enables global sharing of threat intelligence uploaded by any of our customers’ cloud-connected FireEye appliances. We also offer additional cloud-based platforms such as our Email Threat Prevention, Mobile Threat Prevention and Threat Analytics Platforms and provide security solutions through our own and our co-branded security operation centers. Our customers depend on the continuous availability of our DTI cloud and other cloud-based products and services. Our cloud-based products and services are vulnerable to damage or interruption from a variety of sources, including damage or interruption caused by fire, earthquake, power loss, telecommunications or computer systems failure, cyber attack, human error, terrorist acts and war. Our data centers and networks may 25 experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing customer base, any of which could temporarily or permanently expose our customers’ networks, leaving their networks unprotected against the latest security threats or, in the case of technical failures and downtime of security operation centers, all security threats. In addition, there may also be system or network interruptions if new or upgraded systems are defective or not installed properly. Moreover, interruptions in our subscription updates could result in a failure of our DTI cloud to effectively update customers’ hardware products and thereby leave our customers more vulnerable to attacks. Interruptions or failures in our service delivery could cause customers to terminate their subscriptions with us, could adversely affect our retention rates, and could harm our ability to attract new customers. Our business would also be harmed if our customers believe that our DTI cloud or other cloud-based products and services are unreliable. In addition, we provide our cloud-based products and services through third-party data center hosting facilities located in the United States and other countries. While we control and have access to our servers and all of the components of our network that are located in our data centers, we do not control the operation of these facilities. The owners of the data center facilities have no obligation to renew their agreements with us on commercially reasonable terms, or at all. If we are unable to renew these agreements on commercially reasonable terms, or if one of our data center operators is acquired, we may be required to transfer our servers and other infrastructure to new data center facilities, and we may incur significant costs and possible service interruption in connection with doing so. We rely on our management team and other key employees and will need additional personnel to grow our business, and the loss of one or more key employees or our inability to hire, integrate, train and retain qualified personnel, including members for our board of directors, could harm our business. team and other key employees throughout our organization, Our future success is substantially dependent on our ability to hire, integrate, train, retain and motivate the including key members of our management employees obtained through our acquisitions. Competition for highly skilled personnel is intense, especially in the San Francisco Bay Area and the Washington D.C. Area, where we have a substantial presence and need for highly skilled personnel. We may not be successful in hiring or retaining qualified personnel to fulfill our current or future needs, and potential changes in U.S. immigration and work authorization laws and regulations, including those that restrain the flow of technical and professional talent, may make it difficult to renew or obtain visas for highly skilled personnel that we have hired or are actively recruiting. We are also substantially dependent on the continued service of our existing engineering personnel because of the complexity of our platform. Our competitors may be successful in recruiting and hiring members of our management team or other key employees, including key employees obtained through our acquisitions, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. Also, to the extent we hire employees from mature public companies with significant financial resources, we may be subject to allegations that such they have divulged proprietary or other confidential employees have been improperly solicited, or that information or that their former employers own such employees’ inventions or other work product. In addition, we believe that it is important to establish and maintain a corporate culture that facilitates the maintenance and transfer of institutional knowledge within our organization and also fosters innovation, teamwork, a passion for customers and a focus on execution. From time to time, there may be changes in our management team resulting from the hiring or departure of executives. Any such changes may result in a loss of institutional knowledge and cause disruptions to our business. In addition, if we are not successful in integrating key employees into our organization, such failure could delay or hinder our product development efforts and the achievement of our strategic objectives, which could adversely affect our business, financial condition and results of operations. 26 Our employees, including our executive officers, work for us on an “at-will” basis, which means they may terminate their employment with us at any time. We do not maintain key person life insurance policies on any of our key employees. If one or more of our key employees resigns or otherwise ceases to provide us with their service, our business could be harmed. If we do not effectively hire, integrate and train our direct sales force, we may be unable to add new customers or increase sales to our existing customers, and our business will be adversely affected. We continue to be substantially dependent on our direct sales force to obtain new customers and increase sales with existing customers. There is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, integrating, training and retaining sufficient numbers of sales personnel to support our growth, particularly in international markets. New hires require significant training and may take significant time before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. If we are unable to hire and train a sufficient number of effective sales personnel, or the sales personnel we hire are not successful in obtaining new customers or increasing sales to our existing customer base, our business will be adversely affected. Our sales cycles can be long and unpredictable, and our sales efforts require considerable time and expense. As a result, our sales, billings and revenue are difficult to predict and may vary substantially from period to period, which may cause our results of operations to fluctuate significantly. Our results of operations may fluctuate, in part, because of the resource intensive nature of our sales efforts, the length and variability of our sales cycle and the short-term difficulty in adjusting our operating expenses. Our results of operations depend in part on sales to large organizations. The length of our sales cycle, from proof of concept to delivery of and payment for our platform, is typically three to nine months but can be more than a year. To the extent our competitors develop products that our prospective customers view as equivalent to ours, our average sales cycle may increase. Because the length of time required to close a sale varies substantially from customer to customer, it is difficult to predict exactly when, or even if, we will make a sale with a potential customer. As a result, large individual sales have, in some cases, occurred in quarters subsequent to or in advance of those we anticipated, or have not occurred at all. We are generally billing a number of large deals in any quarter, and the loss or delay of one or more of these large transactions in a quarter could impact our results of transaction is delayed. operations for that quarter and any future quarters for which revenue from that Furthermore, some sales (such as product sales) generally result in immediate recognition of revenue, while other sales, such as product subscription sales, require the recognition of revenue over periods of one year or longer typically. As a result of these factors, it is difficult for us to forecast our revenue accurately in any quarter based on our internal forecasts of billings. Because a substantial portion of our expenses are relatively fixed in the short term, our results of operations will suffer if our revenue falls below our expectations in a particular quarter, which could cause the price of our common stock to decline. We rely on revenue from sales of products, subscriptions, and maintenance and support, and because we recognize revenue from most of these sales over the term of the relevant useful life or subscription period, downturns or upturns in sales are not immediately reflected in full in our results of operations. Revenue from sales of our products, subscriptions, and maintenance and support accounts for a significant portion of our total revenue. New or renewal sales of subscription and maintenance and support contracts may decline or fluctuate as a result of a number of factors, including customers’ level of satisfaction with our products and subscriptions, the actual or perceived efficacy of our security solutions, the prices of our products and subscriptions, the prices of products and subscriptions offered by our competitors or reductions in our customers’ spending levels. If our sales of new or renewal subscription and service contracts decline, our revenue and revenue growth rate may decline and adversely affect our business. In addition, we recognize revenue from most 27 A n n u a l R e p o r t of our security appliances sales ratably over the useful life, and we recognize revenue from our subscriptions and maintenance and support contracts revenue ratably over the term of the relevant contract period, which is generally between one to five years. As a result, much of the product, subscription and support revenue we report each quarter is derived from sales in prior quarters. Consequently, a decline in new or renewal sales in any one quarter will not be fully reflected in revenue in that quarter but will negatively affect our revenue in future quarters. Accordingly, the effect of significant decreases in the market acceptance of, or demand for, our intelligence-dependent security appliances, subscriptions or maintenance and support contracts may not be immediately apparent from our results of operations until future periods. Also, it is difficult for us to rapidly increase our revenue through additional sales in any period, as the majority of our revenue is derived from sales of our products, subscriptions and services sold in prior periods. Furthermore, any increases in the average term of our subscriptions or maintenance and support contracts would result in a longer revenue recognition period, and could reduce the amount of revenue recognized in each period. The sales prices of our products, subscriptions and services may decrease, which may reduce our gross profits and adversely impact our financial results. The sales prices for our products, subscriptions and services may decline for a variety of reasons, including competitive pricing pressures, discounts, a change in our mix of products, subscriptions and services, anticipation of the introduction of new products, subscriptions or services, introduction of new pricing and packaging or promotional programs. Competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product and service offerings may reduce the price of products or subscriptions that compete with ours or may bundle them with other products and subscriptions. Additionally, although we price our products and subscriptions worldwide in U.S. dollars, currency fluctuations in certain countries and regions may negatively impact actual prices that partners and customers are willing to pay in those countries and regions, or the effective prices we realize in our reporting currency. Furthermore, we anticipate that the sales prices and gross profits for our products will decrease over product life cycles. We cannot assure you that we will be successful in developing and introducing new offerings with enhanced functionality on a timely basis, or that our new product and subscription offerings, if introduced, will enable us to maintain our prices and gross profits at levels that will allow us to maintain positive gross margins and achieve profitability. If we do not accurately anticipate and respond promptly to changes in our customers’ technologies, business plans or security needs, our competitive position and prospects could be harmed. The IT security market has grown quickly and is expected to continue to evolve rapidly. Moreover, many of our customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network access points and adapt to increasingly complex IT networks, incorporating a variety of hardware, software applications, operating systems and networking protocols. As their technologies and business plans grow more complex, we expect these customers to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our platform effectively identifies and responds to these advanced and evolving attacks without disrupting our customers’ network performance. As a result of the continued rapid innovations in the technology industry, including the rapid growth of smart phones, tablets and other devices, the trend of “bring your own device” in enterprises, and the rapidly evolving Internet of Things (“IOT”), we expect the networks of our customers to continue to change rapidly and become more complex. We have identified a number of new products and enhancements to our platform that we believe are important to our continued success in the IT security market, including our FireEye Helix platform and enhancements to our endpoint solution. There can be no assurance that we will be successful in developing and marketing, on a timely basis, such new products or enhancements or that our new products or enhancements will adequately address the changing needs of the marketplace. In addition, some of our new products and enhancements may require us to develop new hardware architectures that involve complex, expensive and 28 time-consuming research and development processes. Although the market expects rapid introduction of new products and enhancements to respond to new threats, the development of these products and enhancements is difficult and the timetable for commercial release and availability is uncertain, as there can be significant time lags between initial beta releases and the commercial availability of new products and enhancements. We may experience unanticipated delays in the availability of new products and enhancements to our platform and fail to meet customer expectations with respect to the timing of such availability. If we do not quickly respond to the rapidly changing and rigorous needs of our customers by developing, releasing and making available on a timely basis new products and enhancements to our platform, such as our FireEye Helix platform and enhancements to our endpoint solution, that can adequately respond to advanced threats and our customers’ needs, our competitive position and business prospects will be harmed. Furthermore, from time to time, we or our competitors may announce new products with capabilities or technologies that could have the potential to replace or shorten the life cycles of our existing products. There can be no assurance that announcements of new products will not cause customers to defer purchasing our existing products. Additionally, the process of developing new technology is expensive, complex and uncertain. The success of new products and enhancements depends on several factors, including appropriate component costs, timely completion and introduction, differentiation of new products and enhancements from those of our competitors, and market acceptance. To maintain our competitive position, we must continue to commit significant resources to developing new products or enhancements to our platform before knowing whether these investments will be cost-effective or achieve the intended results. There can be no assurance that we will successfully identify new product opportunities, develop and bring new products or enhancements to market in a timely manner, or achieve market acceptance of our platform, or that products and technologies developed by others will not render our platform obsolete or noncompetitive. If we expend significant resources on researching and developing products or enhancements to our platform and such products or enhancements are not successful, our business, financial position and results of operations may be adversely affected. Our current research and development efforts may not produce successful products or enhancements to our platform that result in significant revenue, cost savings or other benefits in the near future, if at all. We must continue to dedicate significant financial and other resources to our research and development efforts if we are to maintain our competitive position. However, developing products and enhancements to our platform is expensive and time consuming, and there is no assurance that such activities will result in significant new marketable products or enhancements to our platform, design improvements, cost savings, revenue or other expected benefits. If we spend significant resources on research and development and are unable to generate an adequate return on our investment, our business and results of operations may be materially and adversely affected. A n n u a l R e p o r t If we are unable to increase sales of our platform to large organizations while mitigating the risks associated with serving such customers, our business, financial position and results of operations may suffer. Our growth strategy is dependent, in part, upon increasing sales of our platform to large enterprises and governments. Sales to large customers involve risks that may not be present (or that are present to a lesser extent) with sales to smaller entities. These risks include: • increased purchasing power and leverage held by large customers in negotiating contractual arrangements with us; • more stringent or costly requirements imposed upon us in our support service contracts with such customers, including stricter support response times and penalties for any failure to meet support requirements; • more complicated implementation processes; 29 • • longer sales cycles and the associated risk that substantial time and resources may be spent on a potential customer that ultimately elects not to purchase our platform or purchases less than we hoped; closer relationships with, and dependence upon, large technology companies who offer competitive products; and • more pressure for discounts and write-offs. In addition, because security breaches with respect to larger, high-profile enterprises are likely to be heavily publicized, there is increased reputational risk associated with serving such customers. If we are unable to increase sales of our platform to large enterprise and government customers while mitigating the risks associated with serving such customers, our business, financial position and results of operations may suffer. Seasonality may cause fluctuations in our revenue. We believe there are significant seasonal factors that may cause us to record higher revenue in some quarters compared with others. We believe this variability is largely due to (i) our customers’ budgetary and spending patterns, as many customers spend the unused portions of their discretionary budgets prior to the end of their fiscal years, and (ii) our sales compensation plans, which are typically structured around annual quotas and stair step commission rates. For example, we have historically recorded our highest level of revenue in our fourth quarter, which we believe corresponds to the fourth quarter of a majority of our customers. Similarly, we have historically recorded our second-highest level of revenue in our third quarter, which corresponds to the fourth quarter of U.S. federal agencies and other customers in the U.S. federal government. Our growth rate over the last couple years may have made seasonal fluctuations more difficult to detect. If our rate of growth slows over time, seasonal or cyclical variations in our operations may become more pronounced, and our business, results of operations and financial position may be adversely affected. Claims by others that we infringe their proprietary technology or other rights could harm our business. Technology companies frequently enter into litigation based on allegations of patent infringement or other violations of intellectual property rights. In addition, patent holding companies seek to monetize patents they have purchased or otherwise obtained. As we face increasing competition and gain an increasingly higher profile, the possibility of intellectual property rights claims against us grows. From time to time, third parties have asserted, and we expect that third parties will continue to assert, claims of infringement of intellectual property rights against us. For example, on December 29, 2017, we executed Confidential Patent License Agreements with Finjan Holdings, Inc. (“Finjan”), whereby we resolved all pending litigation matters. Under the terms of the settlement agreement, we paid Finjan a one-time net cash settlement amount of $12.5 million in December 2017, in exchange for the resolution and settlement of all claims between FireEye and Finjan and for cross-licenses between the companies of certain issued patents and patent applications. Other security companies have paid amounts to the same plaintiff to license some of the patents asserted against us. Third parties may in the future also assert claims against our customers or channel partners, whom our standard license and other agreements obligate us to indemnify against claims that our products infringe the intellectual property rights of third parties. While we intend to increase the size of our patent portfolio, many of our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have. In addition, future litigation may involve patent holding companies or other patent owners who have no relevant product offerings or revenue and against whom our own patents may therefore provide little or no deterrence or protection. Any claim of intellectual property infringement by a third party, even a claim without merit, could cause us to incur substantial costs defending against such claim, could distract our management from our business and could require us to cease use of such intellectual property. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by the discovery process. 30 Although third parties may offer a license to their technology or other intellectual property, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costs associated with any license could cause our business, financial condition and results of operations to be materially and adversely affected. We may also be subject to additional fees or be required to obtain new licenses if any of our licensors allege that we have not properly paid for such licenses or that we have improperly used the technologies under such licenses. In addition, some licenses may be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. If a third party does not offer us a license to its technology or other intellectual property on reasonable terms, or at all, we could be enjoined from continued use of such intellectual property. As a result, we may be required to develop alternative, non-infringing technology, which could require significant time (during which we could be unable to continue to offer our affected products, subscriptions or services), effort, and expense and may ultimately not be successful. Furthermore, a successful claimant could secure a judgment or we may agree to a settlement that prevents us from distributing certain products, providing certain subscriptions or performing certain services or that requires us to pay substantial damages, royalties or other fees. Any of these events could harm our business, financial condition and results of operations. Because we depend on a limited number of manufacturers to build the appliances used in our platform, we are susceptible to manufacturing delays and pricing fluctuations that could prevent us from shipping customer orders on time, or on a cost-effective basis, which may result in the loss of sales and customers. We depend on a limited number of third-party manufacturers, primarily Flextronics Telecom Systems, Ltd., as sole source manufacturers for our appliances used in our platform. Our reliance on third-party manufacturers reduces our control over the manufacturing process and exposes us to risks, including reduced control over quality assurance, product costs, product supply, upgrades and expansions and timing. Any manufacturing disruption by these third-party manufacturers could severely impair our ability to fulfill orders on time. If we are unable to manage our relationships with these third-party manufacturers effectively, or if these manufacturers suffer delays or disruptions for any reason, experience increased manufacturing lead-times, capacity constraints or quality control problems in their manufacturing operations, or fail to meet our future requirements for timely delivery, our ability to ship products to our customers would be severely impaired, and our business and results of operations would be harmed. Further, the portion of our appliances used in our platform that are sourced outside the United States may be subject to additional logistical risks or risks associated with complying with local rules and regulations in foreign countries. Significant changes to existing international trade agreements could lead to sourcing or logistics disruption resulting from import delays or the imposition of increased tariffs on our sourcing partners. For example, the United States and Chinese governments have each enacted, and discussed more potential, import tariffs. These tariffs, depending on their ultimate scope and how they are implemented, could negatively impact our business by increasing our costs and impair our ability to fulfill orders. In addition, our reliance on third-party manufacturers exposes us to the risk that certain minerals, known as “conflict minerals,” that are contained in our products have originated in the Democratic Republic of the Congo or an adjoining country. As a result of the passage of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, the SEC adopted disclosure requirements for public companies whose products contain conflict minerals that are necessary to the functionality or production of such products. Although the SEC has provided guidance with respect to a portion of the conflict minerals filing requirements that somewhat reduced the reporting required, we have incurred and expect to incur additional costs to comply with the disclosure requirements, including costs related to determining the source of the conflict minerals used in our products. Moreover, the implementation of these requirements could adversely affect the sourcing, availability and pricing of materials used in the manufacture of our products to the extent that there may be only a limited number of suppliers offering “conflict free” minerals that can be used in our products. There can be no assurance that we will be able to obtain such minerals in sufficient quantities or at competitive prices. We may also encounter 31 A n n u a l R e p o r t customers who require that all of the components of our products be certified as conflict free. If we are not able to meet customer requirements, such customers may choose to not purchase our products, which could impact our sales. Our third-party manufacturers typically fulfill our supply requirements on the basis of individual orders. We are subject to a risk of supply shortages and changes in pricing terms because we do not have long-term contracts with our third-party manufacturers that guarantee capacity, the continuation of particular pricing terms or the extension of credit limits. Our contract with our primary manufacturer permits it to terminate such contract at its convenience, subject to prior notice requirements. Any production interruptions for any reason, such as a natural disaster, epidemic, capacity shortages, or quality problems at one of our manufacturing partners would negatively affect sales of our products and adversely impact our business and results of operations. We may be unable to protect our intellectual property adequately, which could harm our business, financial condition and results of operations. trademark and trade secret We believe that our intellectual property is an essential asset of our business. We rely on a combination of laws, as well as confidentiality procedures and contractual patent, copyright, provisions, to establish and protect our intellectual property rights in the United States and abroad. The efforts we have taken to protect our intellectual property may not be sufficient or effective, and our trademarks, copyrights and patents may be held invalid or unenforceable. Any U.S. or other patents issued to us may not be sufficiently broad to protect our proprietary technologies, and given the costs of obtaining patent protection, we may choose not to seek patent protection for certain of our proprietary technologies. We may not be effective in policing unauthorized use of our intellectual property, and even if we do detect violations, litigation may be necessary to enforce our intellectual property rights. Any enforcement efforts we undertake, including litigation, could be time-consuming and expensive, could divert management’s attention and may result in a court determining that our intellectual property rights are unenforceable. If we are not successful in cost-effectively protecting our intellectual property rights, our business, financial condition and results of operations could be harmed. We incorporate technology from third parties into our products, and our inability to obtain or maintain rights to the technology could harm our business. We incorporate technology from third parties into our products. We cannot be certain that our suppliers and licensors are not infringing the intellectual property rights of third parties or that the suppliers and licensors have sufficient rights to the technology in all jurisdictions in which we may sell our products. Some of our agreements with our suppliers and licensors may be terminated for convenience by them. If we are unable to obtain or maintain rights to any of this technology because of intellectual property infringement claims brought by third parties against our suppliers and licensors or against us, or if we are unable to continue to obtain such technology or enter into new agreements on commercially reasonable terms, our ability to develop and sell products, subscriptions and services containing such technology could be severely limited, and our business could be harmed. Additionally, if we are unable to obtain necessary technology from third parties, including certain sole suppliers, we may be forced to acquire or develop alternative technology, which may require significant time, cost and effort and may be of lower quality or performance standards. This would limit and delay our ability to offer new or competitive products and increase our costs of production. If alternative technology cannot be obtained or developed, we may not be able to offer certain functionality as part of our products, subscriptions and services. As a result, our margins, market share and results of operations could be significantly harmed. Our products and subscriptions contain third-party open source software components, and failure to comply with the terms of the underlying open source software licenses could restrict our ability to sell our products and subscriptions. Our products and subscriptions contain software modules licensed to us by third-party authors under “open source” licenses. The use and distribution of open source software may entail greater risks than the use of third - party commercial software, as open source licensors generally do not provide warranties or other contractual 32 protections regarding infringement claims or the quality of the code. Some open source licenses contain requirements that we make available source code for modifications or derivative works we create based upon the type of open source software we use. If we combine our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of sales for us. Although we monitor our use of open source software to try to avoid subjecting our products and subscriptions to conditions, the terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in ways that could impose unanticipated conditions or restrictions on our ability to commercialize products and subscriptions incorporating such software. Moreover, we cannot assure you that our processes for controlling our use of open source software in our products and subscriptions will be effective. From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open source software or derivative works that we developed using such software (which could include our proprietary source code), or otherwise seeking to enforce the terms of the applicable open source license. These claims could result in litigation. If we are held to have breached the terms of an open source software license, we could be required to seek licenses from third parties to continue offering our products on terms that are not economically feasible, to re-engineer our products, to discontinue the sale of our products if re-engineering could not be accomplished on a timely or cost-effective basis, or to make generally available, in source code form, our proprietary code, any of which could adversely affect our business, results of operations and financial condition. U.S. federal, state and local government sales are subject to a number of challenges and risks that may adversely impact our business. Sales to U.S. federal, state, and local governmental agencies have accounted for, and may in the future account for, a significant portion of our revenue. Sales to such government entities are subject to the following risks: • • • selling to governmental agencies can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale; government certification requirements applicable to our products may change and, in doing so, restrict into the U.S. federal government sector until we have attained the revised our ability to sell certification; government demand and payment for our products and services may be impacted by government shutdowns, public sector budgetary cycles, contracting requirements and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products and services; • we sell our platform to governmental agencies through our indirect channel partners, and these agencies may have statutory, contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future results of operations; • • governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our platform, which would adversely impact our revenue and results of operations, or institute fines or civil or criminal liability if the audit were to uncover improper or illegal activities; and governments may require certain products purchased by it to be manufactured in the United States and other relatively high-cost manufacturing locations, and we may not manufacture all products in locations that meet these requirements, affecting our ability to sell these products to governmental agencies. 33 A n n u a l R e p o r t Our ability to maintain customer satisfaction depends in part on the quality of our professional service organization and technical and other support services, including the quality of the support provided on our behalf by certain channel partners. Failure to maintain high-quality customer support could have a material adverse effect on our business, financial condition and results of operations. Once our platform is deployed within our customers’ networks, our customers depend on our technical and other support services, as well as the support of our channel partners, to resolve any issues relating to the implementation and maintenance of our platform. If we or our channel partners do not effectively assist our customers in deploying our platform, succeed in helping our customers quickly resolve post-deployment issues, or provide effective ongoing support, our ability to sell additional products, subscriptions or services as part of our platform to existing customers would be adversely affected and our reputation with potential customers could be damaged. Many larger organizations have more complex networks and require higher levels of support than smaller customers. If we fail to meet the requirements of our larger customers, it may be more difficult to execute on our strategy of upselling and cross selling with these customers. Additionally, if our channel partners do not effectively provide support to the satisfaction of our customers, we may be required to provide this level of support to those customers, which would require us to hire additional personnel and to invest in additional resources. It can take significant time and resources to recruit, hire, and train qualified technical support employees. We may not be able to hire such resources fast enough to keep up with demand. To the extent that we or our channel partners are unsuccessful in hiring, training, and retaining adequate support resources, our ability and the ability of our channel partners to provide adequate and timely support to our customers will be negatively impacted, and our customers’ satisfaction with our platform will be adversely affected. Additionally, to the extent that we need to rely on our sales engineers to provide post-sales support, our sales productivity will be negatively impacted, which would harm our results of operations. Our limited operating history makes it difficult to evaluate our current business and prospects and may increase the risk that we will not be successful. We were founded in 2004, and our first commercially successful product was shipped in 2008. Since then, we have continued to expand our platform, both organically and through acquisitions, including through the addition of Mandiant Corporation’s endpoint threat detection, response and remediation products; advanced threat intelligence capabilities; and incident response and security consulting services. The majority of our revenue growth began in 2010. Our limited operating history makes it difficult to evaluate our current business and prospects and plan for and model our future growth. We have encountered and will continue to encounter risks and uncertainties frequently encountered by emerging technology-based companies in developing markets. If our assumptions regarding these risks and uncertainties are incorrect or change in response to changes in the IT security market, our results of operations and financial results could differ materially from our plans and forecasts. Although we have experienced rapid growth in the past, there is no assurance that such growth will continue. Any success we may experience in the future will depend in large part on our ability to, among other things: • maintain and expand our customer base and the ways in which customers use our products and services; • • • • • expand revenue from existing customers through increased or broader use of our products and services within their organizations; convince customers to allocate a fixed portion of their annual IT budgets to our products and services; improve the performance and capabilities of our platform through research and development; effectively expand our business domestically and internationally, which will require that we fill key management positions, particularly internationally; and successfully compete with other companies that currently provide, or may in the future provide, solutions like ours that protect against next-generation advanced cyber attacks. 34 If we are unable to achieve our key objectives, including the objectives listed above, our business and results of operations will be adversely affected and the fair market value of our common stock could decline. Managing the supply of our products and their components is complex. Insufficient supply and inventory may result in lost sales opportunities or delayed revenue, while excess inventory may harm our gross margins. Our third-party manufacturers procure components and build our products based on our forecasts, and we generally do not hold inventory for a prolonged period of time. These forecasts are based on estimates of future demand for our products, which are in turn based on historical trends and analyses from our sales and marketing organizations, adjusted for overall market conditions. In order to reduce manufacturing lead times and plan for adequate component supply, from time to time we may issue forecasts for components and products that are non-cancelable and non-returnable. Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to make accurate forecasts and effectively manage the supply of our products and product components. Supply management remains an area of increasing focus as we balance the need to maintain supply levels that are to ensure competitive lead times against the risk of obsolescence because of rapidly changing sufficient technology and customer requirements. If we ultimately determine that we have excess supply, we may have to reduce our prices and write-down inventory, which in turn could result in lower gross margins. Alternatively, insufficient supply levels may lead to shortages that result in delayed revenue or loss of sales opportunities altogether as potential customers turn to competitors’ products that may be readily available. Additionally, any increases in the time required to manufacture or ship our products could result in supply shortfalls. If we are unable to effectively manage our supply and inventory, our results of operations could be adversely affected. Because some of the key components in our products come from limited sources of supply, we are susceptible to supply shortages or supply changes, which could disrupt or delay our scheduled product deliveries to our customers and may result in the loss of sales and customers. Our platform relies on key components, including a motherboard and chassis, which our third-party manufacturers purchase on our behalf from a sole source provider. The manufacturing operations of some of our component suppliers are geographically concentrated in Asia, which makes our supply chain vulnerable to regional disruptions. A localized health risk affecting employees at these facilities, such as the spread of a pandemic influenza, could impair the total volume of components that we are able to obtain, which could result in substantial harm to our results of operations. Similarly, a fire, flood, earthquake, tsunami or other disaster, condition or event such as political instability, terrorist act, civil unrest or a power outage that adversely affects any of these component suppliers’ facilities could significantly affect our ability to obtain the components needed for our products, which could result in a substantial loss of sales and revenue and a substantial harm to our results of operations. We do not have volume purchase contracts with any of our component suppliers, and they could cease selling to us at any time. In addition, our component suppliers change their selling prices frequently in response to market trends, including industry-wide increases in demand, and because we do not have contracts with these suppliers, we are susceptible to price fluctuations related to raw materials and components. If we are unable to pass component price increases along to our customers or maintain stable pricing, our gross margins and results of operations could be negatively impacted. If we are unable to obtain a sufficient quantity of these components in a timely manner for any reason, sales of our products could be delayed or halted or we could be forced to expedite shipment of such components or our products at dramatically increased costs, which would negatively impact our revenue and gross margins. Additionally, poor quality in any of the sole-sourced components in our products could result in lost sales or lost sales opportunities. If the quality of the components does not meet our if we are unable to obtain components from our existing suppliers on or our customers’ requirements, commercially reasonable terms, or if any of our sole source providers cease to remain in business or continue to manufacture such components, we could be forced to redesign our products and qualify new components from 35 A n n u a l R e p o r t alternate suppliers. The resulting stoppage or delay in selling our products and the expense of redesigning our products could result in lost sales opportunities and damage to customer relationships, which would adversely affect our business and results of operations. If we fail to adequately protect personal information or other information we process or maintain, our business, financial condition and operating results could be adversely affected. A wide variety of provincial, state, national, and international laws and regulations apply to the collection, use, retention, protection, disclosure, transfer and other processing of personal data. These data protection and privacy-related laws and regulations are evolving and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. For example, the European Union General Data Protection Regulation, which became fully effective on May 25, 2018, imposes more stringent data protection requirements than previously effective European Union data protection law and provides for penalties for noncompliance of up to the greater of €20 million or four percent of worldwide annual revenues. Evolving and changing definitions of personal data and personal information within the European Union, the United States, and elsewhere, especially relating to classification of IP addresses, machine identification, location data and other information, may limit or inhibit our ability to operate or expand our business, including limiting technology alliance partners that may involve the sharing of data. California recently enacted legislation, the California Consumer Privacy Act (“CCPA”), that will, among other things, require covered companies to provide new disclosures to California consumers, and afford such consumers new abilities to opt-out of certain sales of personal information, when it goes into effect on January 1, 2020. The CCPA was amended on September 23, 2018, and it remains unclear whether any further modifications will be made to this legislation or how it will be interpreted. We cannot yet predict the impact of the CCPA on our business or operations, but it may require us to modify our data processing practices and policies and to incur substantial costs and expenses in an effort to comply. Even the perception of privacy or information security concerns, whether or not valid, may harm our reputation, inhibit adoption of our products by current and future customers, or adversely impact our ability to hire and retain workforce talent. If our security measures are or are believed to be inadequate or breached as a result of third-party action, employee negligence, error or malfeasance, product defects, social engineering techniques or otherwise, and this results in, or is believed to result in, the disruption of the confidentiality, integrity or availability of our systems or networks or any data we process or maintain, or the loss, destruction or corruption of such data, we could incur significant liability, we could face a loss of revenues, and our business may suffer and our reputation and competitive position may be damaged. Additionally, our service providers may suffer, or be perceived to suffer, data security breaches or other incidents that may compromise data stored or processed for us that may give rise to any of the foregoing. Our actual or perceived failure to adequately comply with applicable laws and regulations, or to protect personal data and other data we process or maintain, could result in regulatory investigations and enforcement actions against us, fines, penalties and other liabilities, imprisonment of company officials and public censure, claims for damages by customers and other affected individuals, required efforts to mitigate or otherwise respond to incidents, litigation, damage to our reputation and loss of goodwill (both in relation to existing customers and prospective customers), any of which could have a material adverse effect on our operations, financial performance and business. Even the perception of privacy, data protection or information security concerns, whether or not valid, may harm our reputation and inhibit adoption of our products and subscriptions by current and future customers. 36 Our technology alliance partnerships expose us to a range of business risks and uncertainties that could have a material adverse impact on our business and financial results. We have entered, and intend to continue to enter, into technology alliance partnerships with third parties to support our future growth plans. Such relationships include technology licensing, joint technology development and integration, research cooperation, co-marketing activities and sell-through arrangements. We face a number of risks relating to our technology alliance partnerships that could prevent us from realizing the desired benefits from such partnerships on a timely basis or at all, which, in turn, could have a negative impact on our business and financial results. Technology alliance partnerships require significant coordination between the parties involved, particularly if a partner requires that we integrate its products with our products. This could involve a significant commitment of time and resources by our technical staff and their counterparts within our technology alliance partner. The integration of products from different companies may be more difficult than we anticipate, and the risk of integration difficulties, incompatible products and undetected programming errors or defects may be higher than the risks normally associated with the introduction of new products. It may also be more difficult to market and sell products developed through technology alliance partnerships than it would be to market and sell products that we develop on our own. Sales and marketing personnel may require special training, as the new products may be more complex than our other products. We invest significant time, money and resources to establish and maintain relationships with our technology alliance partners, but we have no assurance that any particular relationship will continue for any specific period of time. Generally, our agreements with these technology alliance partners are terminable without cause with no or minimal notice or penalties. If we lose a significant technology alliance partner, we could lose the benefit of our investment of time, money and resources in the relationship. In addition, we could be required to incur significant expenses to develop a new strategic alliance or to determine and implement an alternative plan to pursue the opportunity that we targeted with the former partner. If our estimates or judgments relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our results of operations could fall below our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in our stock price. The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in the section entitled “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” the results of which form the basis for making judgments about the carrying values of assets, liabilities, equity, revenue and expenses that are not readily apparent from other sources. In general, if our estimates, judgments or assumptions related to our critical accounting policies change or if actual circumstances differ from our estimates, judgments or assumptions, our results of operations may be adversely affected and could fall below our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in our stock price. Significant assumptions and estimates used in preparing our consolidated financial statements include those related to assets, liabilities, revenue, expenses and related disclosures. A n n u a l R e p o r t We are exposed to the credit risk of some of our distributors, resellers and customers and to credit exposure in weakened markets, which could result in material losses. Most of our sales are on an open credit basis. Although we have programs in place that are designed to monitor and mitigate these risks, we cannot assure you these programs will be effective in reducing our credit risks, especially as we expand our business internationally. If we are unable to adequately control these risks, our business, results of operations and financial condition could be harmed. 37 Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products could reduce our ability to compete and could harm our business. We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new products and enhancements to our platform, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in additional debt financing, the holders of debt would have priority over the holders of common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness. We may also be required to take other actions that would otherwise be in the interests of the debt holders and force us to maintain specified liquidity or other ratios, any of which could harm our business, results of operations, and financial condition. If we need additional capital and cannot raise it on acceptable terms, we may not be able to, among other things: • • • • • • develop or enhance our products and subscriptions; continue to expand our sales and marketing and research and development organizations; acquire complementary technologies, products or businesses; expand operations, in the United States or internationally; hire, train and retain employees; or respond to competitive pressures or unanticipated working capital requirements. Our failure to do any of these things could harm our business, financial condition and results of operations. If our products do not effectively interoperate with our customers’ IT infrastructure, installations could be delayed or cancelled, which would harm our business. Our products must effectively interoperate with our customers’ existing or future IT infrastructure, which often has different specifications, utilizes multiple protocol standards, deploys products from multiple vendors, and contains multiple generations of products that have been added over time. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. If we find errors in the existing software or defects in the hardware used in our customers’ infrastructure or problematic network configurations or settings, we may have to modify our software or hardware so that our products will interoperate with our customers’ infrastructure. In such cases, our products may be unable to provide significant performance improvements for applications deployed in our customers’ infrastructure. These issues could cause longer installation times for our products and could cause order cancellations, either of which would adversely affect our business, results of operations and financial condition. In addition, government and other customers may require our products to comply with certain security or other certifications and standards. If our products are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our products to such customers, or may otherwise be at a competitive disadvantage, either of which would harm our business, results of operations, and financial condition. Reliance on shipments at the end of each quarter could cause our revenue for the applicable period to fall below expected levels. As a result of customer buying patterns and the efforts of our sales force and channel partners to meet or exceed their sales objectives, we have historically received a substantial portion of sales orders and generated a substantial portion of revenue during the last few weeks and days of each quarter. A significant interruption in our IT systems, which manage critical functions such as order processing, revenue recognition, financial 38 forecasts, inventory and supply chain management, and trade compliance reviews, or our supply chain could result in delayed order fulfillment and decreased revenue for that quarter. If expected revenue at the end of any quarter is delayed for any reason, including the failure of anticipated purchase orders to materialize, our logistics or channel partners’ inability to ship products prior to quarter-end to fulfill purchase orders received near the end of the quarter, our failure to manage inventory to meet demand, our inability to release new products on schedule, any failure of our systems related to order review, processing and licensing, or any delays in shipments based on trade compliance requirements (including new compliance requirements imposed by new or renegotiated trade agreements), our revenue for that quarter could fall below our expectations and the estimates of market analysts, which could adversely impact our business and results of operations and cause a decline in the trading price of our common stock. We generate a significant amount of revenue from sales through resellers, distributors and end customers outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations. We have a limited history of marketing, selling, and supporting our platform internationally. As a result, we must hire and train experienced personnel to staff and manage our foreign operations. To the extent that we experience difficulties in recruiting, training, managing, and retaining international employees, particularly managers and other members of our international sales team, we may experience difficulties in sales productivity in, or market penetration of, foreign markets. We also enter into strategic distributor and reseller relationships with companies in certain international markets where we do not have a local presence. If we are not able to maintain successful strategic distributor relationships with our international channel partners or recruit additional channel partners, our future success in these international markets could be limited. Business practices in the international markets that we serve may differ from those in the United States and may require us to include non-standard terms in customer contracts, such as extended payment or warranty terms. To the extent that we enter into customer contracts in the future that include non-standard terms related to payment, warranties, or performance obligations, our results of operations may be adversely impacted. Additionally, our international sales and operations are subject to a number of risks, including the following: • • • greater difficulty in enforcing contracts and managing collections, as well as longer collection periods; higher costs of doing business internationally, including costs incurred in establishing and maintaining office space and equipment for our international operations; fluctuations in exchange rates between the U.S. dollar and foreign currencies in markets where we do business, such as the British Pound Sterling, which experienced a sharp decline in value compared to the U.S. dollar and other currencies; • management communication and integration problems resulting from cultural and geographic A n n u a l R e p o r t dispersion; • • • • risks associated with trade restrictions and foreign legal requirements, including any importation, certification, and localization of our platform that may be required in foreign countries and any changes in trade relations and restrictions as a result of the 2016 U.S. presidential election; greater risk of unexpected changes in foreign and domestic regulatory practices, tariffs and tax laws and treaties, including regulatory and trade policy changes adopted by the current administration; compliance with anti-bribery laws, including, without limitation, compliance with the U.S. Foreign Corrupt Practices Act of 1977, as amended, the U.S. Travel Act and the UK Bribery Act 2010, violations of which could lead to significant fines, penalties and collateral consequences for our Company; heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements; 39 • • • • • the uncertainty of protection for intellectual property rights in some countries; foreign exchange controls or tax regulations that might prevent us from repatriating cash earned outside the United States; general economic, political and social conditions in these foreign markets, including the perception of doing business with U.S. based companies and changes in regulatory requirements that impact our operating strategies, access to global markets or hiring; political and economic instability in some countries, such as those caused by the 2016 U.S. presidential election and the referendum on June 23, 2016, in which voters in the U.K. approved an exit from the EU (“Brexit”), and, in March 2017, began the process to leave the EU by April 2019; and double taxation of our international earnings and potentially adverse tax consequences due to changes in the tax laws of the United States or the foreign jurisdictions in which we operate. Further, the interpretation and application of international laws and regulations in many cases is uncertain, and our legal and regulatory obligations in foreign jurisdictions are subject to frequent and unexpected changes, including the potential for various regulatory or other governmental bodies to enact new or additional laws or regulations or to issue rulings that invalidate prior laws or regulations. For example, “Brexit” could also lead to further legislative and regulatory changes. A Data Protection Act that substantially implements the European Union’s General Data Protection Regulation has been implemented in the United Kingdom, effective in May 2018. It is unclear, however, how United Kingdom data protection laws or regulations will develop in the medium to longer term, and how data transfers to and from the United Kingdom will be regulated. In particular, the United Kingdom’s anticipated exit from the EU in March 2019 to effectuate Brexit could require us to make additional changes to the way we conduct our business and transmit data from the EU into the United Kingdom. Additionally, with regard to transfers of personal data from our European customers and employees to the U.S., we have self-certified under the EU-U.S. Privacy Shield Framework and a related program, the Swiss-U.S. Privacy Shield Framework, in addition to in certain cases using model contracts approved by the European Commission. With regard to transfers of personal data from one FireEye entity to another, we have put into place inter-company standard contractual clauses. The U.S.-EU Privacy Shield and such model contracts have been challenged and may be suspended, invalidated or modified. It is uncertain that the U.S.-EU Privacy Shield or such model contracts will continue to remain intact and serve as an appropriate means for us to meet European requirements for personal data transfers from the EEA or Switzerland to the United States. Developments in the legal landscape affecting the transfer of personal data from the EEA may cause us to find it necessary or desirable to modify our data handling practices, and may serve as a basis for our personal data handling practices, or those of our customers and vendors, to be challenged and may otherwise adversely impact our business, financial condition and operating results. These and other factors could harm our ability to generate future international revenue and, consequently, materially impact our business, results of operations and financial condition. We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations. Our sales contracts are denominated in U.S. dollars, and therefore our revenue is not subject to foreign currency risk. However, strengthening of the U.S. dollar increases the real cost of our products, subscriptions and services to our customers outside of the United States, which could lead to delays in the purchase of our products and services and the lengthening of our sales cycle. In addition, we are incurring an increasing portion of our operating expenses outside the United States. These expenses are denominated in foreign currencies and are subject to fluctuations due to changes in foreign currency exchange rates. 40 Additionally, Brexit resulted in an adverse impact to currency exchange rates, notably the British Pound Sterling which experienced a sharp decline in value compared to the U.S. dollar and other currencies. A significantly weaker British Pound Sterling compared to the U.S. dollar could have a significantly negative effect on our financial condition and results of operations. We do not currently hedge against the risks associated with currency fluctuations but may do so in the future. Failure to comply with governmental laws and regulations could harm our business. Our business is subject to regulation by various U.S. federal, state, local and foreign governmental agencies, including agencies responsible for monitoring and enforcing employment and labor laws, workplace safety, product safety, environmental laws, consumer protection laws, anti-bribery laws (including the U.S. Foreign Corrupt Practices Act and the U.K. Anti-Bribery Act), import/export controls, federal securities laws and tax laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than those in the United States. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, mandatory product recalls, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties, injunctions or other collateral consequences. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, results of operations, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. U.S. regulations surrounding our operating activities in foreign jurisdictions are not always consistent with, and at times are in contravention to, the local regulations or laws in such jurisdictions. Enforcement actions and sanctions could harm our business, reputation, results of operations and financial condition. We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets. Our products are subject to U.S. export controls, specifically the Export Administration Regulations and economic sanctions enforced by the Office of Foreign Assets Control. We incorporate standard encryption algorithms into our products, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products and services to countries, governments, and persons targeted by U.S. sanctions. While we have taken precautions to prevent our products and services from being exported in violation of these laws, in certain instances in the past we shipped our encryption products prior to obtaining the required export authorizations and/or submitting the required requests, including a classification request and request for an encryption registration number, resulting in an inadvertent violation of U.S. export control laws. As a result, in February 2013, we filed a Voluntary Self Disclosure with the U.S. Department of Commerce’s Bureau of Industry and Security, or BIS, concerning these potential violations. In June 2013, BIS notified us that it had completed its review of this matter and closed its review with the issuance of a warning letter. No monetary penalties were assessed. Even though we take precautions to ensure that our channel partners comply with all relevant regulations, any failure by our channel partners to comply with such regulations could have negative consequences, including reputational harm, government investigations and penalties. In addition, various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries. Changes in our products or changes in export and import regulations may create delays in the introduction of our products into international markets, prevent our customers with international operations from deploying our products globally or, in some cases, prevent the export or import of our products to certain countries, governments or persons altogether. Any 41 A n n u a l R e p o r t change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations. Any decreased use of our products or limitation on our ability to export to or sell our products in international markets would likely adversely affect our business, financial condition and results of operations. Our business is subject to the risks of earthquakes, fire, power outages, floods and other catastrophic events, and to interruption by man-made problems such as terrorism or armed conflicts. Natural disasters or other catastrophic events, including earthquakes, fires, floods, significant power outages, telecommunications failures and cyber attacks, may cause damage or disruption to our operations, international commerce and the global economy, and thus could have a material adverse impact on our business, results of operations, and financial condition. Our corporate headquarters and servers hosting our cloud services are located in California, a region known for seismic activity. Customer data could be lost, significant recovery time could be required to resume operations and our financial condition and operating results could be adversely affected in the event of a natural disaster or other catastrophic event. In addition, natural disasters and other catastrophic events could affect our supply chain, manufacturing vendors, or logistics providers’ ability to provide materials and perform services such as manufacturing products or assisting with shipments on a timely basis. In the event that our or our service providers’ information technology systems or manufacturing or logistics abilities are hindered by any of the events discussed above, shipments could be delayed, resulting in missed financial targets, such as revenue and shipment targets, for a particular quarter. In addition, acts of terrorism, armed conflicts and other geo-political unrest could cause disruptions in our business or the business of our supply chain, manufacturers, logistics providers, partners, or customers or the economy as a whole. Any disruption in the business of our supply chain, manufacturers, logistics providers, partners or end-customers that impacts sales at the end of a fiscal quarter could have a significant adverse impact on our financial results. All of the aforementioned risks may be further increased if the disaster recovery plans for us and our suppliers prove to be inadequate. To the extent that any of the above should result in delays or cancellations of customer orders, the loss of customers or the delay in the manufacture, deployment or shipment of our products, our business, financial condition and results of operations would be adversely affected. If we fail to comply with environmental requirements, our business, financial condition, results of operations and reputation could be adversely affected. We are subject to various environmental laws and regulations including laws governing the hazardous material content of our products and laws relating to the collection and recycling of electrical and electronic equipment. Examples of these laws and regulations include the EU Restrictions on the Use of certain Hazardous Substances in Electronic Equipment Directive and the EU Waste Electrical and Electronic Equipment Directive as well as the implementing legislation of the EU member states. Similar laws and regulations have been passed or are pending in China, South Korea and Japan and may be enacted in other regions, including in the United States, and we are, or may in the future be, subject to these laws and regulations. Our failure to comply with past, present, and future laws could result in reduced sales of our products, substantial product inventory write-offs, reputational damage, penalties, and other sanctions, any of which could harm our business and financial condition. We also expect that our products will be affected by new environmental laws and regulations on an ongoing basis. To date, our expenditures for environmental compliance have not had a material impact on our results of operations or cash flows, and although we cannot predict the future impact of such laws or regulations, they will likely result in additional costs and may increase penalties associated with violations or require us to change the content of our products or how they are manufactured, which could have a material adverse effect on our business, results of operations and financial condition. 42 Uncertainties in the interpretation and application of the 2017 Tax Cuts and Jobs Act could materially affect our tax obligations, effective tax rate and operating results. On December 22, 2017, the U.S. government enacted comprehensive tax legislation commonly referred to as the Tax Cuts and Jobs Act of 2017 (the “Tax Act”). The Tax Act makes broad and complex changes to the U.S. tax code. The changes include, but are not limited to, reducing the U.S. federal corporate tax rate from 35% to 21%, imposing a mandatory one-time transition tax on certain unrepatriated earnings of foreign subsidiaries, imposing certain additional limitations on the use of deferred tax assets, introducing bonus depreciation that will allow for full expensing of qualified property, eliminating the corporate alternative minimum tax (“AMT”), and changing how existing AMT credits can be realized. The U.S. Department of Treasury has broad authority to issue regulations and interpretative guidance that may significantly impact our tax obligations, effective tax rate and our results of operations. The Tax Act will likely be subject to ongoing technical guidance and accounting interpretation, which we will continue to monitor and assess. Although we cannot predict the nature or outcome of such future technical guidance and accounting interpretation, they could adversely impact our tax obligations, effective tax rate and results of operations. In addition, it is uncertain if, and to what extent, various states will conform to the new tax law and foreign countries will react by adopting tax legislation or taking other actions that could adversely affect our business. If we do not achieve increased tax benefits as a result of our corporate structure, our operating results and financial condition may be negatively impacted. We generally conduct our international operations through wholly-owned subsidiaries and report our taxable income in various jurisdictions worldwide based upon our business operations in those jurisdictions. In 2013, we completed the reorganization of our corporate structure and intercompany relationships to more closely align our corporate organization with the expansion of our international business activities. Although we anticipate achieving a reduction in our overall effective tax rate in the future as a result of this reorganized corporate structure, we may not realize any benefits. Our intercompany relationships are subject to complex transfer pricing regulations administered by taxing authorities in various jurisdictions. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position were not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. In addition, if the intended tax treatment of our reorganized corporate structure is not accepted by the applicable taxing authorities, changes in tax law negatively impact the structure or we do not operate our business consistent with the structure and applicable tax laws and regulations, we may fail to achieve any tax advantages as a result of the reorganized corporate structure, and our future operating results and financial condition may be negatively impacted. In addition, we continue to evaluate our corporate structure in light of current and pending tax legislation, and any changes to our corporate structure may require us to incur additional expenses and may impact our overall effective tax rate. A n n u a l R e p o r t We could be subject to additional tax liabilities. We are subject to U.S. federal, state, local and sales taxes in the United States and foreign income taxes, withholding taxes and transaction taxes in numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. In addition, our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by recognizing tax losses or lower than anticipated earnings in jurisdictions where we have lower statutory rates and higher than anticipated earnings in jurisdictions where we have higher statutory rates, by changes in foreign currency exchange rates, or by changes in the valuation of our deferred tax assets and liabilities. We may be audited in various jurisdictions, and such jurisdictions may assess additional taxes, sales taxes and value-added 43 taxes against us. Although we believe our tax estimates are reasonable, the final determination of any tax audits or litigation could be materially different from our historical tax provisions and accruals, which could have a material adverse effect on our operating results or cash flows in the period for which a determination is made. Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations. In general, under Section 382 of the Internal Revenue Code of 1986, as amended (the “Code”), a corporation that undergoes an “ownership change” is subject to limitations on its ability to utilize its pre-change net operating losses, or NOLs, to offset future taxable income. Our existing NOLs may be subject to limitations arising from previous ownership changes. Future changes in our stock ownership, some of which are outside of our control, could result in an ownership change under Section 382 of the Code and adversely affect our ability to utilize our NOLs in the future. Furthermore, our ability to utilize NOLs of companies that we may acquire in the future may be subject to limitations. There is also a risk that due to regulatory changes, such as suspensions on the use of NOLs, or other unforeseen reasons, our existing NOLs could expire or otherwise be unavailable to offset future income tax liabilities. For these reasons, we may not be able to utilize a material portion of the NOLs reflected on our balance sheet, even if we attain profitability. Risks Related to Our Convertible Senior Notes We are leveraged financially, which could adversely affect our ability to adjust our business to respond to competitive pressures and to obtain sufficient funds to satisfy our future growth, business needs and development plans. We have substantial existing indebtedness. In June 2015, we issued $460.0 million principal amount of 1.000% Convertible Senior Notes due 2035 (the “Series A Notes”) and $460.0 million principal amount of 1.625% Convertible Senior Notes due 2035 (the “Series B Notes” and, together with the Series A Notes, the “2035 Notes”). During the three months ended June 30, 2018, we issued $600.0 million aggregate principal amount of 0.875% Convertible Senior Notes due 2024 (the “2024 Notes” and, together with the 2035 Notes, the “convertible notes”) and repurchased approximately $340.2 million aggregate principal amount of certain of the 2035 Notes. As a result, as of December 31, 2018, we had approximately $1.2 billion aggregate principal amount of convertible notes outstanding. The degree to which we are leveraged could have negative consequences, including, but not limited to, the following: • we may be more vulnerable to economic downturns, less able to withstand competitive pressures and less flexible in responding to changing business and economic conditions; • • our ability to obtain additional financing in the future for working capital, capital expenditures, acquisitions, general corporate or other purposes may be limited; a substantial portion of our cash flows from operations in the future may be required for the payment of the principal amount of our existing indebtedness when it becomes due; and • we may elect to make cash payments upon any conversion of the convertible notes, which would reduce our cash on hand. Our ability to meet our payment obligations under our convertible notes depends on our ability to generate significant cash flow in the future. This, to some extent, is subject to general economic, financial, competitive, legislative, and regulatory factors as well as other factors that are beyond our control. There can be no assurance that our business will generate cash flow from operations, or that additional capital will be available to us, in an amount sufficient to enable us to meet our debt payment obligations and to fund other liquidity needs. If we are unable to generate sufficient cash flow to service our debt obligations, we may need to refinance or restructure our debt, sell assets, reduce or delay capital investments, or seek to raise additional capital. If we were unable to implement one or more of these alternatives, we may be unable to meet our debt payment obligations, which could have a material adverse effect on our business, results of operations, or financial condition. 44 The conditional conversion feature of each series of convertible notes, if triggered, may adversely affect our financial condition and operating results. In the event the conditional conversion feature of a series of convertible notes is triggered, holders of such series of convertible notes will be entitled to convert their convertible notes at any time during specified periods at their option. If one or more holders of such convertible notes elect to convert their convertible notes, unless we elect to satisfy our conversion obligation by delivering solely shares of our common stock (other than paying cash in lieu of delivering any fractional share), we would be required to settle a portion or all of our conversion obligation through the payment of cash, which could adversely affect our liquidity. In addition, even if holders of such series of convertible notes do not elect to convert their convertible notes, we could be required under applicable accounting rules to reclassify all or a portion of the outstanding principal of such series of convertible notes as a current rather than long-term liability, which would result in a material reduction of our net working capital. The accounting method for convertible debt securities that may be settled in cash, such as the convertible notes, is subject to changes that could have a material effect on our reported financial results. In May 2008, the Financial Accounting Standards Board, which we refer to as FASB, issued FASB Staff Position No. APB 14-1, Accounting for Convertible Debt Instruments That May Be Settled in Cash Upon Conversion (Including Partial Cash Settlement), which has subsequently been codified as Accounting Standards Codification 470-20, Debt with Conversion and Other Options, which we refer to as ASC 470-20. Under ASC 470-20, an entity must separately account for the liability and equity components of the convertible debt instruments (such as the convertible notes) that may be settled entirely or partially in cash upon conversion in a manner that reflects the issuer’s economic interest cost. The effect of ASC 470-20 on the accounting for each series of convertible notes is that the equity component is required to be included in the additional paid-in capital section of stockholders’ equity on our consolidated balance sheet and the value of the equity component would be treated as original issue discount for purposes of accounting for the debt component of such series of convertible notes. As a result, we will be required to record a greater amount of non-cash interest expense in current periods presented as a result of the amortization of the discounted carrying value of the convertible notes to their face amount over the term of the convertible notes. We will report lower net income in our financial results because ASC 470-20 will require interest to include both the current period’s amortization of the debt discount and the instrument’s non-convertible coupon interest for such series of convertible notes, which could adversely affect our reported or future financial results and the trading price of our common stock. In August 2016, the FASB issued ASU 2016-15, Statement of Cash Flows (Topic 230): Classification of Certain Cash Receipts and Cash Payments (a consensus of the Emerging Issues Task Force). This standard clarifies how certain cash receipts and payments should be classified in the statement of cash flows, including the cash settlement for each series of our convertible notes. Upon cash settlement, repayment of the principal amount will be bifurcated between cash outflows for operating activities for the portion related to accreted interest attributable to debt discounts arising from the difference between the coupon interest rate and the effective interest rate, and financing activities for the remainder. This will require us to classify the $310.4 million of accreted interest as cash used in operating activities in our consolidated financial statements upon cash settlement, which could adversely affect our future cash flow from operations. In addition, under certain circumstances, convertible debt instruments (such as the convertible notes) that may be settled entirely or partly in cash are currently accounted for utilizing the treasury stock method, the effect of which is that any shares issuable upon conversion of any series of convertible notes are not included in the calculation of diluted earnings per share except to the extent that the conversion value of such series of convertible notes exceeds their principal amount of such series of convertible notes. Under the treasury stock method, for diluted earnings per share purposes, the transaction is accounted for as if the number of shares of common stock that would be necessary to settle such excess conversion value, if we elected to settle such excess 45 A n n u a l R e p o r t in shares, are issued. We cannot be sure that the accounting standards in the future will continue to permit the use of the treasury stock method. If we are unable to use the treasury stock method in accounting for the shares issuable upon conversion of the convertible notes, then our diluted earnings per share would be adversely affected. Transactions related to our convertible notes may affect the market price of our common stock. The conversion of any of our series of convertible notes, if such conversion occurs, will dilute the ownership interests of then-existing stockholders to the extent we deliver shares upon conversion of any of the convertible notes. Any sales in the public market of the common stock issuable upon such conversion could adversely affect prevailing market prices of our common stock. In addition, the existence of the convertible notes may encourage short selling by market participants because any conversion of the convertible notes could be used to satisfy short positions, or anticipated conversion of the convertible notes into shares of our common stock could depress the price of our common stock. In addition, in connection with our issuance of the 2024 Notes, we entered into capped call transactions (the “capped call transactions”) with certain financial institutions (the “option counterparties”). The capped call transactions are expected generally to reduce the potential dilution to our common stock upon any conversion of the 2024 Notes and/or offset any cash payments we are required to make in excess of the principal amount of such 2024 Notes converted, as the case may be, with such reduction and/or offset subject to a cap. From time to time, the option counterparties or their respective affiliates may modify their hedge positions by entering into or unwinding various derivative transactions with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the maturity of the 2024 Notes. This activity could cause a decrease in the market price of our common stock. We are subject to counterparty risk with respect to the capped call transactions. The option counterparties to our capped call transactions are financial institutions, and we will be subject to the risk that one or more of the counterparties may default or otherwise fail to perform, or may exercise certain rights to terminate, their obligations under the capped call transactions. Our exposure to the credit risk of the option counterparties will not be secured by any collateral. Adverse global economic conditions may result in the actual or perceived failure or financial difficulties for financial institutions, including one or more of our option counterparties. If an option counterparty becomes subject to insolvency proceedings, we will become an unsecured creditor in those proceedings with a claim equal to our exposure at that time under our transactions with that option counterparty. Our exposure will depend on many factors but, generally, our exposure will increase if the market price or the volatility of our common stock increases. In addition, upon a default or other failure to perform, or a termination of obligations, by an option counterparty, we may suffer adverse tax consequences and more dilution than we currently anticipate with respect to our common stock. We can provide no assurances as to the financial stability or viability of the option counterparties. Risks Related to Ownership of Our Common Stock If securities or industry analysts do not publish research or reports about our business, or publish inaccurate or unfavorable research reports about our business, our share price and trading volume could decline. The trading market for our common stock, to some extent, depends on the research and reports that securities or industry analysts publish about us or our business. We do not have any control over these analysts. If one or more of the analysts who cover us should downgrade our shares or change their opinion of our shares, industry sector or products, our share price would likely decline. If one or more of these analysts ceases coverage of our Company or fails to regularly publish reports on us, we could lose visibility in the financial markets, which could cause our share price or trading volume to decline. 46 We may fail to meet our publicly announced guidance or other expectations about our business and future operating results, which would cause our stock price to decline. We have provided and may continue to provide guidance about our business and future operating results. In developing this guidance, our management must make certain assumptions and judgments about our future performance. Furthermore, analysts and investors may develop and publish their own projections of our business, which may form a consensus about our future performance. Our business results may vary significantly from such guidance or that consensus due to a number of factors, many of which are outside of our control, and which could adversely affect our operations and operating results. Such factors may include the possibility that interpretation, industry practice, and accounting guidance may continue to evolve during the early stages of adoption of Accounting Standard Update 2014-09, Revenue from Contracts with Customers (Topic 606) (“ASC 606”). Furthermore, if we make downward revisions of our previously announced guidance, or if our publicly announced guidance of future operating results fails to meet expectations of securities analysts, investors or other interested parties, the price of our common stock would decline. The price of our common stock has been and may continue to be volatile, and the value of your investment could decline. The trading price of our common stock has been volatile since our initial public offering, and is likely to continue to be volatile. The price of our common stock during the last twelve months has ranged from $14.20 to $20.61 as measured through February 20, 2019, and the last reported sale price on February 20, 2019 was $16.67. The trading price of our common stock may fluctuate widely in response to various factors, some of which are beyond our control. These factors include: • whether our results of operations, and in particular, our revenue growth rates, meet the expectations of securities analysts or investors; • • • • • • • • • • • • • • actual or anticipated changes in the expectations of investors or securities analysts, whether as a result of our forward-looking statements, our failure to meet such expectation or otherwise; announcements of new products, services or technologies, commercial relationships, acquisitions or other events by us or our competitors; changes in how customers perceive the effectiveness of our platform in protecting against advanced cyber attacks or other reputational harm; publicity concerning cyber attacks in general or high profile cyber attacks against specific organizations; price and volume fluctuations in the overall stock market from time to time; significant volatility in the market price and trading volume of technology and/or growth companies in general and of companies in the IT security industry in particular; A n n u a l R e p o r t fluctuations in the trading volume of our shares or the size of our public float; actual or anticipated changes or fluctuations in our results of operations; litigation involving us, our industry, or both; regulatory developments in the United States, foreign countries or both; general economic conditions and trends; natural disasters or other catastrophic events; sales of large blocks of our common stock or substantial future sales by our directors, executive officers, employees and significant stockholders; and departures of key personnel. 47 In addition, if the market for technology stocks or the stock market in general experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, results of operations or financial condition. The trading price of our common stock might also decline in reaction to events that affect other companies in our industry even if these events do not directly affect us. In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been brought against that company. The price of our common stock has been highly volatile since our IPO in September 2013, and beginning in June 2014, several lawsuits alleging violations of securities laws were filed against us and certain of our current and former directors and executive officers. Any securities litigation could result in substantial costs and divert our management’s attention and resources from our business. This could have a material adverse effect on our business, results of operations and financial condition. Sales of substantial amounts of our common stock in the public markets, or sales of our common stock by our executive officers and directors under Rule 10b5-1 plans, could adversely affect the market price of our common stock. Sales of a substantial number of shares of our common stock in the public market, or the perception that such sales could occur, could adversely affect the market price of our common stock and may make it more difficult for you to sell your common stock at a time and price that you deem appropriate. In addition, certain of our executive officers and directors have adopted, and other executive officers and directors may in the future adopt, written plans, known as “Rule 10b5-1 Plans,” under which they have contracted, or may in the future contract, with a broker to sell shares of our common stock on a periodic basis to diversify their assets and investments. Sales made by our executive officers and directors pursuant to Rule 10b5-1, regardless of the amount of such sales, could adversely affect the market price of our common stock. The issuance of additional stock in connection with financings, acquisitions, investments, our stock incentive plans, conversion of our convertible notes or otherwise will dilute all other stockholders. investment, our stock incentive plans, Our amended and restated certificate of incorporation authorizes us to issue up to 1,000,000,000 shares of common stock and up to 100,000,000 shares of preferred stock with such rights and preferences as may be determined by our board of directors. Subject to compliance with applicable rules and regulations, we may issue shares of common stock or securities convertible into our common stock from time to time in connection with a financing, acquisition, the conversion of our convertible notes or otherwise. For example, in January 2016, we issued 1,793,305 shares of common stock in connection with our acquisition of iSIGHT; in February 2016, we issued 742,026 shares of common stock in connection with our acquisition of Invotas; in October 2017, we issued 259,425 shares of common stock in connection with our acquisition of The Email Laundry; and in January 2018, we issued 1,016,334 shares of common stock in connection with our acquisition of X15. In addition, we issued $920.0 million aggregate principal amount of 2035 Notes, of which approximately $579.8 million aggregate principal remains outstanding, and we issued $600.0 million aggregate principal amount of the 2024 Notes during the three months ended June 30, 2018. Any future issuances could result in substantial dilution to our existing stockholders and cause the trading price of our common stock to decline. We do not intend to pay dividends for the foreseeable future. We have never declared or paid any dividends on our common stock. We intend to retain any earnings to finance the operation and expansion of our business, and we do not anticipate paying any cash dividends in the future. As a result, you may only receive a return on your investment in our common stock if the market price of our common stock increases. 48 The requirements of being a public company may strain our resources, divert management’s attention and affect our ability to attract and retain qualified board members. As a public company, we are subject to the reporting requirements of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), the listing requirements of the NASDAQ Stock Market and other applicable securities rules and regulations. Compliance with these rules and regulations has increased and will continue to increase our legal and financial compliance costs, has made and will continue to make some activities more difficult, time-consuming or costly, and has increased and will continue to increase demand on our systems and resources. Among other things, the Exchange Act requires that we file annual, quarterly and current reports with respect to our business and results of operations and maintain effective disclosure controls and procedures and internal control over financial reporting. In order to maintain and, if required, improve our disclosure controls and procedures and internal control over financial reporting to meet this standard, significant resources and management oversight may be required. As a result, management’s attention may be diverted from other business concerns, which could harm our business and results of operations. Although we have already hired additional employees to comply with these requirements, we may need to hire even more employees in the future, which will increase our costs and expenses. We are subject to the independent auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act (“Section 404”), enhanced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. While we were able to determine in our management’s report for fiscal 2018 that our internal control over financial reporting is effective, as well as provide an unqualified attestation report from our independent registered public accounting firm to that effect, we have and will continue to consume management resources and incur significant expenses for Section 404 compliance on an ongoing basis. In the event that our Chief Executive Officer, Chief Financial Officer, or independent registered public accounting firm determines in the future that our internal control over financial reporting is not effective as defined under Section 404, we could be subject to one or more investigations or enforcement actions by state or federal regulatory agencies, stockholder lawsuits or other adverse actions requiring us to incur defense costs, pay fines, settlements or judgments and causing investor perceptions to be adversely affected and potentially resulting in a decline in the market price of our stock. In addition, changing laws, regulations and standards relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs, and making some activities more time consuming. These laws, regulations and standards are subject to varying interpretations, in many cases due to their lack of specificity, and as a result, their application in practice may evolve over time as new guidance is provided by regulatory and governing bodies. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices. We intend to invest resources to comply with evolving laws, regulations, and standards, and this investment will increase our general and administrative expense and a diversion of management’s time and attention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations, and standards are unsuccessful, regulatory authorities may initiate legal proceedings against us and our business may be harmed. We also expect that these new rules and regulations will make it more expensive for us to obtain and maintain director and officer liability insurance, and in the future, we may be required to accept reduced coverage or incur substantially higher costs to obtain coverage. These factors could also make it more difficult for us to attract and retain qualified executive officers and members of our board of directors, particularly to serve on our audit committee and compensation committee. In addition, as a result of our disclosure obligations as a public company, we have reduced strategic flexibility and are under pressure to focus on short-term results, which may adversely impact our ability to achieve long-term profitability. 49 A n n u a l R e p o r t We are obligated to maintain proper and effective internal control over financial reporting. We may not complete our analysis of our internal control over financial reporting in a timely manner, or this internal control may not be determined to be effective, which may adversely affect investor confidence in our Company and, as a result, the value of our common stock. We are required, pursuant to the Exchange Act, to furnish a report by management on, among other things, the effectiveness of our internal control over financial reporting. This assessment will need to include disclosure of any material weaknesses identified by our management in our internal control over financial reporting, as well as a statement that our auditors have issued an attestation report on our internal controls. While we were able to determine in our management’s report for fiscal 2018 that our internal control over financial reporting is effective, as well as provide an unqualified attestation report from our independent registered public accounting firm to that effect, we may not be able to complete our evaluation, testing, and any required remediation in a timely fashion or our independent registered public accounting firm may not be able to formally attest to the effectiveness of our internal control over financial reporting in the future. During the evaluation and testing process, if we identify one or more material weaknesses in our internal control over financial reporting that we are unable to remediate before the end of the same fiscal year in which the material weakness is identified, we will be unable to assert that our internal controls are effective. If we are unable to assert that our internal control over financial reporting is effective, or if our independent registered public accounting firm is unable to attest to the effectiveness of our internal controls or determine we have a material weakness in our internal controls, we could lose investor confidence in the accuracy and completeness of our financial reports, which would cause the price of our common stock to decline. Our charter documents and Delaware law, as well as certain provisions of our convertible notes, could discourage takeover attempts and lead to management entrenchment, which could also reduce the market price of our common stock. Our amended and restated certificate of incorporation and amended and restated bylaws contain provisions that could delay or prevent a change in control of our Company. These provisions could also make it difficult for stockholders to elect directors who are not nominated by the current members of our board of directors or take other corporate actions, including effecting changes in our management. These provisions include: • • • • • • a classified board of directors with three-year staggered terms, which could delay the ability of stockholders to change the membership of a majority of our board of directors; the ability of our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval, which could be used to significantly dilute the ownership of a hostile acquiror; the exclusive right of our board of directors to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death or removal of a director, which prevents stockholders from being able to fill vacancies on our board of directors; a prohibition on stockholder action by written consent, which forces stockholder action to be taken at an annual or special meeting of our stockholders; the requirement that a special meeting of stockholders may be called only by our board of directors, the chairperson of our board of directors, our Chief Executive Officer or our President (in the absence of a Chief Executive Officer), which could delay the ability of our stockholders to force consideration of a proposal or to take action, including the removal of directors; the requirement for the affirmative vote of holders of at least 66 2/3% of the voting power of all of the then outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our amended and restated certificate of incorporation relating to the management of our business 50 (including our classified board structure) or certain provisions of our amended and restated bylaws, which may inhibit the ability of an acquiror to effect such amendments to facilitate an unsolicited takeover attempt; • • the ability of our board of directors to amend the bylaws, which may allow our board of directors to take additional actions to prevent an unsolicited takeover and inhibit the ability of an acquiror to amend the bylaws to facilitate an unsolicited takeover attempt; and advance notice procedures with which stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting, which may discourage or deter a potential acquiror from conducting a solicitation of proxies to elect the acquiror’s own slate of directors or otherwise attempting to obtain control of us. In addition, as a Delaware corporation, we are subject to Section 203 of the Delaware General Corporation Law, which may prohibit large stockholders, in particular those owning 15% or more of our outstanding voting stock, from merging or combining with us for a specified period of time. Additionally, certain provisions of our convertible notes could make it more difficult or more expensive for a third party to acquire us. The application of Section 203 or certain provisions of our convertible notes also could have the effect of discouraging, delaying or preventing a transaction involving a change in control of us. Any of these provisions could, under certain circumstances, depress the market price of our common stock. Item 1B. Unresolved Staff Comments None. Item 2. Properties Our corporate headquarters is located in Milpitas, California where we currently lease approximately 190,000 square feet of space under lease agreements that expire during the year ended December 31, 2027. We maintain additional offices throughout the United States and various international locations, including, but not limited to, Australia, Dubai, Germany, India, Ireland, Japan, Singapore and the United Kingdom. We believe that our current facilities are adequate to meet our ongoing needs, and that, if we require additional space, we will be able to obtain additional facilities on commercially reasonable terms. Item 3. Legal Proceedings The information set forth under “Litigation” in Note 10 contained in the “Notes to Consolidated Financial Statements” in Part II, Item 8 of this Annual Report on Form 10-K is incorporated herein by reference. A n n u a l R e p o r t Item 4. Mine Safety Disclosures Not applicable. 51 PART II Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities Market Information Our common stock, $0.0001 par value per share, began trading on The NASDAQ Global Select Market on September 20, 2013, where its prices are quoted under the symbol “FEYE.” Holders of Record As of December 31, 2018, there were 97 holders of record of our common stock. Because many of our shares are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of stockholders represented by these record holders. Stock Performance Graph The following performance graph shall not be deemed “filed” for purposes of Section 18 of the Exchange Act or otherwise subject to the liabilities under that Section, and shall not be deemed to be incorporated by reference into any of our filings under the Securities Act of 1933, as amended (“the Exchange Act”), except as shall be expressly set forth by specific reference in such filing. The following graph compares the cumulative total return of our common stock with the total return for the Standard & Poor’s 500 Index and the Standard & Poor’s Information Technology Index from December 31, 2013 through December 31, 2018. The graph assumes that $100 was invested on December 31, 2013 in our common stock, the Standard & Poor’s 500 Index and the Standard & Poor’s Information Technology Index, and assumes reinvestment of any dividends. The stock price performance on the following graph is not necessarily indicative of future stock price performance. 52 COMPARISON OF 5 YEAR CUMULATIVE TOTAL RETURN* Among FireEye, Inc., the S&P 500 Index and the S&P Information Technology Index $250 $200 $150 $100 $50 $0 12/13 12/14 12/15 12/16 12/17 12/18 FireEye, Inc. S&P 500 S&P Information Technology A n n u a l R e p o r t *$100 invested on 12/31/13 in stock or index, including reinvestment of dividends. Fiscal year ending December 31. Copyright© 2019 Standard & Poor's, a division of S&P Global. All rights reserved. FireEye, Inc. S&P 500 S&P Information Technology Dividend Policy 12/13 12/14 12/15 12/16 12/17 12/18 $100.00 $100.00 $100.00 $ 72.41 $113.69 $120.12 $ 47.56 $115.26 $127.23 $ 27.29 $129.05 $144.85 $ 32.56 $157.22 $201.10 $ 37.17 $150.33 $200.52 We have never declared or paid, and do not anticipate declaring or paying in the foreseeable future, any cash dividends on our capital stock. Any future determination as to the declaration and payment of dividends, if any, will be at the discretion of our board of directors, subject to applicable laws, and will depend on then existing conditions, including our financial condition, operating results, contractual restrictions, capital requirements, business prospects, and other factors our board of directors may deem relevant. Recent Sales of Unregistered Securities There were no sales of unregistered securities during the period covered by this Annual Report on Form 10-K, other than those previously reported in a Quarterly Report on Form 10-Q or in a Current Report on Form 8-K. Issuer Purchases of Equity Securities No shares of our common stock were repurchased during the three months ended December 31, 2018. 53 Securities Authorized for Issuance Under Equity Compensation Plans See Part III, Item 12 of this Annual Report on Form 10-K regarding information about securities authorized for issuance under our equity compensation plans. Item 6. Selected Consolidated Financial Data The following selected historical financial data should be read in conjunction with Part II, Item 7, “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” and our financial statements and the related notes appearing in Part II, Item 8, “Financial Statements and Supplementary Data,” of this Annual Report on Form 10-K to fully understand the factors that may affect the comparability of the information presented below. The statements of operations data for the years ended December 31, 2018, 2017 and 2016 and the balance sheet data as of December 31, 2018 and 2017 are derived from our audited financial statements appearing in Part II, Item 8, “Financial Statements and Supplementary Data,” of this Annual Report on Form 10-K. The statements of operations for the years ended December 31, 2015 and 2014 and the balance sheet data as of December 31, 2016, 2015 and 2014 are derived from audited financial statements not included in this Annual Report on Form 10-K. Our historical results are not necessarily indicative of the results to be expected in the future. For the years ended December 31, 2017 and 2016, we have adjusted certain of the following financial data as a result of adoption of ASC 606 in the first quarter of the year ended December 31, 2018. Financial data for the years ended December 31, 2015 and 2014 has not been adjusted to reflect the adoption of ASC 606. See Note 1 contained in the “Notes to Consolidated Financial Statements” included in Part II, Item 8 of this Annual Report on Form 10-K for further information regarding our impact of adoption of ASC 606. Consolidated Statements of Operations Data: Revenue: Cost of revenue:(1) Total gross profit Operating expenses:(1) Research and development Sales and marketing General and administrative Restructuring charges Total operating expenses Operating loss Interest income Interest expense Other expense, net Loss before income taxes Provision for (benefit from) income taxes Year Ended December 31, 2018 2017* 2016* 2015 2014 (In thousands, except per share data) $ 830,950 272,475 $ 779,648 271,647 $ 705,995 271,083 $ 622,967 233,204 $ 425,662 175,093 558,475 508,001 434,912 389,763 250,569 254,142 380,962 105,773 — 740,877 (182,402) 16,033 (56,426) (14,804) (237,599) 5,524 243,273 379,278 125,549 — 748,100 (240,099) 9,323 (49,766) (10) (280,552) 4,632 279,594 437,519 139,791 27,630 884,534 (449,622) 6,582 (47,869) (3,247) (494,156) (8,721) 279,467 476,166 141,790 — 897,423 (507,660) 2,935 (27,116) (3,284) (535,125) 4,090 203,187 401,151 121,099 4,327 729,764 (479,195) 713 (26) (1,936) (480,444) (36,654) Net loss attributable to common stockholders $(243,123) $(285,184) $(485,435) $(539,215) $(443,790) Net loss per share attributable to common stockholders, basic and diluted Weighted-average shares used to compute net loss per share attributable to common stockholders $ (1.27) $ (1.60) $ (2.97) $ (3.50) $ (3.12) 190,803 177,757 163,211 154,120 142,176 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. 54 (1) Includes stock-based compensation expense as follows: Stock-Based Compensation Expense: Cost of revenue Research and development Sales and marketing General and administrative Restructuring 2018 2017 2016 2015 2014 (In thousands) $ 28,362 49,503 47,592 28,218 — $ 32,656 56,720 46,766 30,194 — $ 31,903 64,755 57,750 43,343 1,144 $ 31,023 68,329 73,286 49,793 — $ 17,925 28,968 66,773 38,186 — Total stock-based compensation expense $153,675 $166,336 $198,895 $222,431 $151,852 Consolidated Balance Sheet Data: Cash and cash equivalents Total assets Total deferred revenue Total long-term debt Total stockholders’ equity 2018 2017* 2016* 2015 2014 As of December 31, (In thousands) $ 409,829 $2,696,078 $ 934,828 $ 962,577 $ 650,394 $ 180,891 $2,458,837 $ 910,100 $ 779,578 $ 632,216 $ 223,667 $2,526,092 $ 927,749 $ 741,980 $ 710,006 $ 402,102 $2,441,473 $ 526,998 $ 706,198 $1,044,372 $ 146,363 $1,758,881 $ 352,543 $ — $1,250,828 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. A n n u a l R e p o r t 55 Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our financial statements and related notes appearing elsewhere in this Annual Report on Form the following discussion contains forward-looking 10-K. In addition to historical statements that reflect our plans, estimates and beliefs. Our actual results could differ materially from those contained in or implied by any forward-looking statements. Factors that could cause or contribute to these differences include those under “Risk Factors” included in Part I, Item 1A or in other parts of this Annual Report on Form 10-K. information, financial Overview We provide a broad portfolio of cybersecurity solutions and services that allow organizations to prepare for, prevent, respond to and remediate cyber attacks. Our products include detection and prevention solutions for network, email and endpoint security, forensics appliances, security orchestration software, subscription-based threat intelligence and analytics solutions, and our Helix security operations platform. These products are complemented by our technology-enabled Managed Defense security service and our Mandiant incident response and cyber security consulting services. Our Business Model We generate revenue from sales of our network, email and endpoint security solutions, our security orchestration software, our cloud-based threat intelligence subscriptions, our managed security service, our Helix security operations platform, and our Mandiant professional services. We disaggregate our revenue into two main categories: (i) product, subscription, and support and (ii) professional services. For the years ended December 31, 2018, 2017 and 2016, product, subscription and support revenue as a percentage of total revenue was 83% for each period. Revenue from professional services was 17% of total revenue for each period. Within the Product, subscription and support category, we provide supplemental data to distinguish between solutions that are deployed on-premise (or in hybrid on-premise/cloud configurations), and solutions and Managed services that are delivered entirely through the cloud. Security solutions deployed on-premise (or in hybrid on-premise/cloud configurations) are included in the Product and related subscription and support sub-category, and solutions without an on-premise component are included in the Cloud subscription and Managed services sub-category. For the years ended December 31, 2018, 2017 and 2016, Product and related subscription and support revenue as a percentage of total revenue was 60%, 62% and 62%, respectively. Revenue from Cloud subscription and Managed services was 23%, 21% and 21% for the years ended December 31, 2018, 2017 and 2016, respectively. Revenue in the Product and related subscription and support sub-category consists primarily of revenue from sales of our network, email and endpoint security solutions that are deployed on the customer’s premise, either as an integrated security appliance or in distributed hybrid on-premise/cloud configurations. Both deployment options are available on pre-configured appliance hardware or as virtual appliance software, and include FireEye IDA and MVX detection technologies, our DTI cloud updates, and support services. Integrated and distributed solutions deployed on virtual appliances are offered as an “all inclusive” capacity- based subscription that includes our IDA and MVX technologies (distributed deployments include a shared MVX service), DTI cloud updates, and support services. There is no limit to the number of virtual appliances a customer can deploy, and capacity can be distributed throughout the network as needed. Subscription revenue is recognized ratably over the contractual term, typically one to three years. Customers purchasing our network and email security subscriptions have the option of purchasing our appliance hardware at additional cost, but are not required to do so. Integrated network and email security solutions can also be deployed on pre-configured appliance hardware purpose-built for FireEye security solutions with scalable throughput from 50 megabits per second to multiple 56 gigabits per second. Integrated security appliances are delivered with pre-installed IDA and MVX detection technologies and require subscriptions to our DTI cloud updates and support services, which are priced at 20% of the appliance price per year. Subscription terms are typically one to three years and include a material right of renewal. The majority of our installed base of network and on-premise email security customers purchased our solutions under this pricing model. Since our network, email and endpoint security solutions require regular DTI cloud and software updates to maintain detection efficacy, physical and virtual security appliances and the related DTI cloud and support subscriptions are considered a single performance obligation, whether deployed as an integrated appliance or in a distributed hybrid on-premise/cloud configuration. As a single performance obligation, revenue from sales of appliance hardware and related subscriptions is recognized ratably over the contractual term, typically one to three years. Such contracts typically contain a material right of renewal option that allows the customer to renew their DTI cloud and support subscriptions for an additional term at a discount to the original purchase price of the single performance obligation. For contacts that contain a material right of renewal option, the value of the performance obligation allocated to the renewal is recognized ratably over the period between the end of the initial contractual term and end of the estimated useful life of the related appliance and license. Revenue in the Cloud subscriptions and Managed services sub-category consists primarily of revenue from sales of our cloud-based email security, our threat analytics platform (either standalone or within the Helix security operations platform), our standalone threat intelligence subscriptions and our Managed Defense managed detection and response service. Revenue from our Cloud subscriptions and Managed services is recognized ratably over the contractual term, generally one to three years. A small portion of our revenue in the product and related subscription and support revenue is derived from the sale of our network forensics appliances and our central management system (“CMS”) appliances. These appliances are not dependent on regular security intelligence updates, and revenue from these appliances is therefore recognized when ownership is transferred to our customer, typically at shipment. Sales of our network, email, and endpoint security solutions, cloud subscriptions, and managed services, initially increase our deferred revenue. Deferred revenue from our product, subscription and support sales totaled $868.0 million and $859.5 million as of December 31, 2018 and 2017, respectively. The increase in deferred revenue from our product, subscription and support sales in 2018 compared to 2017 reflected strong subscription renewals by enterprise-class customers for our network, email and endpoint security products and increases in sales of our Cloud subscriptions and Managed services, partially offset by a decrease in sales of our appliance hardware compared with prior periods. Our retention rate of enterprise-class customers with subscriptions and support contracts expiring in the 12 months ended December 31, 2018 was consistent with historical retention rates. To complement our product, subscription and support solutions, we offer professional services, including incident response and other security consulting services, to our customers who have experienced a cyber security breach or desire assistance assessing the resilience of their networks. The majority our professional services are offered on a time and materials basis, through a fixed fee arrangement, or on a retainer basis. Revenue from professional services is recognized as services are delivered. Revenue from our Expertise-on-Demand micro- services and some pre-paid professional services is deferred and revenue is recognized when services are delivered. Deferred revenue from professional services as of December 31, 2018 and 2017 was $66.8 million and $50.6 million, respectively. A n n u a l R e p o r t 57 Key Business Metrics We monitor the key business metrics set forth below to help us evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing efforts, and assess operational efficiencies. We discuss revenue and gross margin below under “Components of Operating Results.” Deferred revenue, billings (a non-GAAP metric), net cash flow provided by (used in) operating activities, and free cash flow (a non-GAAP metric) are discussed immediately below the following table (in thousands, except percentages). Product, subscription and support revenue Professional services revenue Total revenue Year-over-year percentage increase Gross margin percentage Deferred revenue, current Deferred revenue, non-current Billings (non-GAAP) Net cash provided by (used in) operating activities Free cash flow (non-GAAP) Year Ended or as of December 31, 2018 2017* 2016* $687,382 143,568 $645,965 133,683 $584,885 121,110 $830,950 $779,648 $705,995 7% 67% 10% 65% 62% $556,815 $378,013 $855,678 $ 17,381 $ 10,125 $508,718 $546,615 $419,031 $363,485 $822,787 $761,999 $ 17,640 $ (14,585) $ (26,139) $ (50,899) * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. Deferred revenue. Our deferred revenue consists of amounts that we have the right to invoice, but have not yet been recognized into revenue as of the end of the respective period. The majority of our deferred revenue consists of the unamortized balance of deferred revenue from previously invoiced sales of our security appliance hardware, and non-cancelable contracts for subscriptions to our network, email and endpoint security solutions, threat intelligence, managed services and support and maintenance contracts. Invoiced amounts for such contracts can be for multiple years, and we classify our deferred revenue as current or non-current depending on when we expect to recognize the related revenue. If the deferred revenue is expected to be recognized within 12 months it is classified as current, otherwise, the deferred revenue is classified as non-current. We monitor our deferred revenue balance because it represents a significant portion of revenue to be recognized in future periods. 58 Billings. Billings are a non-GAAP financial metric that we define as revenue recognized in accordance with generally accepted accounting principles (“GAAP”) plus the change in deferred revenue from the beginning to the end of the period, excluding deferred revenue assumed through acquisitions. We consider billings to be a useful metric for management and investors, as a supplement to the corresponding GAAP measure, because billings impact our deferred revenue, which is an important indicator of the health and visibility of trends in our business and represents a significant percentage of future revenue. However, it is important to note that other companies, including companies in our industry, may not use billings, may define billings differently, may have different billing frequencies, or may use other financial measures to evaluate their performance, all of which could reduce the usefulness of billings as a comparative measure. A reconciliation of billings to revenue, the most directly comparable financial measure calculated and presented in accordance with GAAP, is provided below (in thousands): Revenue Add: Deferred revenue, end of period Less: Deferred revenue, beginning of period Less: Deferred revenue assumed through acquisitions Billings (non-GAAP) Year Ended December 31, 2018 2017* 2016* $830,950 934,828 910,100 — $779,648 910,100 927,749 $705,995 927,749 789,870 21,087 $855,678 $761,999 $822,787 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. We have provided disaggregation of our billings in the table below (in thousands): Product and related subscription and support Cloud subscription and Managed services Professional Services Billings (non-GAAP) Year Ended December 31, 2018 2017* 2016* $451,973 243,903 159,802 $414,809 194,939 152,251 $499,038 188,664 135,085 $855,678 $761,999 $822,787 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. Net cash provided by (used in) operating activities. We monitor net cash provided by (used in) operating activities as a measure of our overall business performance. Our net cash provided by (used in) operating activities performance is driven in large part by sales of our products and from up-front payments for both subscriptions and support and maintenance services. Monitoring net cash provided by (used in) operating activities enables us to analyze our financial performance without the non-cash effects of certain items, such as depreciation, amortization, amounts deemed repayment of convertible senior notes attributable to accreted debt discount and stock-based compensation costs, thereby allowing us to better understand and manage the cash needs of our business. A n n u a l R e p o r t 59 Free cash flow. Free cash flow is a non-GAAP financial measure we define as net cash provided by (used in) operating activities, the most directly comparable GAAP financial measure, plus amounts deemed to be repayment of accreted debt discount on repurchased convertible senior notes, less purchases of property and equipment and demonstration units. We consider free cash flow to be a liquidity measure that provides useful information to management and investors about the amount of cash generated by our business when excluding deemed repayment of accreted debt discount on repurchased convertible notes and that, after the purchases of property and equipment and demonstration units, can be used by us for strategic opportunities, including investing in our business, making strategic acquisitions and strengthening our balance sheet. However, it is important to note that other companies, including companies in our industry, may not use free cash flow, may calculate free cash flow differently, or may use other financial measures to evaluate their performance, all of which could reduce the usefulness of free cash flow as a comparative measure. A reconciliation of free cash flow to cash flow provided by (used in) operating activities is provided below (in thousands): Cash flow provided by (used in) operating activities Add: deemed repayment of convertible senior notes attributable to accreted debt discount Less: purchase of property and equipment and demonstration units Free cash flow (non-GAAP) Net cash used in investing activities Net cash provided by (used in) financing activities Factors Affecting our Performance Year Ended December 31, 2018 2017 2016 $ 17,381 $ 17,640 $ (14,585) 43,575 50,831 — 43,779 — 36,314 $ 10,125 $(26,139) $ (50,899) $ (48,517) $(59,323) $(189,696) $260,074 $ (1,093) $ 25,846 Market Adoption. We rely on market education to raise awareness of today’s cyber attacks and articulate the need for our security solutions and services. Our prospective customers often do not have a specific portion of their IT budgets allocated for advanced security solutions that address the next generation of cyber attacks. Additionally, the market for security operations platforms such as FireEye Helix is in the early stages of development. We invest heavily in sales and marketing efforts to increase market awareness, educate prospective customers and drive adoption of our products, subscriptions and services. This market education is critical to creating new IT budget dollars or allocating more of existing IT budget dollars to advanced threat protection and security operations management solutions and, in particular, our solutions and the FireEye Helix platform. The degree to which prospective customers recognize the mission critical need for advanced threat protection solutions and security operations management solutions, including our FireEye Helix platform, will drive our ability to acquire new customers and increase renewals and follow-on sales opportunities, which, in turn, will affect our future financial performance. Sales Productivity. Our sales organization consists of in-house sales teams who work in collaboration with external channel partners to identify new sales prospects, sell additional products, subscriptions and services, and provide post-sale support. Our sales teams are organized by territory to target large enterprise and government customers, who typically have sales cycles that can last several months or more. We have also expanded our inside sales teams to work with channel partners to expand our customer base of small and medium enterprises, or SMEs, as well as manage renewals of subscription and support contracts. Newly hired sales and marketing employees typically require several months to establish prospect relationships and achieve full sales productivity. In addition, although we believe our investments in market education have increased awareness of us and our solutions globally, sales teams in certain international markets 60 may face local markets with limited awareness of us and our solutions, or have specific requirements that are not available with our solutions. All of these factors will influence the timing and overall levels of sales productivity, impacting the rate at which we will be able to convert prospects to sales and drive revenue growth. Retention Rates. New or existing customers who purchase our appliance-based network, email, or endpoint security solutions are required to purchase a one to three year subscription to our DTI cloud and support and maintenance services. New or existing customers who purchase our network forensic appliances or our CMS management appliances are required to purchase support and maintenance services for a term of one to three years. Customers who purchase our network, email or endpoint security subscriptions (with or without appliance hardware), and our cloud subscriptions or managed services typically purchase contracts of one to three years duration. Since we expect that our existing customers are likely to expand their deployments and purchase additional solutions from us over time, we believe our customer retention rate is an important metric to measure the long- term value of our customer agreements. We define retention rate as the percentage of customers at the end of the previous period that are up for renewal in the current period that remain customers at the end of the current period on a trailing twelve month basis. We believe our ability to maintain strong customer retention rates will have a material impact on our future sales of our security solutions and services and therefore our future financial performance. Follow-On Sales. After the initial sale to a new customer, we focus on expanding our relationship with the customer to sell additional products, subscriptions and services. To grow our revenue, it is important that our customers make additional purchases of our products, subscriptions and services. Sales to our existing customer base can take the form of incremental sales of network, email and endpoint security solutions, cloud subscriptions, managed services, and professional services either to deploy our platform into additional parts of their network to protect additional threat vectors, or to extend their internal security resources with our managed and professional security services. Our opportunity to expand our customer relationships through follow-on sales will increase as we add new customers, broaden our product portfolio with additional subscriptions and services and enhance the functionality of our existing products and the Helix platform. Follow-on sales lead to increased revenue over the lifecycle of a customer relationship and can significantly increase the return on our sales and marketing investments. With many of our large enterprise and government customers, we have realized follow-on sales that were multiples of the value of their initial purchases. Components of Operating Results Revenue We generate revenue from the sales of our products, subscriptions and services. As discussed further in “Critical Accounting Policies and Estimates-Revenue from Contracts with Customers” below, revenue is recognized when a contract has been entered into with a customer, the performance obligation(s) is(are) identified, the transaction price is determined and has been allocated to the performance obligation(s) and only then for each performance obligation after we have satisfied that performance obligation. • Product, subscription and support revenue. Our product, subscription and support revenue is generated from sales of our network, email, and endpoint security solutions deployed on the customer’s premise (or in a hybrid on-premise/cloud deployment), as well as cloud subscriptions and managed services. We combine our virtual and physical appliances and software licenses with the mandatory subscriptions to our DTI cloud updates and support services as a single performance obligation. As a result, we recognize revenue for this single performance obligation ratably over the contractual term. Contracts containing this single performance obligation typically contain a material right of renewal option. For contracts that contain a material right of renewal option, the allocated value of the performance obligation is recognized ratably over the period between the end of the initial contractual term and the end of the estimated useful life of the related appliance and license. Significant judgment 61 A n n u a l R e p o r t is required in estimating the useful life of our intelligence dependent appliances and assessing the material rights associated with such products. Revenue from our Cloud subscription and Managed services is recognized ratably over the contractual term, typically one to three years. • Professional services revenue. Professional services, which includes incident response, compromise assessments, and other security consulting services, are offered on a time-and-material basis, through a fixed fee arrangement, or on a retainer basis. We recognize the associated revenue as the services are delivered. Some professional services and our Expertise-on-Demand micro-services are prepaid, and revenue is deferred until services are delivered. Cost of Revenue Our total cost of revenue consists of cost of product, subscription and support revenue and cost of professional services revenue. • Cost of product, subscription and support revenue. Cost of product, subscription and support revenue primarily consists of costs paid to our third-party contract manufacturers for our appliances, other costs in our manufacturing operations department, and personnel costs associated with maintaining our Dynamic Threat Intelligence updates and our global customer support operations. Personnel costs associated with our operations and global customer support organizations consist of salaries, benefits, bonuses and stock-based compensation. Overhead costs consist of certain facilities, depreciation and information technology costs. Our cost of product, subscription and support revenue also includes product testing costs, shipping costs and allocated overhead costs. If revenue from sales of product, subscriptions and support declines, the cost of product, subscription and support revenue may increase as a percentage of product, subscription and support revenue due to the fixed nature of a portion of these costs. Additionally, our appliance related cost of goods sold are capitalized and amortized on a systematic basis that is consistent with the pattern of transfer to which the asset relates. • Cost of professional services revenue. Cost of professional services revenue primarily consists of personnel costs for our services organization and allocated overhead costs. If sales of our professional services decline or we are unable to maintain our changeability rates, our cost of professional services revenue may increase as a percentage of professional services revenue. Gross Margin Gross margin, or gross profit as a percentage of revenue, has been and will continue to be affected by a variety of factors, including our average selling prices, the mix of products and services sold, the mix of revenue among products, subscriptions and services and manufacturing costs. We expect our gross margins to fluctuate over time depending on these factors. Operating Expenses Our operating expenses consist of research and development, sales and marketing and general and administrative expenses. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, stock-based compensation and, with regard to sales and marketing expense, sales commissions. Operating expenses also include allocated overhead costs consisting of certain facilities, depreciation and information technology costs. • Research and development. Research and development expense consists primarily of personnel costs and allocated overhead. Research and development expense also includes prototype related expenses. We expect research and development expense to increase in absolute dollars but to remain flat as a percentage of total revenue. • Sales and marketing. Sales and marketing expense consists primarily of personnel costs, incentive commission costs and allocated overhead. Commission costs are capitalized and amortized based on 62 the useful life amortization period taking into consideration the pattern of transfer to which the asset relates and the expected renewal periods during which renewal commissions are not commensurate with the initial commissions paid. When initial commissions are higher than (not-commensurate with) renewal commissions, we recognize the incremental portion of initial commissions over an estimated renewal period. The commensurate portion will be recognized over the same period as the initial revenue arrangement to which it relates. Sales and marketing expense also includes costs for market development programs, promotional and travel, depreciation of proof-of-concept evaluation units and outside other marketing activities, consulting costs. These costs are recognized as incurred. We expect sales and marketing expense to remain relatively flat in absolute terms, but decrease as a percentage of total revenue. • General and administrative. General and administrative expense consists of personnel costs, professional service costs and allocated overhead. General and administrative personnel include our executive, finance, human resources, facilities and legal organizations. Professional service costs consist primarily of legal, auditing, accounting and other consulting costs. We expect general and administrative expense to remain relatively flat in absolute terms, but to decrease as a percentage of total revenue. Interest Income Interest income consists of interest earned on our cash and cash equivalent and investment balances. We have historically invested our cash in money-market funds and other short-term, high quality securities. We expect interest income to vary each reporting period depending on our average investment balances during the period, types and mix of investments and market interest rates. Interest Expense Interest expense consists primarily of interest at the stated rate (coupon) and amortization of discounts and issuance costs relating to our convertible notes. Other Income (Expense), Net Other income (expense), net includes gains or losses on the disposal of fixed assets, gains or losses from our equity-method investment, gains or losses on the extinguishment of convertible notes, foreign currency re-measurement gains and losses and foreign currency transaction gains and losses. We expect other income (expense), net to fluctuate depending primarily on foreign exchange rate movements. Provision for (Benefit from) Income Taxes Provision for income taxes primarily relates to income taxes payable in foreign jurisdictions in which we conduct business, withholding taxes, and state income taxes in the United States. The provision is offset by tax benefits primarily related to the reversal of valuation allowances previously established against our deferred tax assets. Should the tax benefits exceed the provision, then a net tax benefit from income taxes is reflected for the period. Income in certain countries may be taxed at statutory tax rates that are lower than the U.S. statutory tax rate. As a result, our overall effective tax rate over the long-term may be lower than the U.S. federal statutory tax rate due to net income being subject to foreign income tax rates that are lower than the U.S. federal statutory rate. A n n u a l R e p o r t 63 Results of Operations The following tables summarize our results of operations for the periods presented and as a percentage of our total revenue for those periods. The period-to-period comparison of results is not necessarily indicative of results for future periods. Revenue: Product, subscription and support Professional services Total revenue Cost of revenue: Product, subscription and support Professional services Total cost of revenue Total gross profit Operating expenses: Research and development Sales and marketing General and administrative Restructuring charges Total operating expenses Operating loss Interest income Interest expense Other expense, net Loss before income taxes Provision for (benefit from) income taxes Net loss attributable to common stockholders Year Ended December 31, 2018 2017* 2016* (In thousands) $ 687,382 143,568 $ 645,965 133,683 $ 584,885 121,110 830,950 779,648 705,995 188,301 84,174 190,786 80,861 192,659 78,424 272,475 271,647 271,083 558,475 508,001 434,912 254,142 380,962 105,773 — 243,273 379,278 125,549 — 279,594 437,519 139,791 27,630 740,877 748,100 884,534 (182,402) 16,033 (56,426) (14,804) (237,599) 5,524 (240,099) 9,323 (49,766) (10) (280,552) 4,632 (449,622) 6,582 (47,869) (3,247) (494,156) (8,721) $(243,123) $(285,184) $(485,435) * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. 64 Revenue: Product, subscription and support Professional services Total revenue Cost of revenue: Product, subscription and support Professional services Total cost of revenue Total gross profit Operating expenses: Research and development Sales and marketing General and administrative Restructuring charges Total operating expenses Operating loss Interest income Interest expense Other expense, net Loss before income taxes Provision for (benefit from) income taxes Net loss attributable to common stockholders Year Ended December 31, 2018 2017* 2016* (Percent of total revenue) 83% 17 83% 17 83% 17 100 100 100 23 10 33 67 31 46 13 — 89 (22) 2 (7) (2) (29) 1 25 10 35 65 31 49 16 — 96 (31) 1 (6) — (36) 1 27 11 38 62 40 62 20 4 126 (64) 1 (7) 0 (70) (1) (29)% (37)% (69)% * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. A n n u a l R e p o r t 65 Comparison of the Years Ended December 31, 2018 and 2017 Revenue Revenue: Year Ended December 31, 2018 2017* Change Amount % of Total Revenue Amount % of Total Revenue Amount % (Dollars in thousands) Product, subscription and support Professional Services $687,382 143,568 83% $645,965 133,683 17 83% $41,417 9,885 17 Total revenue $830,950 100% $779,648 100% $51,302 Product, subscription and services by type: Product and related subscription and support Cloud subscription and Managed services $498,992 188,390 60% $479,521 166,444 23 62% $19,471 21,946 21 Total Product, subscription and support $687,382 83% $645,965 83% $41,417 6% 7 7% 4% 13 6% Revenue by geographic region: United States EMEA APAC Other $523,150 135,736 122,516 49,548 63% $521,232 116,205 16 105,196 15 37,015 6 67% $ 1,918 — % 19,531 15 17,320 13 12,533 5 17 16 34 Total revenue $830,950 100% $779,648 100% $51,302 7% * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. Product, subscription and support revenue increased by $41.4 million, or 6%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The increase was comprised of product and related subscription and support revenue of $19.5 million and cloud subscription and managed services of $21.9 million. The increase in product and related subscription and support revenue was primarily due to an increase in the amortization of deferred revenue for subscription and support associated with prior period sales of our on-premise network, email and endpoint security solutions, as well as subscription and support renewals. The increase in cloud subscriptions and managed services reflected increased amortization of deferred revenue associated with sales of our threat intelligence subscriptions, our cloud-based email security, our Helix network operations platform, and our Managed Defense managed security service. We are experiencing a shift in customer buying patterns away from the deployment of security solutions on new appliance hardware in favor of virtual, cloud and hybrid security solutions. This has resulted in a continuing decline in our sales of appliance hardware for our network, email and endpoint security solutions. As a result, the amortization of deferred revenue associated with prior appliance sales exceeded additions to deferred revenue from new appliance sales, and the amount of deferred revenue associated with our appliances declined in 2018. We expect the decline in deferred revenue associated with appliance hardware will continue, which will result in reduced amortization of appliance revenue in future periods. This decline is offset by increased sales of our cloud subscriptions and managed services, as well as sales of our network, email and endpoint security subscriptions and renewals of prior subscription and support contracts. Given the expansion of our customer base, our new subscription pricing model for on-premise, and hybrid on-premise/cloud network, email and endpoint security, and our high retention rate for enterprise-class customers, we expect revenue from the amortization of deferred revenue associated with renewals of our network, email, and endpoint security solutions, our cloud subscriptions and our managed services to increase as a percentage of our total revenue. Our retention rate of enterprise-class customers with subscriptions expiring in the 12 months ended December 31, 2018 remained strong. 66 Professional services revenue increased by $9.9 million, or 7%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The increase is primarily driven by revenues from incident response services and an increase in billable hours due to more engagements and professional services personnel as compared to the same period in 2017. Our international revenue increased $49.4 million, or 19%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The increase reflects growth in sales from our international regions compared to prior periods as we expanded our international market presence, which resulted in an increase in revenue amortized from deferred revenue. Cost of Revenue and Gross Margin Cost of revenue: Product, subscription and support Professional services Total cost of revenue Gross margin: Product, subscription and support Professional services Total gross margin Year Ended December 31, 2018 2017* Change Amount Gross Margin Amount Gross Margin Amount % (Dollars in thousands) $188,301 84,174 $272,475 $190,786 80,861 $271,647 $(2,485) 3,313 (1)% 4 $ 828 — % 73% 41% 67% 70% 40% 65% * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. The cost of product, subscription and support revenue decreased $2.5 million, or 1%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The decrease in cost of product, subscription and support revenue was primarily the result of declining appliance hardware sales, partially offset by an increase in software licenses and network costs associated with increased subscription and support sales. The cost of professional services revenue increased $3.3 million, or 4%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The increase in cost of professional services revenue was primarily driven by a $5.9 million increase in personnel costs and a $1.3 million increase in travel costs due to higher headcount, partially offset by a $3.5 million decrease in depreciation as compared to the same period in 2017. A n n u a l R e p o r t Gross margin was higher for the year ended December 31, 2018 compared to the year ended December 31, 2017, due to increased gross margins for product, subscriptions and support and professional services. The increased product, subscription and services margin reflected a higher mix of higher margin subscriptions. The increase in professional services margin was primarily driven by higher billable utilization of our professional services personnel. 67 Operating Expenses Year Ended December 31, 2018 2017* Change Amount % of Total Revenue Amount % of Total Revenue Amount % (Dollars in thousands) Operating expenses: Research and development Sales and marketing General and administrative Total operating expenses Includes stock-based compensation expense of: Research and development Sales and marketing General and administrative Total $254,142 380,962 105,773 $740,877 $ 49,503 47,592 28,218 $125,313 31% $243,273 379,278 46 125,549 13 31% $ 10,869 1,684 49 (19,776) 16 4% 0 (16) 89% $748,100 96% $ (7,223) (1)% $ 56,720 46,766 30,194 $133,680 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. Research and Development Research and development expense increased $10.9 million, or 4%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The increase was primarily due to a $10.6 million increase in personnel costs for headcount increase, a $1.7 million increase in professional services costs, a $5.3 million increase in software and web hosting costs, and a $0.9 million increase in travel costs, partially offset by a decrease in stock-based compensation charges of $7.2 million. The increase in headcount was as a result of increased investment in research and development for future product and subscription offerings. Sales and Marketing Sales and marketing expense increased by $1.7 million, or 0.4%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The increase was primarily due to an increase in personnel costs of $4.7 million associated with increased headcount, an $0.8 million increase in stock-based compensation expense and a $4.7 million increase in marketing programs and associated travel costs, partially offset by a $6.2 million decrease in commission expense as a result of non-order related payouts in 2017, and a $2.7 million decrease in amortization of intangibles. General and Administrative General and administrative expense decreased $19.8 million, or 16%, during the year ended December 31, 2018 compared to the year ended December 31, 2017. The decrease was primarily due to a $14.0 million decrease in net legal settlement costs and related legal costs incurred in 2017, a $1.4 million decrease in consulting services primarily related to implementation of ASC 606 adoption, a $1.5 million decrease in professional services costs, a $1.8 million decrease in bad debt expense, and a $2.0 million decrease in stock- based compensation charges, partially offset by a $1.0 million increase in personnel costs due to increased headcount. 68 Interest Income Interest income Year Ended December 31, Change 2018 2017 Amount % $16,033 (Dollars in thousands) $9,323 $6,710 72% Interest income increased for the year ended December 31, 2018 compared to the year ended December 31, 2017, primarily due to an increase in interest rates resulting in a higher rate of return on our investments. Interest Expense Interest expense Year Ended December 31, Change 2018 2017 Amount % $56,426 (Dollars in thousands) $49,766 $6,660 13% Interest expense for the year ended December 31, 2018 increased compared to the year ended December 31, 2017 due to greater amortization of discount and issuance costs on our previously issued 2035 Notes and the issuance of the 2024 Notes during the year ended December 31, 2018. Other Expense, Net Other expense, net Year Ended December 31, Change 2018 2017 Amount % (Dollars in thousands) $14,804 $10 $14,794 147,940% The increase in other expense, net during the year ended December 31, 2018 compared to the year ended December 31, 2017 was primarily due to the loss on extinguishment of a portion of the 1.000% Convertible Senior Notes due 2035 (the “Series A Notes”) in the amount of $10.8 million and foreign currency transaction losses of $3.3 million during the year ended December 31, 2018. Provision for (Benefit from) Income Taxes Provision for (benefit from) income taxes Effective tax rate Year Ended December 31, 2018 2017 (Dollars in thousands) $4,632 $5,524 (2.3)% (1.6)% The provision for income taxes increased for the year ended December 31, 2018 compared to the year ended December 31, 2017. The increase in the provision was primarily due to an increase in estimated tax liability related to foreign operations. We continue to maintain a full valuation allowance on all of our U.S. deferred tax assets. The tax expense for the years ended December 31, 2018 and December 31, 2017 was primarily comprised of income taxes in foreign jurisdictions and withholding taxes. 69 A n n u a l R e p o r t Comparison of the Years Ended December 31, 2017 and 2016 Revenue Revenue: Year Ended December 31, 2017* 2016* Change Amount % of Total Revenue Amount % of Total Revenue Amount % (Dollars in thousands) Product, subscription and support Professional Services $645,965 133,683 83% $584,885 121,110 17 83% $61,080 17 12,573 10 10% Total revenue $779,648 100% $705,995 100% $73,653 10% Product, subscription and services by type: Product and related subscription and support Cloud subscription and Managed services $479,521 166,444 62% $437,238 147,647 21 62% $42,283 21 18,797 13 10% Total Product, subscription and support $645,965 83% $584,885 83% $61,080 10% Revenue by geographic region: United States EMEA APAC Other $521,232 116,205 105,196 37,015 67% $490,802 93,832 15 90,682 13 30,679 5 70% $30,430 22,373 13 14,514 13 6,336 4 6% 24 16 21 Total revenue $779,648 100% $705,995 100% $73,653 10% * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. Product, subscription and support revenue increased by $61.1 million, or 10%, during the year ended December 31, 2017 compared to the year ended December 31, 2016. The increase was comprised of a $42.3 million, or 10%, increase in product and related subscription and support revenue and an $18.8 million, or 13%, increase in cloud subscription and managed services. The increase in product and related subscription and support revenue was primarily due to an increase in the amortization of deferred revenue associated with prior period sales and renewals of our network, email, and endpoint security solutions, including appliance hardware. The increase in cloud subscription and managed services revenue was primarily due to the amortization of deferred revenue associated with growing sales of our cloud subscriptions, intelligence subscriptions, our cloud-based email security, and our Helix network operations platform. including threat Given our expanding customer base and high retention rate of enterprise-class customers, we expect revenue from the amortization of deferred revenue related to renewals to increase as a percentage of our total revenue. Our retention rate for enterprise class customers, expiring in the 12 months ended December 31, 2016 remained strong. Professional services revenue increased by $12.6 million, or 10%, during the year ended December 31, 2017 compared to the year ended December 31, 2016. The increase reflected growth in sales in our international regions in prior periods as we expanded our international market presence, which resulted in an increase in revenue amortized from deferred revenue. Our international revenue increased $43.2 million, or 20%, during the year ended December 31, 2017 compared to the year ended December 31, 2016, which reflected our increasing international market presence. 70 Cost of Revenue and Gross Margin Cost of revenue: Product, subscription and support Professional Services Total cost of revenue Gross margin: Product, subscription and support Professional Services Total gross margin Year Ended December 31, 2017* 2016* Change Amount Gross Margin Amount Gross Margin Amount % (Dollars in thousands) $190,786 80,861 $271,647 $192,659 78,424 $271,083 $(1,873) 2,437 (1)% 3 $ 564 — % 70% 40% 65% 67% 35% 62% * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. The cost of product, subscription and support revenue decreased $1.9 million, or 1%, during the year ended December 31, 2017 compared to the year ended December 31, 2016. The decrease in cost of product, subscription and support revenue was primarily driven by fewer product shipments and lower average product cost per unit, partially offset by greater inventory reserves. The cost of professional services revenue increased $2.4 million, or 3%, during the year ended December 31, 2017 compared to the year ended December 31, 2016. The increase in cost of professional services revenue was primarily due to a $1.9 million increase in professional services and consulting costs, and a $1.2 million increase in software and hosting costs, partially offset by a $0.7 million decrease in amortization of intangibles. Gross margin was higher for the year ended December 31, 2017 compared to the year ended December 31, 2016, due primarily to an increase in product, subscription and support and professional services revenue, while the total cost of revenue remained relatively constant as compared to the same period in 2016. Operating Expenses Year Ended December 31, 2017* 2016* Change Amount % of Total Revenue Amount % of Total Revenue Amount % (Dollars in thousands) Operating expenses: Research and development Sales and marketing General and administrative Restructuring charges Total operating expenses Includes stock-based compensation expense of: Research and development Sales and marketing General and administrative Restructuring charges Total $243,273 379,278 125,549 — $748,100 $ 56,720 46,766 30,194 — $133,680 31% $279,594 437,519 49 139,791 16 27,630 — (13)% 40% $ (36,321) (13) (58,241) 62 (14,242) 20 (10) (27,630) (100) 4 96% $884,534 126% $(136,434) (15)% $ 64,755 57,750 43,343 1,144 $166,992 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. 71 A n n u a l R e p o r t Research and Development Research and development expense decreased $36.3 million, or 13%, during the year ended December 31, 2017 compared to the year ended December 31, 2016. The decrease was primarily due to a $26.9 million net decrease in personnel costs, which included an $8.0 million decrease in stock-based compensation charges, as well as a $3.7 million reduction as a result of higher capitalized software development costs primarily related to our Helix offering, a $1.8 million decrease in allocated facility and IT costs, a $1.6 million decrease in telecommunications costs, a $1.3 million decrease in professional service vendor costs and a $1.2 million decrease in depreciation expense, partially offset by a $2.6 million increase in data hosting costs. The decreases were primarily driven by lower headcount and cost optimizations as a result of our 2016 restructuring activities. Sales and Marketing Sales expense decreased and marketing ended December 31, 2017 compared to the year ended December 31, 2016. The decrease was primarily due to a $34.6 million decrease in personnel costs, which included an $11.0 million decrease in stock-based compensation charges, a $8.9 million decrease in commissions, a $7.3 million decrease in allocated facility and IT costs, a $3.9 million decrease in marketing programs, a $3.9 million decrease in depreciation expense associated with demonstration units and a $3.5 million decrease in travel expense. The decreases were primarily driven by lower headcount and cost optimizations from our 2016 restructuring activities. $58.2 million, during 13%, year the or General and Administrative General and administrative expense decreased $14.2 million, or 10%, during the year ended December 31, 2017 compared to the year ended December 31, 2016. The decrease was primarily due to a $19.1 million decrease in personnel costs, which included a $13.1 million decrease in stock-based compensation charges, that was primarily driven by lower headcount and cost optimizations from our 2016 restructuring activities, a $2.5 million decrease due to a charge related to the change in fair value of the contingent earn-out liability recognized in fiscal 2016, and a $1.6 million decrease in professional service vendor costs due primarily to lower acquisition-related costs, partially offset by $12.5 million in net legal settlement costs. Restructuring Charges the year During of approximately $27.6 million, primarily related to a 10% reduction in our workforce, the consolidation of certain real estate facilities and impairment of certain assets under our August 2016 restructuring plan. We incurred no restructuring expenses during the year ended December 31, 2017. ended December restructuring 2016, we incurred charges 31, Interest Income Interest income Year Ended December 31, Change 2017 2016 Amount % (Dollars in thousands) $6,582 $2,741 $9,323 42% Interest income increased for the year ended December 31, 2017 compared to the year ended December 31, 2016, primarily due to higher rate of return on our investments. 72 Interest Expense Interest expense Year Ended December 31, Change 2017 2016 Amount % (Dollars in thousands) $47,869 $1,897 $49,766 4% Interest expense for the year ended December 31, 2017 increased compared to the year ended December 31, 2016 due to greater amortization of discount and issuance costs on our 2035 Notes. Other Expense, Net Other expense, net Year Ended December 31, Change 2017 $10 2016 Amount % (Dollars in thousands) $3,247 $(3,237) (100)% The decrease in other expense, net during the year ended December 31, 2017 compared to the year ended December 31, 2016 was primarily due to greater foreign currency transaction gains during the year ended December 31, 2017. Provision for (Benefit from) Income Taxes Provision for (benefit from) income taxes Effective tax rate Year Ended December 31, 2017 2016 (Dollars in thousands) $4,632 $(8,721) (1.6)% 1.8% We recorded a tax expense for the year ended December 31, 2017 compared to a tax benefit for the year ended December 31, 2016. The change to a tax expense in 2017 is primarily due to the reversal of a valuation allowance in connection with the acquisitions of iSIGHT and Invotas included in 2016, which was not included in 2017. We continue to maintain a full valuation allowance on all of our U.S. deferred tax assets. The tax expense for the year ended December 31, 2017 was primarily comprised of income taxes in foreign jurisdictions and withholding taxes. A n n u a l R e p o r t 73 Quarterly Results of Operations The following unaudited quarterly statements of operations data for each of the eight quarters in the period ended December 31, 2018 have been prepared on a basis consistent with our audited annual financial statements included in this Annual Report on Form 10-K and include, in our opinion, all normal recurring adjustments necessary for the fair presentation of the financial information contained in those statements. Our historical results are not necessarily indicative of the results that may be expected in the future. The following quarterly financial data should be read in conjunction with our audited financial statements and the related notes included in this Annual Report on Form 10-K. December 31, 2018 September 30, 2018 June 30, 2018 March 31, 2018 December 31, 2017* September 30, 2017* June 30, 2017* March 31, 2017* (Dollars in thousands) Three Months Ended $178,827 38,706 217,533 47,984 21,846 69,830 $175,653 35,998 $167,429 $165,473 33,597 35,267 $170,965 34,836 $163,174 34,192 $158,097 $153,729 31,030 33,625 211,651 202,696 199,070 205,801 197,366 191,722 184,759 46,752 20,682 67,434 46,136 21,146 67,282 47,429 20,500 67,929 48,289 20,751 69,040 48,438 20,628 69,066 47,636 20,158 67,794 46,423 19,324 65,747 147,703 144,217 135,414 131,141 136,761 128,300 123,928 119,012 Revenue: Product, subscription and support Professional Services Total revenue Cost of revenue: Product, subscription and support Professional Services Total cost of revenue Total gross profit Operating expenses: Research and development Sales and marketing General and administrative 62,251 97,218 24,935 62,120 92,297 26,241 63,575 94,196 26,179 66,196 97,251 28,418 Total operating expenses Operating loss Interest income Interest expense Other income (expense), net Loss before income taxes Provision for income taxes Net loss attributable to common 184,404 (36,701) 5,226 (15,128) (414) (47,017) 1,380 180,658 (36,441) 4,484 (14,976) (1,424) (48,357) 1,680 183,950 (48,536) 3,383 (13,605) (12,690) 191,865 (60,724) 2,940 (12,717) (276) (71,448) 1,411 (70,777) 1,053 59,858 95,772 40,306 195,936 (59,175) 2,655 (12,525) (122) (69,167) 1,247 64,316 92,105 29,823 60,747 92,413 27,805 58,352 98,988 27,615 186,244 (57,944) 2,468 (12,611) — (68,087) 1,127 180,965 (57,037) 2,168 (12,385) (120) 184,955 (65,943) 2,032 (12,245) 232 (67,374) 965 (75,924) 1,293 stockholders $ (48,397) $ (50,037) $ (72,859) $ (71,830) $ (70,414) $ (69,214) $ (68,339) $ (77,217) Net loss per share attributable to common stockholders, basic and diluted Weighted average shares used to compute net loss per share attributable to common stockholders, basic and diluted $ (0.25) $ (0.26) $ (0.38) $ (0.39) $ (0.39) $ (0.39) $ (0.39) $ (0.45) 194,593 192,359 189,696 186,456 182,281 179,732 176,645 172,236 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. 74 December 31, 2018 September 30, 2018 June 30, 2018 March 31, 2018 December 31, 2017* September 30, 2017* June 30, 2017* March 31, 2017* (Percent of total revenue) Three Months Ended 82% 18 100 22 10 32 68 29 45 11 85 (17) 2 (7) — (22) 1 83% 17 100 83% 17 83% 17 100 100 83% 17 100 83% 17 100 82% 18 83% 17 100 100 22 10 32 68 29 44 12 85 (17) 2 (7) (1) (23) 1 23 10 33 67 31 46 13 90 (23) 2 (7) (6) (34) 1 24 10 34 66 33 49 14 96 (30) 1 (6) — (35) 1 24 10 34 66 29 47 20 96 (30) 1 (6) — (35) 1 25 10 35 65 33 47 15 95 (30) 1 (6) — (35) 1 25 10 35 65 32 48 15 95 (30) 1 (6) — (35) 1 25 11 36 64 32 54 15 101 (37) 1 (7) — (43) 1 (23)% (24)% (35)% (36)% (36)% (36)% (36)% (44)% Revenue: Product, subscription and support Professional Services Total revenue Cost of revenue: Product, subscription and support Professional Services Total cost of revenue Total gross profit Operating expenses: Research and development Sales and marketing General and administrative Total operating expenses Operating loss Interest income Interest expense Other income (expense), net Loss before income taxes Provision for income taxes Net loss attributable to common stockholders * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. Quarterly Revenue Trends Our quarterly revenue increased year-over-year for all periods presented, which is primarily due to increased amortization of deferred revenue from prior period product, subscription and support sales. Sequentially, our subscription and services revenues continued to increase each quarter, other than the first quarter of 2018, when sales were slightly lower than the fourth quarter of 2017. This growth was due to increased amortization of deferred revenue from prior period product, subscription and support sales. We expect that revenue recognition under ASC 606 will generally result in lower quarterly volatility overall, as a larger percentage of our revenue will be recognized from deferred revenue over time. However, as customer buying patterns shift away from new appliance hardware purchases in favor of virtual, cloud and hybrid security solutions, we expect deferred revenue associated with new appliance (and new related subscriptions and support) to decline, which will reduce the amount of deferred revenue recognized from sales of new appliances and related subscriptions and support. We expect the decline in deferred revenue from new appliance sales (and the related subscriptions and support) to be offset by increases in deferred revenue from sales of new “all-inclusive” subscriptions to our network, email and endpoint security solutions (with or without appliance hardware), as well as from increases in sales of our cloud subscriptions and managed services. (See Note 1 contained in the “Notes to Consolidated Financial Statements” in Part II, Item 8 of this Annual Report on Form 10-K for impact of adoption of ASC 606). A n n u a l R e p o r t Quarterly Gross Margin Trends Consistent with our quarterly revenues, quarterly gross profit increased year-over-year for all periods presented. Total gross margin, or gross profit as a percentage of revenue increased or remained steady in each sequential quarter, largely due to the shift in sales mix in product and subscriptions and support. As our mix of sales continues to shift from appliances to subscriptions and support, we believe there will be less volatility in 75 our quarterly revenue trends due to the ratable nature of revenue recognition associated with our appliances as well as our subscription and support offerings, but we still expect fluctuations in our quarterly gross margins in the future. Quarterly Expense Trends Total operating expenses decreased sequentially each quarter in 2018 as employee-related payroll tax costs declined, with the exception of a slight increase in the fourth quarter of 2018 due to increased headcount and market development programs. Liquidity and Capital Resources Cash and cash equivalents Short-term investments Cash provided by (used in) operating activities Cash used in investing activities Cash provided by (used in) financing activities Net increase (decrease) in cash and cash equivalents As of December 31, 2018 2017 (In thousands) $409,829 $706,691 $180,891 $715,911 Year Ended December 31, 2018 2017 2016 $ 17,381 (48,517) 260,074 (In thousands) $ 17,640 (59,323) (1,093) $ (14,585) (189,696) 25,846 $228,938 $(42,776) $(178,435) As of December 31, 2018, our cash and cash equivalents of $409.8 million were held for working capital, capital expenditures, investment in technology, debt servicing and business acquisition purposes, of which approximately $66.0 million was held outside of the United States. We consider the undistributed earnings of our foreign subsidiaries as of December 31, 2018 to be indefinitely reinvested outside the United States on the basis of estimates that future domestic cash generation will be sufficient to meet future domestic cash needs and our plan for reinvestment of our foreign subsidiaries’ undistributed earnings. During the three months ended June 30, 2018, we issued $600.0 million aggregate principal amount of the 2024 Notes and received net proceeds of $584.4 million after deducting the initial purchasers’ discount and the issuance costs. In conjunction with the issuance of the 2024 Notes, we used approximately $65.2 million of the net proceeds to enter into the capped call transactions. In addition, we used approximately $330.4 million of the net proceeds to repurchase a portion of the principal amount outstanding of the Series A Notes. Refer to Note 9 contained in the “Notes to Consolidated Financial Statements” included in Part II, Item 8 of this Annual Report on Form 10-K for more information on the 2024 Notes, the capped call transactions and the Series A Notes. In January 2018, we acquired X15, a data management company. We paid cash consideration of $5.3 million and issued 1,016,334 shares of our common stock with an estimated fair value of $15.4 million. In October 2017, we acquired The Email Laundry, a privately-held email security company. We paid cash consideration of $4.3 million and issued 259,425 shares of our common stock with an estimated fair value of $4.4 million. Our principal sources of liquidity are existing cash and cash equivalents and short-term investments and cash inflow from operations, which we believe will be sufficient to meet our anticipated cash needs for at least the next 12 months. Our future capital requirements will depend on many factors, including our growth rate, the 76 timing and extent of spending to support development efforts, the efficiency of our marketing and sales activities, the introduction of new and enhanced product and service offerings, the cost of any future acquisitions of technology or businesses, and the continuing market acceptance of our products. In the event that additional financing is required from outside sources, we may not be able to raise such financing on terms acceptable to us or at all. If we are unable to raise additional capital when desired, our business, operating results and financial condition would be adversely affected. Operating Activities During the year ended December 31, 2018, our operating activities provided cash of $17.4 million. We incurred a net loss of $243.1 million, which included net non-cash expenses of $298.0 million, primarily consisting of stock-based compensation charges, depreciation and amortization expense, and loss on the repurchase of our Series A Notes. As required under ASU 2016-15, we classified $43.6 million of the $330.4 million Series A Notes cash repayment as an amount deemed repayment of Series A Notes accreted debt discount as a cash outflow for operating activities. Our net change in operating assets and liabilities used cash of $6.1 million, primarily related to an increase in deferred revenue of $24.7 million, an increase in accrued liabilities of $10.2 million due to accretion of interest on our Convertible Senior Notes, and an increase in accrued compensation due to accrual of payroll taxes, which was partially offset by an increase in prepaid expenses of $13.8 million due to prepayment of commissions, an increase in accounts receivable of $11.6 million due to increased sales, and a decrease in accounts payable of $8.2 million due to payment of liabilities. During the year ended December 31, 2017, our operating activities provided cash of $17.6 million. We incurred a net loss of $285.2 million, which included net non-cash expenses of $313.2 million, primarily consisting of stock-based compensation charges and depreciation and amortization expense. Our net change in operating assets and liabilities provided cash of $10.4 million, primarily related to reductions in deferred revenue of $17.6 million due to amortization, an increase in prepaid expenses of $5.4 million due to prepayment of commissions, which was partially offset by the use of cash sourced from an increase in accounts receivable of $14.4 million, resulting from growth in billings, an increase in other long-term liabilities for $14.7 million, resulting from additional deferred rent related to our new corporate headquarters building and an increase in accounts payables of $6.0 million. During the year ended December 31, 2016, our operating activities used cash of $14.6 million. We incurred a net loss of $485.4 million, which included net non-cash expenses of $354.4 million, primarily consisting of stock-based compensation charges and depreciation and amortization expense. Our net change in operating assets and liabilities provided cash of $116.5 million, primarily sourced from deferred revenue for $116.8 million, as a result of increases in sales of subscriptions and support and maintenance services, accounts receivable for $58.0 million, resulting from increased collection which benefited from restructuring of programs to incentivize early payment. The sources of cash were partially offset by use of cash related current liabilities of $62.6 million, which included the payment of $7.7 million for transaction costs incurred by iSIGHT and Invotas prior to acquisition. Investing Activities Cash used in investing activities during the year ended December 31, 2018 was $48.5 million, primarily for capital expenditures to purchase property and equipment and demonstration units of $50.8 million, net maturities of short-term investments of $7.3 million and cash used in the acquisition of X15. Cash used in investing activities year ended December 31, 2017 was $59.3 million, primarily for capital expenditures to purchase property and equipment and demonstration units, net purchases of short-term investments and cash used to acquire The Email Laundry. Cash used in investing activities during the year ended December 31, 2016 was $189.7 million, primarily for the acquisitions of iSIGHT and Invotas and, to a lesser extent, capital expenditures to purchase property and equipment and demonstration units, partially offset by net redemptions and sales of short-term investments. 77 A n n u a l R e p o r t Financing Activities During the year ended December 31, 2018, financing activities provided $260.1 million in cash, primarily from proceeds of $584.4 million received from the issuance of our 2024 Notes, $20.8 million from employee purchases of shares under our 2013 Employee Stock Purchase Plan (“ESPP”) and $6.9 million from exercises of employee stock options. These proceeds were partially offset by the $286.8 million cash outflow attributable to the aggregate principal of the Series A Notes repurchased and $65.2 million for the purchase of the privately negotiated capped calls that cap the dilutive effects related to our 2024 Notes if the stock price exceeds the conversion price of the 2024 Notes. During the year ended December 31, 2017, financing activities used $1.1 million in cash, primarily due to contingent liability payments related to the acquisition of iSIGHT in 2016, partially offset by proceeds from employee purchases of shares under our ESPP and exercises of stock options. During the year ended December 31, 2016, financing activities provided $25.8 million in cash, primarily due to proceeds from employee purchases of shares under our ESPP and exercises of stock options, partially offset by the repayment of debt assumed through acquisitions. Contractual Obligations and Commitments The following summarizes our contractual obligations and commitments as of December 31, 2018: Convertible Notes Operating leases Purchase obligations Contract manufacturer commitments Total Payments Due by Period Total Less Than 1 Year 1 - 3 Years 3 - 5 Years (In thousands) More Than 5 Years $1,236,663 118,932 12,998 8,604 $13,923 15,530 7,229 8,604 $145,877 31,301 5,769 — $474,238 24,692 — — $602,625 47,409 — — $1,377,197 $45,286 $182,947 $498,930 $650,034 Total future non-cancelable minimum rental payments under operating leases of $118.9 million shown in the table above have not been reduced by future minimum sublease rentals totaling $5.4 million. Total future payments related to our Convertible Notes of $1,236.7 million shown in the table above is composed of $119.8 million principal amount of Series A Notes, $460.0 million principal amount of Series B Notes, $600.0 million principal amount of 2024 Notes and future interest payments of $56.8 million. Although the 2035 Notes have a stated maturity of June 1, 2035, they have been reflected in the table above assuming repurchase on June 1, 2020 in the case of the Series A Notes and June 1, 2022 in the case of the Series B Notes (the first date holders have the right to require us to repurchase all or any portion of their Convertible Senior Notes) at 100% of the principal amount plus accrued and unpaid interest as of these dates. Due to the uncertainty with respect to the timing of future cash flows associated with our unrecognized tax benefits as of December 31, 2018, we are unable to make reasonably reliable estimates of the period of cash settlement with the respective taxing authorities. Therefore, approximately $1.8 million of unrecognized tax benefits classified as “Other long-term liabilities” in the accompanying consolidated balance sheets as of December 31, 2018, have been excluded from the contractual obligations table above. Off-Balance Sheet Arrangements As of December 31, 2018, we did not have any relationships with unconsolidated entities or financial partnerships, such as structured finance or special purpose entities, which were established for the purpose of facilitating off-balance sheet arrangements or other purposes. 78 Segment Information We have one primary business activity and operate in one reportable segment. Concentration For the years ended December 31, 2018, 2017 and 2016, one distributor represented 20%, 19% and 19%, respectively, and one reseller represented 15%, 13% and 12%, respectively, of our total revenue. Our agreements with the distributor and reseller were made in the ordinary course of our business and may be terminated with or without cause by either party with advance notice. Although we believe we would experience some short-term disruption in the distribution of our products and subscriptions and services if these agreements were terminated, we believe such termination would not have a long-term material adverse effect on our financial results and that alternative resellers and other channel partners exist to deliver our products to our end-customers. Critical Accounting Policies and Estimates Our consolidated financial statements have been prepared in accordance with U.S. generally accepted accounting principles. The preparation of these consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, expenses, and related disclosures. We base our estimates on historical experience and on various other assumptions that we believe are reasonable under the circumstances. We evaluate our estimates and assumptions on an ongoing basis. Actual results may differ from these estimates. To the extent that there are material differences between these estimates and our actual results, our future financial statements will be affected. The critical accounting policies requiring estimates, assumptions, and judgments that we believe have the most significant impact on our consolidated financial statements are described below. Revenue from Contracts with Customers Revenue is recognized when all of the following criteria are met: • • Identification of the contract, or contracts, with a customer - A contract with a customer exists when (i) we enter into an enforceable contract with a customer that defines each party’s rights regarding the goods or services to be transferred and identifies the payment terms related to these goods or services, (ii) the contract has commercial substance and the parties are committed to perform, and (iii) we determine that collection of substantially all consideration to which it will be entitled in exchange for goods or services that will be transferred is probable based on the customer’s intent and ability to pay the promised consideration. Identification of the performance obligations in the contract - Performance obligations promised in a contract are identified based on the goods or services that will be transferred to the customer that are both capable of being distinct, whereby the customer can benefit from the goods or service either on its own or together with other resources that are readily available from third parties or from us, and are distinct in the context of the contract, whereby the transfer of the goods or services is separately identifiable from other promises in the contract. To the extent a contract includes multiple promised goods or services, we apply judgment to determine whether promised goods or services are capable of being distinct and distinct in the context of the contract. If these criteria are not met the promised goods or services are accounted for as a combined performance obligation. • Determination of the transaction price - The transaction price is determined based on the consideration to which we will be entitled in exchange for transferring goods or services to the customer adjusted for estimated variable consideration, if any. We typically estimate the transaction price impact of discounts offered to the customers for early payments on receivables or rebates based on channel partner sales achievements. Constraints are applied when estimating variable considerations based on historical experience where applicable. 79 A n n u a l R e p o r t • Allocation of the transaction price to the performance obligations in the contract - If the contract contains a single performance obligation, the entire transaction price is allocated to the single performance obligation. Contracts that contain multiple performance obligations require an allocation of the transaction price to each performance obligation based on a relative standalone selling price (“SSP”) basis. Determination of SSP requires judgment. We determine standalone selling price taking into account available information such as historical selling prices of the performance obligation, geographic location, overall strategic pricing objective, market conditions and internally approved pricing guidelines related to the performance obligations. • Recognition of revenue when, or as, we satisfy performance obligations - We satisfy performance obligations either over time or at a point in time as discussed in further detail below. Revenue is recognized at or over the time the related performance obligation is satisfied by transferring a promised good or service to a customer. Nature of Products and Services We generate revenue from the sales of physical and virtual security appliances (products), software, subscriptions, support and maintenance and professional services, primarily through our indirect relationships with our partners or direct relationships with end customers through our direct sales force. We account for our performance obligations in accordance with ASC 606, and all related interpretations. Our security appliance deliverables include proprietary operating system software, which together with regular security intelligence updates and support and maintenance, deliver the essential functionality of our appliance-based security products. We combine these intelligence-dependent appliances and software licenses with the related intelligence subscription and support as a single performance obligation. As a result, we recognize revenue for this single performance obligation ratably over the contractual term. Contracts containing this single performance obligation typically contain a material right of renewal option. For contracts that contain a material right of renewal option, the allocated value of the performance obligation is recognized ratably over the period between the end of the initial contractual term and the end of the estimated useful life of the related appliance and license. Revenue from subscriptions to our cloud-based services, which allow customers to use our hosted security software over a contracted period without taking possession of the software, and managed services where we provide managed detection and response services for our customers, are recognized over the contractual term. We also have a small portion of our revenue from appliances and software that are not dependent on regular threat intelligence updates. Revenue from these appliances and the associated software is therefore recognized when ownership is transferred to our customers, typically upon shipment. Professional services, which include incident response, compromise assessments, and other security consulting services are offered on a time-and-materials basis or through fixed fee arrangements, and we recognize the associated revenue as the services are delivered. Stock-Based Compensation Compensation expense related to stock-based transactions, including employee and non-employee director stock options, is measured and recognized in the financial statements based on the fair value of the awards granted. The fair value of each option award is estimated on the grant date using the Black-Scholes option- pricing model and a single option award approach. The fair value of stock options granted to non-employees is remeasured as the stock options vest, and the resulting change in value, if any, is recognized in the statement of operations during the period the related services are rendered. Stock-based compensation expense is recognized over the requisite service periods of the awards, which is generally four years. 80 Our use of the Black-Scholes option-pricing model requires the input of highly subjective assumptions, including the fair value of the underlying common stock prior to our IPO in September 2013, the expected term of the option, the expected volatility of the price of our common stock, risk-free interest rates, and the expected dividend yield of our common stock. The assumptions used in our option-pricing model represent management’s best estimates. These estimates involve inherent uncertainties and the application of management’s judgment. If factors change and different assumptions are used, our stock-based compensation expense could be materially different in the future. These assumptions and estimates are as follows: • Fair Value of Common Stock. Because our common stock was not publicly traded until September 20, 2013, we were required to estimate the fair value of common stock for grants made prior to that date, as discussed in “Common Stock Valuations” below. • Risk-Free Interest Rate. We base the risk-free interest rate used in the Black-Scholes option-pricing model on the implied yield available on U.S. Treasury zero-coupon issues with a remaining term equivalent to that of the options for each option group. • Expected Term. The expected term represents the period that our stock-based awards are expected to be outstanding. We base the expected term assumption on our historical exercise behavior combined with estimates of the post-vesting holding period. • Volatility. We determine the price volatility factor based on the historical volatilities of our publicly traded peer group as we do not have a significant trading history for our common stock. Industry peers consist of several public companies in the technology industry that are similar to us in size, stage of life cycle, and financial leverage. We used the same set of peer group companies in all the relevant valuation estimates. We did not rely on implied volatilities of traded options in our industry peers’ common stock because the volume of activity was relatively low. We intend to continue to consistently apply this process using the same or similar public companies until a sufficient amount of historical information regarding the volatility of our own common stock share price becomes available, or unless circumstances change such that the identified companies are no longer similar to us, in which case, more suitable companies whose share prices are publicly available would be utilized in the calculation. • Dividend Yield. The expected dividend assumption is based on our current expectations about our anticipated dividend policy. Consequently, we used an expected dividend yield of zero. In addition to the assumptions used in the Black-Scholes option-pricing model, we also estimated a forfeiture rate to calculate the stock-based compensation expense for our awards prior to January 1, 2016. Beginning January 1, 2016, we began recognizing forfeitures as they occur with the adoption of ASU 2016-09. We estimate the fair value of the rights to acquire stock under our ESPP using the Black-Scholes option pricing formula. Our ESPP typically provides for consecutive twelve-month offering periods and we use our peer group volatility data in the valuation of ESPP shares. We recognize such compensation expense on a straight-line basis over the requisite service period. We account for the fair value of restricted stock units (“RSUs”) using the closing market price of our common stock on the date of grant. For new-hire grants, RSUs generally vest ratably on an annual basis over four years. For annual refresh grants, RSUs generally vest ratably on an annual, or combination of annual and quarterly, basis over two to four years. We account for the fair value of performance stock units (“PSUs”) using the closing market price of our common stock on the date of grant. We begin recognizing compensation expense when we conclude that it is probable that the performance conditions will be achieved. We reassess the probability of vesting at each reporting period and adjust our compensation cost based on this probability assessment. We will continue to use judgment in evaluating the assumptions related to our stock-based compensation on a prospective basis. As we continue to accumulate additional data related to our common stock, we may have refinements to our estimates which could materially impact our future stock-based compensation expense. 81 A n n u a l R e p o r t Income Taxes We account for income taxes using the asset and liability method, which requires the recognition of deferred tax assets and liabilities for the expected future tax consequences of events that have been recognized in our financial statements or tax returns. In addition, deferred tax assets are recorded for the future benefit of utilizing net operating losses and research and development credit carryforwards. Valuation allowances are provided when necessary to reduce deferred tax assets to the amount expected to be realized. On December 22, 2017, the U.S. government enacted the Tax Cuts and Jobs Act of 2017 (the “Tax Act”). The Tax Act makes broad and complex changes to the U.S. tax code. The changes include, but are not limited to, reducing the U.S. federal corporate tax rate from 35% to 21%, imposing a mandatory one-time transition tax on certain unrepatriated earnings of foreign subsidiaries, introducing bonus depreciation that will allow for full expensing of qualified property, eliminating the corporate alternative minimum tax (“AMT”) and changing how existing AMT credits can be realized. We have elected to account for Global Intangible Low-Taxed Income (“GILTI”) under the Tax Act as period costs when incurred. The SEC staff issued Staff Accounting Bulletin No. 118 (“SAB 118”) which provides for a measurement period of up to one year after the enactment date of the Tax Act to finalize the related income tax impacts. In accordance with SAB 118, we provided our best estimate of the impact of the Tax Act in the period ended December 31, 2017. We remeasured our existing net U.S. deferred tax assets using the enacted tax rate and other known significant changes to the tax code. This remeasurement resulted in a total decrease in these assets by $71.7 million which was fully offset by the decrease in valuation allowance. In addition, we recorded a $0.3 million tax benefit related to the release of valuation allowance on AMT credit carryovers because under the Tax Act, existing AMT credits are refundable from 2018 through 2021. As of December 31, 2018, we have completed the accounting for the Tax Act within the measurement period. Our current period adjustments related to the estimated items were immaterial. We apply the authoritative accounting guidance prescribing a threshold and measurement attribute for the financial recognition and measurement of a tax position taken or expected to be taken in a tax return. We recognize liabilities for uncertain tax positions based on a two-step process. The first step is to evaluate the tax position for recognition by determining if the weight of available evidence indicates that it is more likely than not that the position will be sustained on audit, including resolution of related appeals or litigation processes, if any. The second step requires us to estimate and measure the tax benefit as the largest amount that is more than 50% likely to be realized upon ultimate settlement. Significant judgment is required in evaluating our uncertain tax positions and determining our provision for income taxes. Although we believe our reserves are reasonable, no assurance can be given that the final tax outcome of these matters will not be different from that which is reflected in our historical income tax provisions and accruals. We adjust these reserves in light of changing facts and circumstances, such as the closing of a tax audit or the refinement of an estimate. To the extent that the final tax outcome of these matters is different than the amounts recorded, such differences may impact the provision for income taxes in the period in which such determination is made. Significant judgment is also required in determining any valuation allowance recorded against deferred tax assets. In assessing the need for a valuation allowance, we consider all available evidence, including scheduled reversal of deferred tax liabilities, past operating results, the feasibility of tax planning strategies and estimates of future taxable income. Estimates of future taxable income are based on assumptions that are consistent with our plans. Assumptions represent management’s best estimates and involve inherent uncertainties and the application of management’s judgment. Should actual amounts differ from our estimates, the amount of our tax expense and liabilities could be materially impacted. We do not provide for a U.S. income tax liability and foreign withholding taxes on undistributed foreign earnings of our foreign subsidiaries as a result of cumulative and current overall foreign loss. The earnings of non-U.S. subsidiaries are currently expected to be indefinitely reinvested in non-U.S. operations. 82 Contract Manufacturer Liabilities We outsource most of our manufacturing, repair, and supply chain management operations to our independent contract manufacturers and payments to them are a significant portion of our product, subscription and support cost of revenue. Although we could be contractually obligated to purchase manufactured products, we generally do not own the manufactured products. Product title transfers from our independent contract manufacturers to us and immediately to our partners upon shipment. Our independent contract manufacturers assemble our products using design specifications, quality assurance programs, and standards that we establish, and they procure components and assemble our products based on our demand forecasts. These forecasts represent our estimates of future demand for our products based upon historical trends and analysis from our sales and product management functions as adjusted for overall market conditions. If the actual component usage and product demand are significantly lower than forecast, we accrue for costs for contractual manufacturing commitments in excess of our forecasted demand, including costs for excess components or for carrying costs incurred by our contract manufacturers. To date, we have not incurred nor accrued any significant costs associated with this exposure. Loss Contingencies We are subject to the possibility of various loss contingencies arising in the ordinary course of business. We consider the likelihood of loss or impairment of an asset, or the incurrence of a liability, as well as our ability to reasonably estimate the amount of loss, in determining loss contingencies. An estimated loss contingency is accrued when it is probable that an asset has been impaired, or a liability has been incurred and the amount of loss can be reasonably estimated. If we determine that a loss is possible, and the range of the loss can be reasonably determined, then we disclose the range of the possible loss. We regularly evaluate current information available to us to determine whether an accrual is required, an accrual should be adjusted, or a range of possible loss should be disclosed. Warranties We generally provide a one-year warranty on hardware. We do not accrue for potential warranty claims as a component of cost of product, subscription and support revenue as all product warranty claims are satisfied under our support and maintenance contracts. Goodwill Goodwill is the excess of the aggregate purchase price paid over the fair value of the net tangible and identifiable intangible assets acquired. Goodwill is not amortized and is tested for impairment at least annually or whenever events or changes in circumstances indicate that the carrying value may not be recoverable. We have determined that we operate as one reporting unit and have selected December 1 as the date to perform our annual impairment test. In the valuation of our goodwill, we must make assumptions regarding estimated future cash flows to be derived from our business. If these estimates or their related assumptions change in the future, we may be required to record impairment for these assets. The first step of the impairment test involves comparing the fair value of the reporting unit to its net book value, including goodwill. If the net book value exceeds its fair value, then we would perform the second step of the goodwill impairment test to determine the amount of the impairment loss. The impairment loss would be calculated by comparing implied fair value of goodwill to its net book value. In calculating our implied fair value of goodwill, our fair value would be allocated to all of the other assets and liabilities based on their fair values. The excess of our fair value over the amount assigned to our other assets and liabilities is the implied fair value of goodwill. An impairment loss would be recognized when the carrying amount of goodwill exceeds its implied fair value. There was no impairment of goodwill recorded for the years ended December 31, 2018, 2017 or 2016, and our reporting unit was not at risk of failing the first step of the impairment test for any of these periods. 83 A n n u a l R e p o r t Business Combinations We account for all of our acquisitions using the acquisition method of accounting for business combinations. The fair value of purchase consideration is allocated to the tangible assets acquired, liabilities assumed, and intangible assets acquired, based on their estimated fair values. The excess of the fair value of purchase consideration over the values of these identifiable assets and liabilities is recorded as goodwill. When determining the fair value of assets acquired and liabilities assumed, management makes significant estimates and assumptions, especially with respect to identifiable intangible assets. Significant assumptions in valuing certain identifiable intangible assets include, but are not limited to, expected long-term market growth, customer retention, future expected operating expenses, costs of capital, and appropriate discount rates. Management’s estimates of fair value are based upon assumptions believed to be reasonable, but which are inherently uncertain and unpredictable and, as a result, actual results may differ from estimates. Recent Accounting Pronouncements See Note 1 Description of Business and Summary of Significant Accounting Policies contained in the “Notes to Consolidated Financial Statements” in Part II, Item 8 of this Annual Report on Form 10-K for a full description of the recent accounting pronouncements and our expectation of their impact, if any, on our results of operations and financial conditions. Item 7A. Quantitative and Qualitative Disclosures About Market Risk Foreign Currency Exchange Risk Our sales contracts are primarily denominated in U.S. dollars. A portion of our operating expenses are incurred outside the United States and are denominated in foreign currencies and are subject to fluctuations due to changes in foreign currency exchange rates, particularly changes in the Indian Rupee, British Pound Sterling, Japanese Yen and Euro. Additionally, fluctuations in foreign currency exchange rates may cause us to recognize transaction gains and losses in our statement of operations. On June 23, 2016, the United Kingdom (“U.K.”) held a referendum in which British voters approved an exit from the European Union (“EU”), commonly referred to as “Brexit.” This resulted in an adverse impact to currency exchange rates, notably the British Pound Sterling which experienced a sharp decline in value compared to the U.S. dollar and other currencies. Continued volatility in currency exchange rates is expected as the U.K. negotiates its exit from the EU, which could result in greater transaction gains or losses in our statement of operations. The effect of a hypothetical 10% adverse change in foreign exchange rates on monetary assets and liabilities at December 31, 2018 would not be material to our financial condition or results of operations. To date, foreign currency transaction gains and losses and exchange rate fluctuations have not been material to our financial statements, and we have not engaged in any foreign currency hedging transactions. As our international operations continue to grow, our risks associated with fluctuations in currency rates will become greater, and we will continue to reassess our approach to managing this risk. In addition, currency fluctuations or a weakening U.S. dollar can increase the costs of our international expansion, and a strengthening U.S. dollar could slow international demand as products and services priced in U.S. dollars become more expensive. Interest Rate Risk We had cash and cash equivalents and investments of $1,116.5 million and $896.8 million as of December 31, 2018 and 2017, respectively, consisting of bank deposits, money market funds, certificates of deposit, commercial paper and bonds issued by corporate institutions, U.S. Treasury notes and U.S. government agencies. Such interest-earning instruments carry a degree of interest rate risk, but the risk is limited due to our investment policies which limit the duration of our short term investments. To date, fluctuations in interest income have not been significant. 84 We do not enter into investments for trading or speculative purposes and have not used any derivative financial instruments to manage our interest rate risk exposure. We have not been exposed to, nor do we anticipate being exposed to, material risks due to changes in interest rates. Our cash flow exposure due to changes in interest rates related to our debt is limited as our Series A Notes, Series B Notes and 2024 Notes have fixed interest rates of 1.000%, 1.625% and 0.875%, respectively. The fair value of the Convertible Notes may increase or decrease for various reasons, including fluctuations in the market price of our common stock, fluctuations in market interest rates and fluctuations in general economic conditions. Based upon the quoted market price as of December 31, 2018, the fair value of our Convertible Notes was approximately $1.1 billion. A hypothetical 10% change in interest rates during any of the periods presented would not have had a material impact on our financial statements. A n n u a l R e p o r t 85 Item 8. Financial Statements and Supplementary Data INDEX TO CONSOLIDATED FINANCIAL STATEMENTS Report of Independent Registered Public Accounting Firm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Consolidated Balance Sheets as of December 31, 2018 and 2017 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Consolidated Statements of Operations for the years ended December 31, 2018, 2017 and 2016 . . . . . Consolidated Statements of Comprehensive Loss for the years ended December 31, 2018, 2017 and Page 87 88 89 2016 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Consolidated Statements of Stockholders’ Equity for the years ended December 31, 2018, 2017 and 2016 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Consolidated Statements of Cash Flows for the years ended December 31, 2018, 2017 and 2016 . . . . . Notes to Consolidated Financial Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 92 93 Certain supplementary financial information required by this Item 8 is included in Part II, Item 7 of this Annual Report on Form 10-K under the caption “Quarterly Results of Operations.” 86 REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM To the Stockholders and the Board of Directors of FireEye, Inc. Opinion on the Financial Statements We have audited the accompanying consolidated balance sheets of FireEye, Inc. and subsidiaries (the the related consolidated statements of operations, “Company”) as of December 31, 2018 and 2017, comprehensive loss, stockholders’ equity, and cash flows, for each of the three years in the period ended December 31, 2018, and the related notes and the schedule listed in the Index at Item 15 (collectively referred to as the “financial statements”). In our opinion, the financial statements present fairly, in all material respects, the financial position of the Company as of December 31, 2018 and 2017, and the results of its operations and its cash flows for each of the three years in the period ended December 31, 2018, in conformity with accounting principles generally accepted in the United States of America. We have also audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States) (PCAOB), the Company’s internal control over financial reporting as of December 31, 2018, based on criteria established in Internal Control-Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission and our report dated February 22, 2019, expressed an unqualified opinion on the Company’s internal control over financial reporting. Change in Accounting Principle As discussed in Note 1 to the financial statements, the Company has changed its method of accounting for revenue in fiscal year 2018 due to the adoption of Accounting Standards Codification Topic 606, Revenue from Contracts with Customers, and all subsequent amendments (collectively, “ASC 606”). The Company adopted ASC 606 using the full retrospective approach. Basis for Opinion These financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on the Company’s financial statements based on our audits. We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB. We conducted our audits in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether due to error or fraud. Our audits included performing procedures to assess the risks of material misstatement of the financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the financial statements. Our audits also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the financial statements. We believe that our audits provide a reasonable basis for our opinion. A n n u a l R e p o r t /s/ DELOITTE & TOUCHE LLP San Jose, California February 22, 2019 We have served as the Company’s auditor since 2010. 87 FIREEYE, INC. Consolidated Balance Sheets (In thousands, except per share data) ASSETS Current assets: Cash and cash equivalents Short-term investments Accounts receivable, net of allowance for doubtful accounts of $2,525 and $2,503 at December 31, 2018 and 2017, respectively Inventories Prepaid expenses and other current assets Total current assets Property and equipment, net Goodwill Intangible assets, net Deposits and other long-term assets TOTAL ASSETS LIABILITIES AND STOCKHOLDERS’ EQUITY CURRENT LIABILITIES: Accounts payable Accrued and other current liabilities Accrued compensation Deferred revenue, current portion Total current liabilities Convertible senior notes, net Deferred revenue, non-current portion Other long-term liabilities Total liabilities Commitments and contingencies (NOTE 10) Stockholders’ equity: As of December 31, 2018 2017* $ 409,829 706,691 $ 180,891 715,911 157,817 6,548 100,295 1,381,180 89,163 999,804 143,162 82,769 146,317 5,746 93,799 1,142,664 71,357 984,661 187,388 72,767 $ 2,696,078 $ 2,458,837 $ $ 26,944 29,797 63,808 556,815 677,364 962,577 378,013 27,730 35,684 19,569 59,588 546,615 661,456 779,578 363,485 22,102 2,045,684 1,826,621 Common stock, par value of $0.0001 per share; 1,000,000 shares authorized, 199,612 shares and 187,105 shares issued and outstanding as of December 31, 2018 and 2017, respectively Additional paid-in capital Treasury stock, at cost; 3,333 shares as of December 31, 2018 and 2017 Accumulated other comprehensive loss Accumulated deficit Total stockholders’ equity TOTAL LIABILITIES AND STOCKHOLDERS’ EQUITY 20 3,152,159 (150,000) (2,299) (2,349,486) 19 2,891,441 (150,000) (2,881) (2,106,363) 650,394 632,216 $ 2,696,078 $ 2,458,837 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. See accompanying notes to consolidated financial statements. 88 FIREEYE, INC. Consolidated Statements of Operations (In thousands, except per share data) Revenue: Product, subscription and support Professional services Total revenue Cost of revenue: Product, subscription and support Professional services Total cost of revenue Total gross profit Operating expenses: Research and development Sales and marketing General and administrative Restructuring charges Total operating expenses Operating loss Interest income Interest expense Other expense, net Loss before income taxes Provision for (benefit from) income taxes Net loss attributable to common stockholders Year Ended December 31, 2018 2017* 2016* $ 687,382 143,568 $ 645,965 133,683 $ 584,885 121,110 830,950 779,648 705,995 188,301 84,174 190,786 80,861 192,659 78,424 272,475 271,647 271,083 558,475 508,001 434,912 254,142 380,962 105,773 — 243,273 379,278 125,549 — 279,594 437,519 139,791 27,630 740,877 748,100 884,534 (182,402) 16,033 (56,426) (14,804) (237,599) 5,524 (240,099) 9,323 (49,766) (10) (280,552) 4,632 (449,622) 6,582 (47,869) (3,247) (494,156) (8,721) $(243,123) $(285,184) $(485,435) Net loss per share attributable to common stockholders, basic and diluted $ (1.27) $ (1.60) $ (2.97) Weighted average shares used in computing net loss per share attributable to common stockholders, basic and diluted 190,803 177,757 163,211 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. A n n u a l R e p o r t See accompanying notes to consolidated financial statements. 89 FIREEYE, INC. Consolidated Statements of Comprehensive Loss (In thousands) Net loss Change in net unrealized gains (losses) on available-for-sale investments, net of tax Comprehensive loss Year Ended December 31, 2018 2017* 2016* $(243,123) $(285,184) $(485,435) 582 (1,139) 483 $(242,541) $(286,323) $(484,952) * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See accompanying notes to consolidated financial statements. 90 FIREEYE, INC. Consolidated Statement of Stockholders’ Equity (In thousands) Balance at January 1, 2016 Issuance of common stock for equity awards, net of repurchases and tax withholdings Issuance of common stock related to employee stock purchase plan Issuance of common stock related to iSIGHT Security, Inc. acquisition Issuance of common stock related to Invotas International Corporation acquisition Vesting of early exercise of equity awards Stock-based compensation Unrealized gain on investments Cumulative-effect adjustment for adoption of ASU 2016-09 Net loss* Balance at December 31, 2016 Issuance of common stock for equity awards, net of repurchases and tax withholdings Issuance of common stock related to employee stock purchase plan Issuance of common stock related to Clean Communications Limited acquisition Stock-based compensation Unrealized loss on investments Net loss* Balance at December 31, 2017 Issuance of common stock for equity awards, net of repurchases and tax withholdings Issuance of common stock related to employee stock purchase plan Issuance of common stock related to X15 acquisition Stock-based compensation Unrealized gain on investments Purchase of capped calls Equity component of issuance of 2024 Notes, net Equity component of partial repurchase of Series A Notes, net Net loss Common Stock Shares Amount Additional Paid-In Capital Treasury Stock Accumulated Other Comprehensive Loss Accumulated Deficit** Total Stockholders’ Equity** 161,643 16 2,403,088 (150,000) (2,225) (1,332,308) 918,571 8,438 1 12,720 1,980 — 22,080 1,793 — 29,900 742 — — — — — — — — — — — 11,100 1,519 199,066 — 3,436 — — — — — — — — — — — — — — — — 483 — — — — — — — — — 12,721 22,080 29,900 11,100 1,519 199,066 483 (3,436) (485,435) — (485,435) 174,596 17 2,682,909 (150,000) (1,742) (1,821,179) 710,005 10,513 2 17,741 1,737 — 20,094 259 — — — — — — — 4,361 166,336 — — — — — — — — 187,105 19 2,891,441 (150,000) — — — — (1,139) — (2,881) — — — — — (285,184) 17,743 20,094 4,361 166,336 (1,139) (285,184) (2,106,363) 632,216 9,774 1 6,888 1,717 — 20,816 1,016 — — — — — — — 15,387 157,795 — (65,220) — — 138,064 — — — — (13,012) — — — — — — — — — — — — — — 582 — — — — — — — — — — — — (243,123) 6,889 20,816 15,387 157,795 582 (65,220) 138,064 (13,012) (243,123) Balance at December 31, 2018 199,612 $ 20 $3,152,159 $(150,000) $(2,299) $(2,349,486) $ 650,394 Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. * ** The cumulative-effect of adjustment to Accumulated deficit and Total Stockholders Equity related to the adoption of ASC 606 as of January 1, 2016 was $125.8 million. See accompanying notes to the consolidated financial statements. 91 A n n u a l R e p o r t FIREEYE, INC. Consolidated Statements of Cash Flows (In thousands) CASH FLOWS FROM OPERATING ACTIVITIES: Net loss Adjustments to reconcile net loss to net cash provided by (used in) operating activities: Depreciation and amortization Stock-based compensation Non-cash interest expense related to convertible senior notes Loss on repurchase of convertible senior notes Deemed repayment of convertible senior notes attributable to accreted debt discount Change in fair value of contingent earn-out liability Deferred income taxes Other Changes in operating assets and liabilities, net of business acquisitions: Accounts receivable Inventories Prepaid expenses and other assets Accounts payable Accrued liabilities Accrued transaction costs of acquiree Accrued compensation Deferred revenue Other long-term liabilities Net cash provided by (used in) operating activities CASH FLOWS FROM INVESTING ACTIVITIES: Purchases of property and equipment and demonstration units Purchases of short-term investments Proceeds from maturities of short-term investments Proceeds from sales of short-term investments Business acquisitions, net of cash acquired Purchase of investment in private company Lease deposits Net cash used in investing activities CASH FLOWS FROM FINANCING ACTIVITIES: Net proceeds from issuance of convertible senior notes Purchase of capped calls Repurchase of convertible senior notes Repayment of debt of acquired business Payments for contingent earn-outs Payment related to shares withheld for taxes Proceeds from employee stock purchase plan Proceeds from exercise of equity awards Net cash provided by (used in) financing activities Net change in cash and cash equivalents Cash and cash equivalents, beginning of period Cash and cash equivalents, end of period SUPPLEMENTAL DISCLOSURES OF CASH FLOW INFORMATION: Cash paid for income taxes Cash paid for interest SUPPLEMENTAL DISCLOSURES OF NON-CASH INVESTING AND FINANCING ACTIVITIES: Common stock issued in connection with acquisitions Contingent earn-out in connection with acquisitions Purchases of property and equipment and demonstration units in accounts payable and accrued liabilities Year Ended December 31, 2018 2017* 2016* $(243,123) $(285,184) $(485,435) 86,505 153,675 43,273 10,764 (43,575) — (930) 4,715 (11,605) (5,216) (13,779) (8,205) 10,234 — 4,220 24,728 5,700 17,381 103,417 166,336 37,598 — — (54) (1,287) 7,170 (14,434) (3,333) 5,365 6,040 (3,659) — 2,565 (17,649) 14,749 17,640 119,267 199,066 35,782 — — 2,356 (11,926) 9,836 57,968 1,415 7,106 (19,093) (11,154) (7,727) (24,621) 116,792 (4,217) (14,585) (50,831) (479,862) 487,141 — (5,240) — 275 (43,779) (409,358) 397,483 3,620 (4,300) (2,500) (489) (36,314) (507,073) 554,358 4,507 (204,926) — (248) (48,517) (59,323) (189,696) 584,405 (65,220) (286,817) — — — 20,816 6,890 260,074 228,938 180,891 — — — — (38,928) (1,408) 20,094 19,149 (1,093) — — — (8,842) (112) (1,124) 22,080 13,844 25,846 (42,776) 223,667 (178,435) 402,102 $ 409,829 $ 180,891 $ 223,667 $ 4,780 $ 13,035 $ 5,360 $ 12,075 $ 5,209 $ 12,098 $ 15,387 $ $ — $ 4,361 $ 41,000 — $ 39,088 $ 12,818 $ 13,353 $ 4,035 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. See accompanying notes to consolidated financial statements. 92 FIREEYE, INC. Notes to Consolidated Financial Statements 1. Description of Business and Summary of Significant Accounting Policies Description of Business FireEye, Inc., with principal executive offices located in Milpitas, California, was incorporated as NetForts, Inc. on February 18, 2004, under the laws of the State of Delaware, and changed its name to FireEye, Inc. on September 7, 2005. FireEye, Inc. and its wholly owned subsidiaries (collectively, the “Company”, “we”, “us” or “our”) provide comprehensive intelligence-based cybersecurity solutions that allow organizations to prepare for, prevent, investigate, respond to and remediate cyber attacks. Our portfolio of cyber security products and services is designed to minimize the risk of costly cyber security breaches by detecting and preventing advanced, targeted and other evasive attacks, as well as enabling more efficient management of security operations, including alert management, investigation and response when a breach occurs. We accomplish this through the integration of our core competitive advantages in products and services that adapt to changes in the threat environment through a cycle of intelligence-driven innovation. Our core competitive advantages include: • Our technologies, including our machine-learning, behavioral-based, and rules-based threat detection, analysis and correlation technologies, combined with our proprietary Multi-vector Virtual Execution (“MVX”) engine; • Our intelligence on threats and threat actors, based on the continuous flow of machine-, attacker- and victim-based attack data from our global network of threat sensors and virtual machines, as well as intelligence gathered by our security analysts, consultants and incident responders; and • Our accumulated security expertise derived from responding to thousands of significant breaches over the past decade. Our threat detection and prevention products encompass appliance-based, virtual and cloud solutions for web security, email security and endpoint security. These products are complemented by our cloud-based threat intelligence, security analytics and security automation and orchestration technologies, as well as our managed security services, cybersecurity consulting and incident response offerings. In combination, our solutions and services enable a proactive approach to cybersecurity that extends across the threat management lifecycle to minimize the risk of costly cybersecurity breaches. We have organized our cybersecurity solutions in a hub and spokes model designed to integrate machine- generated threat data from our detection and prevention products with our analytics, response and orchestration technologies delivered through our Helix cybersecurity operations platform. Helix is designed to enable more efficient security operations by correlating security and event data across an organization’s environment to determine which threats present the greatest risk, automating repetitive security processes, and providing tools and workflows to investigate and respond to attacks. The Helix cloud-based interface presents a unified view of an organization’s attack surface, including on-premise and cloud environments, and provides the contextual threat intelligence and threat management tools to enable a rapid response. In the three months ended June 30, 2018, we issued $600 million aggregate principal amount of 0.875% Convertible Senior Notes due 2024 (the “2024 Notes”), to qualified institutional purchasers pursuant to an exemption from registration provided by Section 4(a)(2) and Rule 144A under the Securities Act of 1933, as amended (the “Securities Act”). We recognized total net proceeds after the initial purchasers’ discount and issuance costs of $584.4 million. In connection with the issuance of the 2024 Notes, we also entered into capped call transactions (the “Capped Calls”) with certain parties affiliated with the initial purchasers of the 2024 Notes. We paid approximately $65.2 million for the Capped Calls, which have an initial in a private placement 93 A n n u a l R e p o r t strike price of $23.17 per share, which corresponds to the initial conversion price of the 2024 Notes. The Capped Calls have an initial cap price of $34.32 per share subject to certain adjustments as set forth in the confirmations for the Capped Calls. In May 2018, in a separate transaction, we repurchased $340.2 million aggregate principal of existing 1.000% Convertible Senior Notes due 2035 (the “Series A Notes”). We used $330.4 million of the net proceeds from the 2024 Notes offering to repurchase such portion of the Series A Notes. In January 2018, we completed the acquisition of privately-held X15 Software, Inc. (“X15”), a data management company. As consideration for the acquisition, we paid cash consideration of $5.3 million and issued 1,016,334 shares of our common stock with an estimated fair value of $15.4 million. In October 2017, we acquired Clean Communications Limited (d/b/a The Email Laundry) (“The Email Laundry”), a privately-held email security company. We paid cash consideration of $4.3 million and issued 259,425 shares of our common stock with an estimated fair value of $4.4 million. The majority of our products, subscriptions and services are sold to end-customers through distributors, resellers, and strategic partners, with a lesser percentage of sales directly to our end-customers. Basis of Presentation and Consolidation The consolidated financial statements include the accounts of FireEye, Inc. and its wholly owned subsidiaries and have been prepared in accordance with accounting principles generally accepted in the United States of America (“U.S. GAAP”). All intercompany balances and transactions have been eliminated in consolidation. The Company adopted Accounting Standards Update (“ASU”) 2014-09, Revenue from Contracts with Customers (Topic 606) (“ASC 606”), effective January 1, 2018 using the full retrospective method. Upon adoption, we recognized an increase of $125.8 million in accumulated deficit on January 1, 2016 and all prior period amounts impacted by the adoption have been updated. Amounts and disclosures set forth in this Annual Report on Form 10-K comply with ASC 606. Use of Estimates The preparation of consolidated financial statements in conformity with U.S. GAAP requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the financial statements and the reported amounts of revenue and expenses during the reporting period. Such management estimates include, but are not limited to, determining the nature and timing of satisfaction of performance obligations, useful life of our security appliances that are dependent on intelligence and assessing the material rights associated with it, determining the standalone selling price (“SSP”) of performance obligations, subscriptions and services, commissions expense including the period of benefit of customer acquisition cost, bonus expense, future taxable income, contract manufacturer liabilities, litigation and settlement costs and other loss contingencies, fair value of our equity awards, achievement of targets for performance stock units, fair value of the liability and equity components of the Convertible Senior Notes and the purchase price allocation of acquired businesses. We base our estimates on historical experience and on assumptions that we believe are reasonable. Changes in facts or circumstances may cause us to change our assumptions and estimates in future periods, and it is possible that actual results could differ from current or revised future estimates. Concentrations Financial instruments that subject us to concentrations of credit risk consist primarily of cash and cash equivalents, short-term investments, and accounts receivable. We maintain a substantial portion of our cash and 94 cash equivalents in money market funds invested in U.S. Treasury related obligations. Management believes that these financial institutions are financially sound and, accordingly, are subject to minimal credit risk. Deposits held with banks may exceed the amount of insurance provided on such deposits. Our short-term investments primarily consist of notes and bonds issued by corporate institutions and U.S. Government agencies. All of our investments are highly-rated by credit rating agencies and are issued by organizations with reputable credit, and therefore bear minimal credit risk. Our accounts receivables are primarily derived from a diverse set of customers across various geographical locations. We perform ongoing credit evaluations of our customers and generally do not require collateral on accounts receivable. We maintain an allowance for doubtful accounts for estimated potential credit losses. See Note 16 for information on major customers. We rely primarily on a single contract manufacturer to assemble our products. In some cases we rely on sole suppliers for a certain number of our components. Foreign Currency Translation and Transactions The functional currency of our foreign subsidiaries is the U.S. dollar. We translate all monetary assets and liabilities denominated in foreign currencies into U.S. dollars using the exchange rates in effect at the balance sheet dates and other assets and liabilities using historical exchange rates. Foreign currency denominated revenue and expenses have been re-measured using the average exchange rates in effect during each period. Foreign currency translation and transaction gains and losses have been included in other income (expense) and have not been significant for the years ended December 31, 2018, 2017 and 2016. For the years ended December 31, 2018, 2017 and 2016, we recognized a loss of $1.5 million, a gain of $1.8 million and a loss of $1.5 million, respectively. Cash and Cash Equivalents We consider all highly liquid investments with original maturities of three months or less at date of purchase to be cash equivalents. We determine the appropriate classification of our investments at the time of purchase, and evaluate such designation at each balance sheet date. Short-term Investments We classify our investments in debt and equity securities as available-for-sale and record these investments at fair value. Investments with an original maturity of three months or less at the date of purchase are considered cash equivalents, while all other investments are classified as short-term or long-term based on the nature of the investments, their maturities, and their availability for use in current operations. Unrealized gains and losses are reported as a component of other comprehensive loss. Realized gains and losses are determined based on the specific identification method, and are reflected in our Consolidated Statements of Operations. We regularly review our investment portfolio to identify and evaluate investments that have indicators of possible impairment. Factors considered in determining whether a loss is other-than-temporary include, but are not limited to: the length of time and extent a security’s fair value has been below its cost, the financial condition and near-term prospects of the investee, the credit quality of the security’s issuer, likelihood of recovery and our intent and ability to hold the security for a period of time sufficient to allow for any anticipated recovery in value. For our debt instruments, we also evaluate whether we have the intent to sell the security or it is more likely than not that we will be required to sell the security before recovery of its cost basis. Investments are considered to be impaired when a decline in fair value is judged to be other-than-temporary. Fair value is calculated based on publicly available market information or other estimates determined by 95 A n n u a l R e p o r t management. If the cost of an investment exceeds its fair value, we evaluate, among other factors, general market conditions, credit quality of debt instrument issuers, the duration and extent to which the fair value is less than cost and whether we have plans to sell the security, or it is more likely than not that we will be required to sell the security, before recovery. Once a decline in fair value is determined to be other-than-temporary, an impairment charge is recorded to other income (expense) and a new cost basis in the investment is established. Fair Value of Financial Instruments We define fair value as the price that would be received from selling an asset, or paid to transfer a liability, in an orderly transaction between market participants at the measurement date. When determining the fair value measurements for assets and liabilities which are required to be recorded at fair value, we consider the principal or most advantageous market in which to transact and the market-based risk. We apply fair value accounting for all financial assets and liabilities that are recognized or disclosed at fair value in the financial statements on a recurring basis. The carrying amounts reported in the consolidated financial statements approximate the fair value for cash and cash equivalents, accounts receivable, accounts payable and accrued liabilities due to their short-term nature. Inventories Inventories are stated at the lower of cost or net realizable value. Provisions have been made to reduce all slow-moving, obsolete or unusable inventories to their net realizable values. We purchase completed units from contract manufacturers and substantially all of our inventories are finished goods held for use as service replacements. As of December 31, 2018 and 2017, the reserves for excess and obsolete inventories were $5.2 million and $4.7 million, respectively. Property and Equipment Property and equipment are recorded at cost. Depreciation is computed using the straight-line method over the estimated useful lives of the assets, generally two to five years. The estimated useful lives of property and equipment are described below: Property and Equipment Computer equipment and software Leasehold improvements Furniture and fixtures Machinery and equipment Demonstration Units Useful Life 2 to 5 years Shorter of estimated useful life or remaining lease term 5 years 2 to 5 years Product demonstration units are included in prepaid expenses and other current assets on the consolidated balance sheets. Demonstration units are recorded at cost and are amortized over the estimated useful life from the date of transfer from inventory, generally 12 months. We generally do not resell units that have been used for demonstration purposes. Impairment of Long-Lived Assets We evaluate events and changes in circumstances that could indicate carrying amounts of long-lived assets may not be recoverable. When such events or changes in circumstances occur, we assess the recoverability of long-lived assets by determining whether or not the carrying value of such assets will be recovered through undiscounted expected future cash flows. If the total of the future undiscounted cash flows is less than the 96 carrying amount of an asset, we record an impairment charge for the amount by which the carrying amount of the assets exceeds the fair value of the asset. Through December 31, 2018 we have not written down any of our long- lived assets as a result of impairment. Business Combinations We have accounted for all of our acquisitions using the acquisition method. The Company allocates the fair value of purchase consideration to the tangible assets acquired, liabilities assumed and intangible assets acquired, based on their estimated fair values. The excess of the fair value of purchase consideration over the values of these identifiable assets and liabilities is recorded as goodwill. When determining the fair value of assets acquired and liabilities assumed, management makes significant estimates and assumptions, especially with respect to identifiable intangible assets. Significant assumptions used in valuing certain identifiable intangible assets include, but are not limited to, expected long-term market growth, future expected operating expenses, costs of capital, and appropriate discount rates. Management’s estimates of fair value are based upon assumptions believed to be reasonable, but which are inherently uncertain and, as a result, actual results may differ from estimates. Goodwill and Purchased Intangibles Goodwill represents the excess of the aggregate purchase price paid over the fair value of the net tangible and identifiable intangible assets acquired. Goodwill is not amortized and is tested for impairment at least annually or whenever events or changes in circumstances indicate that the carrying value may not be recoverable. The Company has determined that it operates as one reporting unit and has selected December 1 as the date to perform its annual impairment test. In the valuation of its goodwill, the Company must make assumptions regarding estimated future cash flows to be derived from the Company. If these estimates or their related assumptions change in the future, the Company may be required to record impairment for these assets. The first step of the impairment test involves comparing the fair value of the reporting unit to its net book value, including goodwill. If the net book value exceeds its fair value, then the Company would perform the second step of the goodwill impairment test to determine the amount of the impairment loss. The impairment loss would be calculated by comparing the implied fair value of the Company to its net book value. In calculating the implied fair value of the Company’s goodwill, the fair value of the Company would be allocated to all of the other assets and liabilities based on their fair values. The excess of the fair value of the Company over the amount assigned to its other assets and liabilities represents the implied fair value of goodwill. An impairment loss would be recognized when the carrying amount of goodwill exceeds its implied fair value. There was no impairment of goodwill recorded for the years ended December 31, 2018, 2017 or 2016. Purchased intangible assets with finite lives are carried at cost, less accumulated amortization. Amortization is computed over the estimated useful lives of the respective assets. Purchased intangible assets with indefinite lives are assessed for potential impairment annually, or when events or circumstances indicate that their carrying amounts might be impaired. Warranties We generally provide a one-year warranty on hardware. We do not accrue for potential warranty claims as a component of cost of product revenue as all product warranty claims are satisfied under our support and maintenance contracts. Contract Manufacturer Liabilities We outsource most of our manufacturing, repair, and supply chain management operations to our independent contract manufacturers and payments to such manufacturers are a significant portion of our product 97 A n n u a l R e p o r t cost of revenue. Although we could be contractually obligated to purchase manufactured products, we generally do not own the manufactured products. Product title transfers from our independent contract manufacturers to us and to our partners upon shipment. Our independent contract manufacturers assemble our products using design specifications, quality assurance programs, and standards that we establish, and they procure components and assemble our products based on our demand forecasts. These forecasts represent our estimates of future demand for our products based upon historical trends and analysis from our sales and product management functions as adjusted for overall market conditions. If the actual component usage and product demand are significantly lower than forecast, we may accrue for costs for contractual manufacturing commitments in excess of our forecasted demand, including costs for excess components or for carrying costs incurred by our contract manufacturers. To date, we have not accrued any significant costs associated with this exposure. Contract Balances Accounts Receivable Trade accounts receivable are recorded at the billable amount where we have the unconditional right to bill, net of allowances for doubtful accounts. The allowance for doubtful accounts is based on our assessment of the collectability of accounts. Management regularly reviews the adequacy of the allowance for doubtful accounts by considering the age of each outstanding invoice, each customer’s expected ability to pay and collection history, when applicable, to determine whether a specific allowance is appropriate. Accounts receivable deemed uncollectible are charged against the allowance for doubtful accounts when identified. Deferred Revenue (Contract Liabilities) and Contract Assets Deferred revenue consists of amounts that have been invoiced and for which we have the right to bill, but have not been recognized as revenue because the related goods or services have not been transferred. Deferred revenue that will be realized during the succeeding 12-month period is recorded as current, and the remaining deferred revenue is recorded as non-current. Our contract assets consist of assets typically resulting when revenue recognized exceeds the amount billed or billable to the customer due to allocation of transaction price, and such amounts have been included in prepaid expenses and other current assets. Our contract assets were immaterial as of December 31, 2018 and December 31, 2017. In instances where the timing of revenue recognition differs from the timing of invoicing, we have determined our contracts generally do not include a significant financing component. The primary purpose of our invoicing terms is to provide customers with simplified and predictable ways of purchasing our products and services, not to receive financing from our customers or to provide customers with financing. Examples include invoicing at the beginning of a subscription term with revenue recognized ratably over the contract period. Assets Recognized from Costs to Obtain a Contract with a Customer Deferred Commissions Our customer acquisition costs are primarily related to sales commissions and related payroll taxes earned by our sales force and such costs are considered incremental costs to obtain a contract. Sales commissions for initial contracts are deferred and then amortized taking into consideration the pattern of transfer to which the asset relates and may include expected renewal periods where renewal commissions are not commensurate with the initial commissions period. We typically recognize the initial commissions over the longer of the customer relationship (generally estimated to be four years) or over the same period as the initial revenue arrangement to which these costs relate. Renewal commissions not commensurate with the initial commissions paid are generally amortized over the renewal period. Deferred commissions that will amortize within the succeeding twelve month period are classified as current, and included in prepaid expenses and other current assets on the Consolidated Balance Sheets. The remaining balance is classified as non-current, and included in deposits and other long-term assets. As of December 31, 2018 and December 31, 2017, the amount of deferred commissions 98 included in prepaid expenses and other current assets was $50.1 million and $43.8 million, respectively. The amount of deferred commissions included in deposits and other long-term assets as of December 31, 2018 and December 31, 2017 was $50.5 million and $43.0 million, respectively. Deferred Costs of Revenue Deferred costs of revenue consists of appliance related direct and incremental costs that are capitalized and will be amortized on a systematic basis that is consistent with the pattern of transfer to which the asset relates. Deferred costs of revenue that will be realized within the succeeding twelve month period are classified as current, and included in prepaid expenses and other current assets on the Consolidated Balance Sheets. The remaining balance is classified as non-current, and included in deposits and other long-term assets. As of December 31, 2018 and December 31, 2017, the amount of deferred costs of revenue classified as current and included in prepaid expenses and other current assets was $17.0 million and $18.4 million, respectively. The amount of deferred costs of revenue classified as non-current and included in deposits and other long-term assets as of December 31, 2018 and December 31, 2017 was $20.3 million and $19.7 million, respectively. Revenue Recognition Revenue from Contracts with Customers Revenue is recognized when all of the following criteria are met: • • Identification of the contract, or contracts, with a customer—A contract with a customer exists when (i) we enter into an enforceable contract with a customer that defines each party’s rights regarding the goods or services to be transferred and identifies the payment terms related to these goods or services, (ii) the contract has commercial substance and the parties are committed to perform, and (iii) we determine that collection of substantially all consideration to which it will be entitled in exchange for goods or services that will be transferred is probable based on the customer’s intent and ability to pay the promised consideration. Identification of the performance obligations in the contract—Performance obligations promised in a contract are identified based on the goods or services that will be transferred to the customer that are both capable of being distinct, whereby the customer can benefit from the goods or service either on its own or together with other resources that are readily available from third parties or from us, and are distinct in the context of the contract, whereby the transfer of the goods or services is separately identifiable from other promises in the contract. To the extent a contract includes multiple promised goods or services, we apply judgment to determine whether promised goods or services are capable of being distinct and distinct in the context of the contract. If these criteria are not met the promised goods or services are accounted for as a combined performance obligation. • Determination of the transaction price—The transaction price is determined based on the consideration to which we will be entitled in exchange for transferring goods or services to the customer adjusted for estimated variable consideration, if any. We typically estimate the transaction price impact of discounts offered to the customers for early payments on receivables or rebates based on channel partner sales achievements. Constraints are applied when estimating variable considerations based on historical experience where applicable. • Allocation of the transaction price to the performance obligations in the contract—If the contract the entire transaction price is allocated to the single contains a single performance obligation, performance obligation. Contracts that contain multiple performance obligations require an allocation of the transaction price to each performance obligation based on a relative SSP basis. Determination of SSP requires judgment. We determine standalone selling price taking into account available information such as historical selling prices of the performance obligation, geographic location, overall strategic pricing objective, market conditions and internally approved pricing guidelines related to the performance obligations. 99 A n n u a l R e p o r t • Recognition of revenue when, or as, we satisfy performance obligation—We satisfy performance obligations either over time or at a point in time as discussed in further detail below. Revenue is recognized at or over the time the related performance obligation is satisfied by transferring a promised good or service to a customer. Nature of Products and Services We generate revenue from the sales of physical and virtual security appliances (products), subscriptions, support and maintenance and professional services, primarily through our indirect relationships with our partners or direct relationships with end customers through our direct sales force. We account for our performance obligations in accordance with ASC 606, and all related interpretations. Our security appliance deliverables include proprietary operating system software, which together with regular security intelligence updates and support and maintenance, deliver the essential functionality of our appliance-based security products. We combine intelligence dependent appliances and software licenses with the related intelligence subscription and support as a single performance obligation. As a result, we recognize revenue for this single performance obligation ratably over the contractual term. Contracts containing this single performance obligation typically contain a material right of renewal option. For contracts that contain a material right of renewal option, the allocated value of the performance obligation is recognized ratably over the period between the end of the initial contractual term and the end of the estimated useful life of the related appliance and license. Revenue from subscriptions to our cloud-based services, which allow customers to use our hosted security software over a contracted period without taking possession of the software and managed services where we provide managed detection and response services for customers, are recognized over the contractual term. We also have a small portion of our revenue from appliances and software that are not dependent on regular threat intelligence updates. Revenue from these appliances and the associated software is therefore recognized when ownership is transferred to our customers, typically upon shipment. Professional services, which include incident response, compromise assessments, and other security consulting services are offered on a time-and-materials basis or through fixed fee arrangements, and we recognize the associated revenue as the services are delivered. Advertising Costs Advertising costs, which are expensed and included in sales and marketing expense when incurred, were $3.4 million, $2.6 million and $3.6 million during the years ended December 31, 2018, 2017 and 2016, respectively. Software Development Costs The costs to develop internal-use software are subject to capitalization and begin amortizing once the software is substantially ready for use. These costs are included in property and equipment and are generally amortized over 3 years. All other software development costs are expensed as incurred and included in research and development expense on the Consolidated Statements of Operations. Stock-Based Compensation Compensation expense related to stock-based transactions, including employee and non-employee director awards and our 2013 Employee Stock Purchase Plan (the “ESPP”), is measured and recognized in the financial statements based on fair value. The fair value of each option award is estimated on the grant date using the Black-Scholes option-pricing model and a single option award approach. This model requires that at the date of 100 grant we determine the fair value of the underlying common stock, the expected term of the award, the expected volatility of the price of our common stock, risk-free interest rates, and expected dividend yield of our common stock. The fair value of restricted stock awards and restricted stock units is based on the closing market price of our common stock on the date of grant. The stock-based compensation expense is recognized using a straight-line basis over the requisite service period of the entire awards, which is generally four years. Performance-based awards are subject to performance conditions. We recognize compensation expense over the requisite service period of each vesting tranche, when it becomes probable that the performance criteria set by our Board of Directors will be achieved. Beginning January 1, 2016 with the adoption of ASU 2016-09, we elected to recognize forfeitures as they occur, and no longer estimate a forfeiture rate when calculating the stock-based compensation for our equity awards. We account for stock options issued to non-employees based on the fair value of the awards determined using the Black-Scholes option-pricing model. The fair value of stock options granted to non-employees is remeasured as the stock options vest, and the resulting change in value, if any, is recognized in the statement of operations during the period the related services are rendered. Income Taxes We account for income taxes using the asset and liability method, which requires the recognition of deferred tax assets and liabilities for the expected future tax consequences of events that have been recognized in our financial statements or tax returns. In addition, deferred tax assets are recorded to reflect the future benefit of utilizing net operating losses and research and development credit carry forwards. Valuation allowances are provided when necessary to reduce deferred tax assets to the amount expected to be realized. We have elected to account for Global Intangible Low-Taxed Income (“GILTI”) under the Tax Cuts and Jobs Act of 2017 (the “Tax Act”) as period costs when incurred. We apply the authoritative accounting guidance prescribing a threshold and measurement attribute for the financial recognition and measurement of a tax position taken or expected to be taken in a tax return. We recognize liabilities for uncertain tax positions based on a two-step process. The first step is to evaluate the tax position for recognition by determining if the weight of available evidence indicates that it is more likely than not that the position will be sustained on audit, including resolution of related appeals or litigation settlement. The second step is to estimate and measure the tax benefit as the largest amount that is more than 50% likely to be realized upon ultimate settlement. We recognize interest and penalties related to unrecognized tax benefits within the income tax expense line in the accompanying consolidated statements of operations. Accrued interest and penalties are included within other long-term liabilities in the consolidated balance sheets. Net Loss Per Share Attributable to Common Stockholders We calculate our basic and diluted net loss per share attributable to common stockholders in conformity with the two-class method required for companies with participating securities. Under the two-class method, in periods when we have net income, net income attributable to common stockholders is determined by allocating undistributed earnings, calculated as net income less current period convertible preferred stock non-cumulative dividends, between common stock and the convertible preferred stock. In computing diluted net income attributable to common stockholders, undistributed earnings are re-allocated to reflect the potential impact of dilutive securities. Our basic net loss per share attributable to common stockholders is calculated by dividing the net loss attributable to common stockholders by the weighted-average number of shares of common stock outstanding for the period. The diluted net loss per share attributable to common stockholders is computed by giving effect to all potential dilutive common stock equivalents outstanding for the period. For purposes of this calculation, options to purchase common stock are considered common stock equivalents, but have been excluded from the calculation of diluted net loss per share attributable to common stockholders as their effect is anti-dilutive. 101 A n n u a l R e p o r t Convertible Senior Notes We allocated the principal amount of the Convertible Senior Notes between its liability and equity components. The carrying amount of the liability component was determined by measuring the fair value of a similar debt instrument of similar credit quality and maturity that did not have the conversion feature. The carrying amount of the equity component, representing the embedded conversion option, was determined by deducting the fair value of the liability component from the principal amount of the Convertible Senior Notes as a whole. The equity component is included in additional paid-in-capital in consolidated balance sheets and is not remeasured as long as it continues to meet the conditions for equity classification. The excess of the principal amount of the Convertible Senior Notes over the carrying amount of the liability component was recorded as a debt discount, and is being amortized to interest expense using the effective interest method through the first date holders have the right to require us to repurchase all or any portion of their Convertible Senior Notes; the first put date (see Note 9). We allocate the total amount of transaction costs incurred to the liability and equity components using the same proportions as the proceeds from the Convertible Senior Notes. Transaction costs attributable to the liability component were recorded as a direct deduction from the liability component of the Convertible Senior Notes, and are being amortized to interest expense using the effective interest method through the first put date. Transaction costs attributable to the equity component were netted with the equity component of the Convertible Senior Notes in additional paid-in capital. ASC 606 Impact to Previously Reported Results We adjusted our consolidated financial statements from amounts previously reported due to the adoption of ASC 606. Select consolidated balance sheet line items, which reflect the adoption of this standard, are as follows (in thousands): Balance Sheet: Accounts receivable, net Prepaid expenses and other current assets Deposits and other long-term assets Deferred revenue, current portion Deferred revenue, non-current portion Stockholders’ equity As of December 31, 2017 As Previously Reported $140,049 $ 34,541 $ 11,537 $443,064 $227,680 $744,816 Impact of Adoption As Adjusted 6,268 59,258 61,230 103,551 135,805 (112,600) $146,317 $ 93,799 $ 72,767 $546,615 $363,485 $632,216 102 Select consolidated statement of operations line items, which reflect the adoption of ASC 606, are as follows (in thousands): Consolidated Statement of Operations Total revenue Total cost of revenue Operating expenses: Sales and marketing Total operating expenses Operating loss Net loss attributable to common stockholders Net loss per share attributable to common stockholders, basic and Year Ended December 31, 2017 As Previously Reported $ 751,086 $ 268,887 $ 371,935 $ 740,805 $(258,606) $(303,691) Impact of Adoption As Adjusted 28,562 2,760 7,343 7,295 18,507 18,507 $ 779,648 $ 271,647 $ 379,278 $ 748,100 $(240,099) $(285,184) diluted $ (1.71) 0.11 $ (1.60) Consolidated Statement of Operations Total revenue Total cost of revenue Operating expenses: Sales and marketing Total operating expenses Operating loss Net loss attributable to common stockholders Net loss per share attributable to common stockholders, basic and Year ended December 31, 2016 As Previously Reported $ 714,114 $ 271,868 $ 439,499 $ 886,562 $(444,316) $(480,129) Impact of Adoption As Adjusted (8,119) (785) (1,980) (2,028) (5,306) (5,306) $ 705,995 $ 271,083 $ 437,519 $ 884,534 $(449,622) $(485,435) diluted $ (2.94) (0.03) $ (2.97) A n n u a l R e p o r t 103 Select consolidated statement of cash flows line items, which reflect the adoption of ASC 606, are as follows (in thousands): Consolidated Statement of Cash flows Cash flows from operating activities: Net loss Adjustments to reconcile net loss to net cash provided by operating activities Other Changes in operating assets and liabilities, net of business acquisitions: Accounts receivable Prepaid expenses and other assets Deferred revenue Consolidated Statement of Cash flows Cash flows from operating activities: Net loss Adjustments to reconcile net loss to net cash used in operating activities Changes in operating assets and liabilities, net of business acquisitions: Accounts receivable Prepaid expenses and other assets Deferred revenue Recent Accounting Pronouncements Year Ended December 31, 2017 As Previously Reported Impact of Adoption As Adjusted $(303,691) 18,507 $(285,184) $ 7,217 (47) $ 7,170 $ (20,749) $ (4,736) $ 17,227 6,315 10,101 (34,876) $ (14,434) $ 5,365 $ (17,649) Year ended December 31, 2016 As Previously Reported Impact of Adoption As Adjusted $(480,129) (5,306) $(485,435) $ 61,785 $ 9,344 $ 105,431 (3,817) (2,238) 11,361 $ 57,968 $ 7,106 $ 116,792 In August 2018, the FASB issued ASU 2018-15, Intangibles—Goodwill and Other—Internal-Use Software Implementation Costs Incurred in a Cloud Computing (Subtopic 350-40): Customer’s Accounting for Arrangement That Is a Service Contract. This standard requires capitalization of the implementation costs incurred in a hosting arrangement that is a service contract with the requirements for capitalizing implementation costs incurred to develop or obtain internal-use software. Further, the standard also requires the Company to expense the capitalized implementation costs of a hosting arrangement over the term of the hosting arrangement. This standard is effective for the Company beginning in the first quarter of 2020. Early adoption is permitted. The adoption of this standard is not expected to have a significant impact on our consolidated financial statements. In June 2018, the FASB issued ASU 2018-07 (Topic 718): Improvements to Non-employee Share-Based Payment Accounting (“Topic 718”). This standard expands the scope of Topic 718 to include share-based payment transactions for acquiring goods and services from non-employees. FASB clarified that Topic 718 does not apply to share-based payments used to effectively provide financing to the issuer or awards granted in conjunction with selling goods or services to customers as part of a contract accounted for under ASC 606. This standard is effective for the Company beginning in the first quarter of 2019. Early adoption is permitted, but no earlier than an entity’s adoption date of ASC 606. The adoption of this standard is not expected to have a significant impact on our consolidated financial statements. In February 2018, the FASB issued ASU 2018-02: Reclassification of Certain Tax Effects From Accumulated Other Comprehensive Income. This standard provides companies with an option to reclassify 104 stranded tax effects resulting from the enactment of the Tax Cuts and Jobs Act of 2017 (the “Tax Act”) from accumulated other comprehensive income to retained earnings. The guidance will be effective for the Company beginning in the first quarter of 2019 with early adoption permitted, and will be applied either in the period of adoption or retrospectively to each period (or periods) in which the effect of the change in the tax rate as a result of the Tax Act is recognized. We have not made a determination as to which alternative methods it will use when it adopts this standard, but does not expect the adoption of this ASU to have a material impact on our consolidated financial statements. In January 2017, the FASB issued ASU 2017-04, Intangibles—Goodwill and Other (Topic 350): Simplifying the Test for Goodwill Impairment. This standard eliminates the requirement to calculate the implied fair value of goodwill to measure a goodwill impairment charge (i.e. Step 2 of the current guidance), instead measuring the impairment charge as the excess of the reporting unit’s carrying amount over its fair value (i.e. Step 1 of the current guidance). The guidance is effective for the Company beginning in the first quarter of 2020, and should be applied prospectively. Early adoption is permitted for impairment testing dates after January 1, 2017. The adoption of this standard is not expected to have a significant impact on our consolidated financial statements. In June 2016, the FASB issued ASU 2016-13, Financial Instruments—Credit Losses (Topic 326): Measurement of Credit Losses on Financial Instruments. This standard changes the impairment model for most financial assets (including accounts receivable) and certain other instruments by introducing a current expected credit loss (“CECL”) model. The CECL model is a more forward-looking approach based on expected losses rather than incurred losses, requiring entities to estimate and record losses expected over the remaining contractual life of an asset. The guidance is effective for the Company beginning in the first quarter of 2020. Early adoption beginning January 1, 2019 is permitted. We are currently evaluating the impact the adoption of this guidance will have on our consolidated financial statements. In February 2016, the FASB issued ASU No. 2016-02, Leases (Topic 842). This standard is intended to increase transparency and comparability among organizations by recognizing right-of-use assets and lease liabilities on the balance sheet and disclosing key information about leasing arrangements. This standard is effective for the Company beginning in the first quarter of 2019, with early adoption permitted. The standard provides for a modified retrospective transition approach to recognize and measure leases at the beginning of the the FASB issued ASU 2018-11, Leases (Topic 842): Targeted earliest period presented. In July 2018, Improvements. The update provides an optional transition method that allows entities to apply the standard prospectively, versus recasting the prior periods presented. If elected, an entity would recognize a cumulative- effect adjustment to opening retained earnings in the period of adoption. We expect to adopt the new standard using this optional transition method. We have also elected the practical expedients to not reassess prior conclusions related to contracts containing leases, lease classification and initial direct costs which expired prior to January 1, 2019. We expect to recognize right-of-use assets of approximately $64.3 million to $72.6 million and lease liabilities of approximately $84.2 million to $92.5 million. These estimates could change as we continue to progress with the implementation and will also fluctuate based on the lease portfolio and discount rates as of the adoption date. While our work is still in process, we currently expect the adoption of this standard to have a material impact on our consolidated financial position, and no impact on our consolidated statements of operations. 2. Fair Value Measurements The accounting guidance for fair value measurements provides a framework for measuring fair value on either a recurring or nonrecurring basis, whereby the inputs used in our valuation techniques are assigned a hierarchical level. The following are the three levels of inputs to measure fair value: • Level 1: Observable inputs that reflect quoted prices (unadjusted) for identical assets or liabilities in active markets. 105 A n n u a l R e p o r t • • Level 2: Inputs that reflect quoted prices for identical assets or liabilities in less active markets; quoted prices for similar assets or liabilities in active markets; benchmark yields, reported trades, broker/dealer quotes, inputs other than quoted prices that are observable for the assets or liabilities; or inputs that are derived principally from or corroborated by observable market data by correlation or other means. Level 3: Unobservable inputs that reflect our own assumptions incorporated in valuation techniques used to measure fair value. These assumptions are required to be consistent with market participant assumptions that are reasonably available. We consider an active market to be one in which transactions for the asset or liability occur with sufficient frequency and volume to provide pricing information on an ongoing basis, and consider an inactive market to be one in which there are infrequent or few transactions for the asset or liability, the prices are not current, or price quotations vary substantially either over time or among market makers. Where appropriate, our own or the counterparty’s non-performance risk is considered in measuring the fair values of assets. The following table presents our assets and liabilities measured at fair value on a recurring basis using the above input categories (in thousands): Description Assets Cash equivalents: As of December 31, 2018 As of December 31, 2017 Level 1 Level 2 Level 3 Total Level 1 Level 2 Level 3 Total Money market funds U.S. Treasuries $25,748 — $ — $— $ 25,748 — — — $ 208 3,098 $ — $— $ — — 208 3,098 Total cash equivalents $25,748 $ — $— $ 25,748 $3,306 $ — $— $ 3,306 Short-term investments: Commercial paper Corporate notes and bonds U.S. Treasuries U.S. Government agencies Total short-term investments Total assets measured at fair — — — — — — 448,323 — 112,700 — 145,668 — — 448,323 112,700 145,668 — — — — 4,987 — 438,024 — — 272,900 — — 4,987 438,024 — 272,900 $ — $706,691 $— $706,691 $ — $715,911 $— $715,911 value $25,748 $706,691 $— $732,439 $3,306 $715,911 $— $719,217 Additionally, we have a restructuring liability related to certain real estate facilities which was calculated based on the present value of future lease payments, less estimated sublease income, discounted at a rate commensurate with our current cost of financing. This non-recurring fair value measurement is considered to be a Level 3 measurement due to the use of significant unobservable inputs. To the extent that actual sublease income or the timing of subleasing these facilities is different the restructuring liability in the period during which such information becomes known. See Note 6 Restructuring Charges for a reconciliation of this liability. than initial estimates, we will adjust We measure certain assets, including goodwill, intangible assets and our equity-method investment in a private company at fair value on a nonrecurring basis when there are identifiable events or changes in circumstances that may have a significant adverse impact on the fair value of these assets. No such events or changes occurred during the year ended December 31, 2018. The estimated fair value of the Convertible Senior Notes as of December 31, 2018 was determined to be $1.1 billion, based on quoted market prices. We consider the fair value of the Convertible Senior Notes to be a Level 2 measurement as they are not actively traded. 106 3. Investments Our investments consisted of the following (in thousands): Corporate notes and bonds U.S. Treasuries U.S. Government agencies Total Commercial paper Corporate notes and bonds U.S. Treasuries U.S. Government agencies As of December 31, 2018 Gross Unrealized Gains Gross Unrealized Losses Estimated Fair Value Cash and Cash Equivalents $ 44 2 — $ 46 $(1,818) $448,323 112,700 145,668 (85) (442) $(2,345) $706,691 $— — — $— As of December 31, 2017 Gross Unrealized Gains Gross Unrealized Losses Estimated Fair Value Cash and Cash Equivalents $— 2 — — $ (2) $ (1,829) — (1,050) 4,987 438,024 3,098 272,900 $ — — 3,098 — Amortized Cost $450,097 112,783 146,110 $708,990 Amortized Cost $ 4,989 439,851 3,098 273,950 Short-Term Investments $448,323 112,700 145,668 $706,691 Short-Term Investments $ 4,987 438,024 — 272,900 Total $721,888 $ 2 $(2,881) $719,009 $3,098 $715,911 The following tables present the gross unrealized losses and related fair values of our investments that have been in a continuous unrealized loss position (in thousands): Less Than 12 Months Greater Than 12 Months Total As of December 31, 2018 Corporate notes and bonds U.S. Treasuries U.S. Government agencies Fair Value $420,548 105,525 137,416 Unrealized Loss $(1,817) (85) (441) $1,526 — — Fair Value Unrealized Loss Total $663,489 $(2,343) $1,526 $ (2) — — $ (2) Less Than 12 Months Unrealized Loss As of December 31, 2017 Greater Than 12 Months Unrealized Loss Fair Value Commercial paper Corporate notes and bonds U.S. Treasuries U.S. Government agencies Fair Value $ 4,987 284,499 — 117,132 $ (2) $ — 153,525 — 155,768 (1,484) — (486) $ — (345) — (564) A n n u a l R e p o r t Fair Value $422,074 105,525 137,416 Unrealized Loss $(1,819) (85) (441) $665,015 $(2,345) Total Fair Value $ 4,987 438,024 — 272,900 Unrealized Loss $ (2) (1,829) — (1,050) Total $406,618 $(1,972) $309,293 $(909) $715,911 $(2,881) 107 Unrealized losses related to these investments are due to interest rate fluctuations as opposed to credit quality. In addition, we do not intend to sell, and it is not more likely than not that we would be required to sell, these investments before recovery of their cost basis. As a result, there is no other-than-temporary impairment for these investments as of December 31, 2018 and 2017. The following table summarizes the contractual maturities of our investments at December 31, 2018 (in thousands): Due within one year Due within one to three years Total Amortized Cost Fair Value $460,480 248,510 $458,749 247,942 $708,990 $706,691 All available-for-sale securities have been classified as current, based on management’s intent and ability to use the funds in current operations. As of December 31, 2018, we held a 11.1% ownership interest in a privately held company which is accounted for under the equity method based on our ability to exercise significant influence over the company’s operating and financial policies. Our investments in this company are classified within deposits and other long- term assets on our consolidated balance sheets. The carrying value of our investments was $0.5 million and $2.1 million as of December 31, 2018 and 2017, respectively. 4. Property and Equipment Property and equipment, net consisted of the following (in thousands): Computer equipment and software Leasehold improvements Furniture and fixtures Machinery and equipment Total property and equipment Less: accumulated depreciation Total property and equipment, net As of December 31, 2018 2017 $ 171,078 62,832 13,835 447 $ 144,438 67,451 16,665 447 $ 248,192 (159,029) $ 229,001 (157,644) $ 89,163 $ 71,357 During the years ended December 31, 2018, 2017 and 2016 we capitalized $22.5 million, $14.2 million and $8.0 million, respectively, of software development costs related to our cloud subscription offerings. Amortization expense related to capitalized software development costs during the years ended December 31, 2018, 2017 and 2016 was $10.2 million, $5.6 million and $2.9 million respectively. Depreciation and amortization expense related to property and equipment and demonstration units during the years ended December 31, 2018, 2017 and 2016 was $36.7 million, $41.8 million and $51.5 million, respectively. 5. Business Combinations On October 20, 2017, we acquired all of the outstanding shares of The Email Laundry, a privately held email security company, which is expected to enhance our current email offerings. In connection with this 108 acquisition, we paid cash consideration of $4.3 million and issued 259,425 shares of our common stock with an estimated fair value of $4.4 million, resulting in total purchase consideration of $8.7 million. The purchase price is subject to customary working capital and related adjustments. The purchase price was allocated to intangible assets of $2.7 million, goodwill of $6.4 million and tangible net liabilities of $0.3 million. The intangible assets are composed of technology and customer relationships, each with an estimated weighted average useful life of 3 years. The goodwill is primarily attributable to the know-how of the workforce and is not expected to be deductible for U.S. federal income tax purposes. The results of operations of The Email Laundry have been included in our consolidated statements of operations from the acquisition date. Pro forma financial information has not been presented for this acquisition as the impact to our consolidated financial statements was not material. On January 11, 2018, we acquired all outstanding shares of privately held X15, a data management company. We expect that the X15 technology will be incorporated into our platform and analytics capabilities going forward. In connection with this acquisition, we paid cash consideration of $5.3 million and issued 1,016,334 shares of our common stock with an estimated fair value of $15.4 million, resulting in total purchase consideration of $20.7 million. The purchase price was allocated to intangible assets of $6.1 million, goodwill of $15.1 million and net tangible liabilities of $0.5 million. The intangible asset relates to developed technology with an estimated weighted average useful life of 3 years. The goodwill is primarily attributable to the know-how of the workforce and is not expected to be deductible for U.S. federal income tax purposes. The results of operations of X15 have been included in our consolidated statements of operations from the acquisition date. Pro forma financial information has not been presented for this acquisition as the impact to our consolidated financial statements was not material. Goodwill and Purchased Intangible Assets Changes in the carrying amount of goodwill for the years ended December 31, 2018 and 2017 were as follows (in thousands): Balance as of December 31, 2016 Goodwill acquired Balance as of December 31, 2017 Goodwill acquired Balance as of December 31, 2018 Purchased intangible assets consisted of the following (in thousands): Developed technology Content Customer relationships Contract backlog Trade names Non-competition agreements Total intangible assets Less: accumulated amortization Total net intangible assets Amount $978,260 6,401 $984,661 15,143 $999,804 A n n u a l R e p o r t As of December 31, 2018 2017 $ 110,003 158,700 111,090 12,500 15,560 1,400 $ 103,903 158,700 111,090 12,500 15,560 1,400 $ 409,253 (266,091) 403,153 (215,765) $ 143,162 $ 187,388 Amortization expense of intangible assets during the years ended December 31, 2018, 2017 and 2016 was $50.3 million, $59.3 million and $64.0 million, respectively. 109 The expected future annual amortization expense of intangible assets as of December 31, 2018 is presented below (in thousands): Years Ending December 31, 2019 2020 2021 2022 2023 2024 and thereafter Total 6. Restructuring Charges Amount $ 48,441 33,903 29,337 18,209 13,105 167 $143,162 In addition to our previous restructuring activities which took place in 2014, our Board of Directors approved a restructuring plan and reduction in workforce in August 2016 designed to reduce operating expenses and align our expense structure with current growth expectations. This resulted in a 10% reduction in our workforce, the consolidation of certain real estate facilities and impairment of certain assets. The following table sets forth a summary of restructuring activities during the years ended December 31, 2018 and 2017 (in thousands): Balance, December 31, 2016 Provision for restructuring charges Cash payments Other adjustments Balance, December 31, 2017 Provision for restructuring charges Cash payments Other adjustments Balance, December 31, 2018 Severance and related costs Facilities costs Total costs $1,221 — (752) (469) $ — — — — $ — $ 2,246 — (1,046) (265) $ 3,467 — (1,798) (734) $ 935 — (175) 390 935 — (175) 390 $ 1,150 $ 1,150 Other adjustments of $0.4 million and negative $0.7 million for the year ended December 31, 2018 and 2017 primarily represented relief of unused benefits, changes in fair value and foreign currency fluctuations. The remaining restructuring balance of $1.2 million at December 31, 2018 is composed of non-cancelable lease costs, which we expect to pay over the terms of the related obligations through the fourth quarter of 2024, net of sublease income. 110 7. Deferred Commissions We adopted ASC 606 on full retrospective basis as of January 1, 2016. We capitalize most of our commission expenses and related payroll taxes and amortize them on a systematic basis that is consistent with the transfer to the customer of the goods or services to which the asset relates. Changes in the balance of total deferred commissions for the periods presented are as follows (in thousands): As of December 31, 2016 Commissions capitalized Commissions recognized As of December 31, 2017 Commissions capitalized Commissions recognized As of December 31, 2018 8. Deferred Revenue Year Ended December 31, 2018 $ 94,124 42,323 (49,668) $ 86,779 77,319 (63,441) $100,657 Deferred revenue consisted of the following (in thousands): Product, subscription and support, current Professional services, current Total deferred revenue, current Product, subscription and support, non-current Professional services, non-current Total deferred revenue, non-current Total deferred revenue As of December 31, 2018 As of December 31, 2017* $492,109 64,706 $556,815 375,915 2,098 $378,013 $934,828 $496,218 50,397 $546,615 363,313 172 $363,485 $910,100 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. Changes in the balance of deferred revenue for the periods presented are as follows (in thousands): A n n u a l R e p o r t As of December 31, 2016* Billings for the period Revenue recognized As of December 31, 2017* Billings for the period Revenue recognized As of December 31, 2018 Deferred Revenue $ 927,749 761,999 (779,648) $ 910,100 855,678 (830,950) $ 934,828 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. 111 Remaining Performance Obligations Transaction price allocated to remaining performance obligations represents contracted revenue that has not yet been recognized, which includes deferred revenue and non-cancelable contracts that will be invoiced and recognized as revenue in future periods (“backlog”). While deferred revenue is recorded on our balance sheet as a liability, backlog is not recorded in revenue, deferred revenue or elsewhere in our consolidated financial statements until we establish a contractual right to invoice, at which point it is recorded as revenue or deferred revenue as appropriate. As of December 31, 2018, the aggregate amount of the transaction price allocated to remaining performance obligations was $934.8 million in deferred revenue and $26.9 million in backlog. We have used the practical expedient to not disclose backlog related to the comparative period under ASC 606. We expect that the amount of backlog relative to the total value of our contracts will change from year to year due to several factors, including the amount invoiced early in the contract term, the timing and duration of customer agreements, varying invoicing cycles of agreements and changes in customer financial circumstances. Accordingly, we believe that fluctuations in backlog are not always a reliable indicator of future revenues and we do not utilize backlog internally as a key management metric. We expect to recognize these remaining performance obligations as follows (in percentages): Deferred revenue Backlog 9. Convertible Senior Notes Convertible Senior Notes due 2024 Total 100% 100% Less than 1 year 1-2 years 2-3 years More than 3 years 60% 37% 25% 34% 12% 21% 3% 8% to qualified institutional purchasers pursuant On May 24, 2018, we issued $525.0 million aggregate principal amount of the 2024 Notes in a private placement to an exemption from registration provided by Section 4(a)(2) and Rule 144A under the Securities Act. In addition, on June 5, 2018, we issued an additional $75.0 million aggregate principal amount of the 2024 Notes pursuant to the full exercise of the initial purchasers’ option to purchase additional 2024 Notes, in a private placement exempt from the registration requirements of the Securities Act. The net proceeds from the offerings, after deducting the initial purchasers’ discount of approximately $15.0 million and the issuance costs of approximately $0.6 million, were $584.4 million. We used (i) approximately $330.4 million of the net proceeds to repurchase approximately $340.2 million in aggregate principal amount outstanding of the Series A Notes in negotiated transactions with institutional investors and (ii) approximately $65.2 million of the net proceeds from the offering of the 2024 Notes to enter into the Capped Calls (as defined below). The 2024 Notes are unsecured obligations and rank senior in right of payment to any of our indebtedness that is expressly subordinated in right of payment to the 2024 Notes. They rank equally in right of payment with all of our existing and future liabilities that are not expressly subordinated to the 2024 Notes including the Series A Notes and the Series B Notes (as defined below); and effectively rank junior in right of payment to any of our secured indebtedness to the extent of the value of the assets securing such indebtedness. The 2024 Notes are structurally junior to all indebtedness and other liabilities (including trade payables) of our subsidiaries. The 2024 Notes do not contain any financial covenants and do not restrict us from paying dividends or issuing or repurchasing other securities. The 2024 Notes bear interest at 0.875% per year, payable semiannually in arrears on June 1 and December 1 of each year, beginning December 1, 2018. The 2024 Notes mature on June 1, 2024, unless earlier repurchased, redeemed or converted. 112 The initial conversion rate of the 2024 Notes is 43.1667 shares of our common stock per $1,000 of principal amount of the 2024 Notes, which is equivalent to an initial conversion price of approximately $23.17 per share of common stock. The conversion rate of the 2024 Notes may be adjusted pursuant to the terms of the indenture governing the 2024 Notes upon the occurrence of certain specified events, but not for accrued and unpaid interest. Holders may convert the 2024 Notes at their option in multiples of $1,000 principal amount prior to the business day preceding March 1, 2024, only under the following circumstances: • • • • during any calendar quarter commencing after the calendar quarter ended on September 30, 2018 (and only during such calendar quarter), if the last reported sale price of the common stock for at least 20 trading days (whether or not consecutive) during a period of 30 consecutive trading days ending on the last trading day of the immediately preceding calendar quarter is greater than or equal to 130% of the conversion price of the 2024 Notes on each applicable trading day; during the five business day period after any five consecutive trading day period (the “measurement period”) in which the trading price per $1,000 principal amount of the 2024 Notes for each trading day of the measurement period was less than 98% of the product of the last reported sale price of our common stock and the conversion rate for the notes on each such trading day; if we call any or all of the 2024 Notes for redemption, at any time prior to the close of business on the scheduled trading day immediately preceding the relevant redemption date; or upon the occurrence of specified corporate events, as specified in each indenture governing the 2024 Notes. Regardless of the foregoing conditions, holders may convert their 2024 Notes at their option in multiples of $1,000 principal amount during the period from, and including, March 1, 2024 to the close of business on the second scheduled trading day immediately preceding the maturity date. Upon conversion, the 2024 Notes can be settled in cash, shares of our common stock or any combination of cash and shares of common stock at our option. Holders may also require us to repurchase the 2024 Notes if we undergo a “fundamental change,” as defined in each indenture governing the 2024 Notes, at a repurchase price equal to 100% of the principal amount, plus accrued and unpaid interest to, but excluding, the fundamental change repurchase date. Additionally, we may redeem for cash all or any portion of the 2024 Notes on or after June 5, 2021, if the last reported sale price of our common stock has been at least 130% of the conversion price of the 2024 Notes then in effect for at least 20 trading days (whether or not consecutive) during any 30 consecutive trading day period (including the last trading day of such period) immediately preceding the date on which we provide notice of redemption at a redemption price equal to 100% of the principal amount of the notes to be redeemed, plus any accrued and unpaid interest to, but excluding, the redemption date. As of December 31, 2018, none of the conditions permitting holders to convert their 2024 Notes had been satisfied and no shares of our common stock had been issued in connection with any conversions of the 2024 Notes. Based on the closing price of our common stock of $16.21 per share on December 31, 2018, the conversion value of the 2024 Notes was less than the principal amount of the 2024 Notes outstanding on a per 2024 Note basis. In accordance with accounting for debt with conversions and other options, we bifurcated the principal amount of the 2024 Notes into liability and equity components. The initial liability component of the 2024 Notes was valued at $458.3 million based on the contractual cash flows discounted at an appropriate comparable market non-convertible debt borrowing rate at the date of issuance of 5.5% with the equity component representing the residual amount of the proceeds of $141.7 million, which was recorded as a debt discount. Issuance costs were 113 A n n u a l R e p o r t allocated pro rata based on the relative initial carrying amounts of the liability and equity components. As a result, transaction costs of $0.5 million and $0.1 million and initial purchasers’ discount of $11.5 million and $3.5 million were attributable to the liability component and equity component of the 2024 Notes, respectively. The debt discount and the issuance costs allocated to the liability component are amortized as additional interest expense over the term of the 2024 Notes using the effective interest method as noted in the table below. The liability and equity components of the 2024 Notes consisted of the following (in thousands): Liability component: Principal Less: 2024 Notes debt discounts and issuance costs, net of amortization Net carrying amount Equity component, net of issuance costs As of December 31, 2018 2024 Notes $ 600,000 (140,239) $ 459,761 $ 138,064 The unamortized issuance costs as of December 31, 2018 will be amortized over a weighted-average remaining period of approximately 5.4 years. Interest expense for the year ended December 31, 2018 related to the 2024 Notes consisted of the following (dollars in thousands): Coupon interest Amortization of 2024 Notes debt discounts and issuance costs Total interest expense recognized Effective interest rate on the liability component Year Ended December 31, 2018 2024 Notes $ 3,145 13,420 $16,565 5.6% In connection with the 2024 Notes offering, the Company entered into capped call transactions (the “Capped Calls”) with certain counterparties affiliated with the initial purchasers of the 2024 Notes. The Capped Calls are expected to reduce potential dilution of earnings per share upon conversion of the 2024 Notes, and have an initial strike price of $23.17 per share, which corresponds to the initial conversion price of the 2024 Notes and which have a cap price of $34.32 per share. The Capped Calls do not meet the criteria for separate accounting as a derivative as they are indexed to our own stock and are accounted for as freestanding financial instruments. The premiums paid for the purchase of the Capped Calls in the amount of $65.2 million have been recorded as a reduction of the Company’s additional paid-in capital in stockholder’s equity in the accompanying Consolidated Financial Statements and fair values of the Capped Calls are not re-measured at each reporting period. Convertible Senior Notes due 2035 In June 2015, we issued $460.0 million principal amount of Series A Notes and $460.0 million principal amount of 1.625% Convertible Senior Notes due 2035 (the “Series B Notes” and together with the Series A Notes, the “2035 Notes”, and the 2035 Notes, together with the 2024 Notes, the “Convertible Senior Notes”), including the full exercise of the initial purchasers’ over-allotment option, in a private placement to qualified institutional purchasers pursuant to an exemption from registration provided by Section 4(a)(2) and Rule 144A under the Securities Act. The net proceeds after the initial purchasers’ discount of $23.0 million and issuance costs of $0.5 million from the 2035 Notes were $896.5 million. The Series A Notes and Series B Notes bear 114 interest at 1.000% per year and 1.625% per year, respectively, payable semiannually in arrears on June 1 and December 1 of each year, beginning December 1, 2015. The 2035 Notes mature on June 1, 2035, unless earlier repurchased, redeemed or converted. The 2035 Notes are unsecured obligations and rank senior in right of payment to any of our indebtedness that is expressly subordinated in right of payment to the 2035 Notes. They rank equally in right of payment with all of our existing and future liabilities that are not expressly subordinated to the 2035 Notes and effectively rank junior in right of payment to any of our secured indebtedness to the extent of the value of the assets securing such indebtedness. They are structurally junior to all indebtedness and other liabilities (including trade payables) of our subsidiaries. The 2035 Notes do not contain any financial covenants and do not restrict us from paying dividends or issuing or repurchasing our other securities. The initial conversion rate on each series of 2035 Notes is 16.4572 shares of our common stock per $1,000 principal amount of 2035 Notes, which is equivalent to an initial conversion price of approximately $60.76 per share of common stock. The conversion rate of each series of 2035 Notes may be adjusted upon the occurrence of certain specified events, but not for accrued and unpaid interest. Holders may convert the 2035 Notes at their option in multiples of $1,000 principal amount prior to March 1, 2035, excluding the period from March 1, 2020 to June 1, 2020 in the case of the Series A Notes and March 1, 2022 to June 1, 2022 in the case of the Series B Notes, only under the following circumstances: • • • • during any calendar quarter commencing after the calendar quarter ended on September 30, 2015 (and only during such calendar quarter), if the last reported sale price of the common stock for at least 20 trading days (whether or not consecutive) during a period of 30 consecutive trading days ending on the last trading day of the immediately preceding calendar quarter is greater than or equal to 130% of the conversion price for the 2035 Notes of the relevant series on each applicable trading day; during the five business day period after any five consecutive trading day period in which the trading price per $1,000 principal amount of Series A Notes or Series B Notes, as applicable, for each trading day of the measurement period was less than 98% of the product of the last reported sale price of our common stock and the conversion rate for the notes of the relevant series on each such trading day; if we call any or all of the 2035 Notes of a series for redemption, at any time prior to the close of business on the scheduled trading day immediately preceding the relevant redemption date; or upon the occurrence of specified corporate events, as specified in each indenture governing the 2035 Notes. Regardless of the foregoing conditions, holders may convert their 2035 Notes at their option in multiples of $1,000 principal amount at any time during the period from March 1, 2020 to June 1, 2020 in the case of the Series A Notes and during the period from March 1, 2022 to June 1, 2022 in the case of the Series B Notes, or after March 1, 2035 until maturity for either series of 2035 Notes. Upon conversion, the 2035 Notes can be settled in cash, shares of our common stock or any combination thereof at our option. We may be required by holders of the 2035 Notes to repurchase all or any portion of their 2035 Notes at 100% of the principal amount plus accrued and unpaid interest, on each of June 1, 2020, June 1, 2025 and June 1, 2030, in the case of the Series A Notes, and each of June 1, 2022, June 1, 2025 and June 1, 2030 in the case of the Series B Notes. Holders may also require us to repurchase the 2035 Notes if we undergo a “fundamental change,” as defined in each indenture governing the 2035 Notes, at a purchase price equal to 100% of the principal amount, plus accrued and unpaid interest. Additionally, we may redeem for cash all or any portion of the Series B Notes on or after June 1, 2020 until June 1, 2022 if the last reported sale price of our common stock has been at least 130% of the conversion price 115 A n n u a l R e p o r t then in effect for at least 20 trading days (whether or not consecutive) during any 30 consecutive trading day period (including the last trading day of such period) ending not more than three trading days immediately preceding the date we provide notice of redemption. We also may redeem for cash all or any portion of the Series A Notes on or after June 1, 2020 until maturity and all or any portion of the Series B Notes on or after June 1, 2022 until maturity, regardless of the foregoing sale price condition. In accordance with accounting for debt with conversions and other options, we allocated the principal amount of the 2035 Notes into liability and equity components. We also allocated the total amount of initial purchasers’ discount and transaction costs incurred to the liability and equity components using the same proportions as the proceeds from the 2035 Notes. Transaction costs of $0.4 million and $0.1 million and initial purchasers’ discount of $17.6 million and $5.4 million were attributable to the liability component and equity component of the 2035 Notes, respectively. Repurchase of a portion of the Series A Notes the liability component In May 2018, we used approximately $330.4 million of the net proceeds from the offering of the 2024 Notes to repurchase $340.2 million in aggregate principal amount of the Series A Notes. The repurchase was accounted for as a partial extinguishment of the Series A Notes. The consideration of approximately $330.4 million used to repurchase the Series A Notes was allocated between the liability and equity components of the amount extinguished by determining the fair value of to the debt extinguishment and allocating that portion of the repurchase price to the liability component in the amount of $317.4 million. The residual of the repurchase price of $13.0 million was allocated to the equity component of the Series A Notes as a reduction of additional paid-in capital. The fair value of the debt extinguished was calculated using a discount rate of 4.5%, representing an estimate of the Company’s borrowing rate at the date of repurchase with a remaining expected life of two years. As part of the repurchase, we wrote-off a portion of the unamortized debt issuance cost apportioned to the principal amount of Series A Notes repurchased. We also recorded a loss on partial extinguishment of the Series A Notes of $10.8 million in Other Expense, net, representing the difference between the consideration attributed to the liability component and the sum of the net carrying amount of the liability component and unamortized costs. As of December 31, 2018, $119.8 million aggregate principal amount of the Series A Notes remains outstanding. immediately prior The liability and equity components of the 2035 Notes consisted of the following (in thousands): Liability component: Principal Less: 2035 Notes discounts and issuance costs, net of amortization Net carrying amount As of December 31, 2018 2017 Series A Notes Series B Notes Series A Notes Series B Notes $119,828 $460,000 $460,000 $460,000 (8,420) (68,592) (53,762) (86,660) $111,408 $391,408 $406,238 $373,340 Equity component, net of issuance costs $ 79,555 $117,834 $ 92,567 $117,834 The unamortized discounts and issuance costs as of December 31, 2018 will be amortized over a weighted- average remaining period of approximately 3.2 years. 116 Interest expense for the years ended December 31, 2018, 2017 and 2016 related to the 2035 Notes consisted of the following (in thousands): Coupon interest Amortization of 2035 Notes discounts and issuance costs Year Ended December 31, 2018 2017 2016 Series A Notes Series B Notes Series A Notes Series B Notes Series A Notes Series B Notes $ 2,537 $ 7,454 $ 4,600 $ 7,475 $ 4,600 $ 7,475 11,785 18,068 20,364 17,234 19,343 16,439 Total interest expense recognized $14,322 $25,522 $24,964 $24,709 $23,943 $23,914 Effective interest rate on the liability component 6.4% 6.8% 6.5% 6.9% 6.5% 7.0% Prepaid Forward Stock Purchase In connection with the issuance of the 2035 Notes, we also entered into privately negotiated prepaid forward transactions (the “Prepaid Forwards”) with one of the initial purchasers of the 2035 Notes (the “Forward Counterparty”), pursuant to which we paid approximately $150.0 million. The amount of the prepaid is equivalent to approximately 3.3 million shares which are to be settled on or around June 1, 2020 and June 1, 2022, respectively, subject to any early settlement, in whole or in part, of each Prepaid Forward. The Prepaid Forwards are intended to facilitate privately negotiated derivative transactions by which investors in the 2035 Notes will be able to hedge their investment in the 2035 Notes. In the event we pay any cash dividends on our common stock, the Forward Counterparty will pay an equivalent amount back to us. The related shares were accounted for as a repurchase of common stock, and are presented as Treasury Stock in the consolidated balance sheets. The 3.3 million shares of common stock purchased under the Prepaid Forwards are excluded from weighted-average shares outstanding for basic and diluted EPS purposes although they remain legally outstanding. 10. Commitments and Contingencies Leases We lease our facilities under various non-cancelable operating leases, which expire on various dates through the year ending December 31, 2027. Rent expense is recognized using the straight-line method over the term of the lease. Rent expense, net of sublease income, was $19.9 million, $19.5 million and $14.9 million for the years ended December 31, 2018, 2017 and 2016, respectively. The aggregate future non-cancelable minimum rental payments on our operating leases, as of December 31, A n n u a l R e p o r t 2018, are as follows (in thousands): Years Ending December 31, 2019 2020 2021 2022 2023 2024 and thereafter Total Amount $ 15,530 16,325 14,976 12,766 11,926 47,409 $118,932 Total future non-cancelable minimum rental payments have not been reduced by future minimum sublease rentals totaling $5.4 million. 117 We are party to letters of credit totaling $3.8 million and $3.3 million as of December 31, 2018 and 2017, respectively, issued primarily in support of operating leases for several of our facilities. These letters of credit are collateralized by a line with our bank. No amounts have been drawn against these letters of credit. Contract Manufacturer Commitments Our independent contract manufacturers procure components and assemble our products based on our forecasts. These forecasts are based on estimates of future demand for our products, which are in turn based on historical trends and an analysis from our sales and product marketing organizations, adjusted for overall market conditions. In order to reduce manufacturing lead times and plan for adequate supply, we may issue forecasts and orders for components and products that are non-cancelable. As of December 31, 2018 and 2017, we had non-cancelable open orders of $8.6 million and $11.6 million, respectively. We are required to record a liability for firm, non-cancelable and unconditional purchase commitments with contract manufacturers and suppliers for quantities in excess of our future demand forecasts. As of December 31, 2018, we have not incurred nor accrued any significant liabilities for such non-cancelable commitments. Purchase Obligations As of December 31, 2018, we had approximately $13.0 million of non-cancelable firm purchase commitments primarily for purchases of software and services. In situations where we have received delivery of the goods or services as of December 31, 2018 under purchase orders outstanding as of the same date, such amounts are reflected in the consolidated balance sheet as accounts payable or accrued liabilities, and are excluded from the $13.0 million. Litigation From time to time, we are involved in claims and legal proceedings that arise in the ordinary course of business. Any claims or proceedings against us, whether meritorious or not, could be time consuming, result in costly litigation, require significant amounts of management in the diversion of significant operational resources, or require us to enter into agreements which may not be available on terms favorable to us or at all. time, result To the extent there is a reasonable possibility that a loss exceeding amounts already recognized may be incurred, and the amount of such additional loss would be material, we will either disclose the estimated additional loss or state that such an estimate cannot be made. We do not currently believe that it is reasonably possible that additional losses in connection with litigation arising in the ordinary course of business would be material. Indemnification Under the indemnification provisions of our standard sales related contracts, we agree to defend our customers against third-party claims asserting infringement of certain intellectual property rights, which may include patents, copyrights, trademarks, or trade secrets, and to pay judgments entered on such claims. Our exposure under these indemnification provisions is generally limited to the total amount paid by our customer under the agreement. However, certain agreements include indemnification provisions that could potentially expose us to losses in excess of the amount received under the agreement. In addition, we indemnify our officers, directors, and certain key employees for actions taken while they are or were serving in good faith in such capacities. Through December 31, 2018, there have been no claims under any indemnification provisions. 11. Common Shares Reserved for Issuance Under our amended and restated certificate of incorporation, we are authorized to issue 100,000,000 shares of convertible preferred stock with a par value of $0.0001 per share, none of which were issued and outstanding as of December 31, 2018 or 2017. 118 Under our amended and restated certificate of incorporation, we are authorized to issue 1,000,000,000 shares of common stock with a par value of $0.0001 per share as of December 31, 2018 and 2017. Each share of common stock outstanding is entitled to one vote. The holders of common stock are also entitled to receive dividends whenever funds are legally available and when declared by our Board of Directors, subject to the prior rights of holders of all classes of convertible preferred stock outstanding. We had reserved shares of common stock for issuance as follows (in thousands): Reserved under stock award plans Convertible Senior Notes ESPP Total 12. Equity Award Plans As of December 31, 2018 2017 35,743 35,442 3,015 35,838 15,141 2,985 74,200 53,964 We have operated under our 2013 Equity Incentive Plan (“2013 Plan”) since our initial public offering (“IPO”) in September 2013. Our 2013 Plan provides for the issuance of restricted stock and the granting of options, stock appreciation rights, performance shares, performance units and restricted stock units to our employees, officers, directors and consultants. Our 2013 Plan provides for annual increases in the number of shares available for issuance on the first day of each fiscal year. Awards granted under the 2013 Plan vest over the periods determined by our Board of Directors or compensation committee of our Board of Directors, generally four years, and stock options granted under the 2013 Plan expire no more than ten years after the date of grant. In the case of an incentive stock option granted to an employee who at the time of grant owns stock representing more than 10% of the total combined voting power of all classes of stock, the exercise price shall be no less than 110% of the fair value per share on the date of grant, and the award shall expire five years from the date of grant. For options granted to any other employee, the per share exercise price shall be no less than 100% of the fair value per share on the date of grant. In the case of non-statutory stock options and options granted to consultants, the per share exercise price shall be no less than 100% of the fair value per share on the date of grant. Stock that is purchased prior to vesting is subject to our right of repurchase at any time following termination of the participant’s service for so long as such stock remains unvested. Approximately 12.2 million shares and 11.7 million shares of our common stock were reserved for future grants as of December 31, 2018 and 2017, respectively, under the 2013 Plan. As of January 1, 2019, an additional 9,980,579 shares of common stock became available for future grants under our 2013 Plan pursuant to provisions thereof that automatically increase the share reserve under such plan each year. Our ESPP allows eligible employees to acquire shares of our common stock at 85% of the lower of the fair market value of our common stock on the first trading day of each offering period or on the exercise date. Our ESPP provides for annual increases in the number of shares available for issuance on the first day of each fiscal year. An aggregate of 3,014,685 shares and 2,985,358 shares of common stock were available for future issuance as of December 31, 2018 and 2017, respectively, under our ESPP. As of January 1, 2018, an additional 1,996,115 shares of common stock became available for future issuance under our ESPP pursuant to the provisions thereof that automatically increase the share reserve under such plan each year. From time to time, we also grant restricted common stock or restricted stock awards outside of our equity incentive plans to certain employees in connection with acquisitions. A n n u a l R e p o r t 119 Stock Option Activity A summary of the activity for our stock option changes during the reporting periods and a summary of information related to options outstanding and options exercisable are presented below (in thousands, except per share amounts and contractual life years): Balance—December 31, 2015 Granted Exercised Cancelled Balance—December 31, 2016 Granted Exercised Cancelled Balance—December 31, 2017 Granted Exercised Cancelled Balance—December 31, 2018 Options exercisable—December 31, 2018 Options Outstanding Weighted- Average Exercise Price Weighted- Average Grant Date Fair Value (per share) Weighted- Average Contractual Life (years) Aggregate Intrinsic Value Number of Shares $— $— $— 11,494 — (2,459) (950) 8,085 — (3,295) (357) 4,433 — (946) (178) 3,309 3,309 $10.67 — 5.64 23.40 $10.70 — 5.81 35.89 $12.31 — 7.28 35.78 $12.49 $12.49 $23,343 26,716 9,588 $27,300 $27,300 4.1 4.1 The aggregate intrinsic value above represents the pre-tax difference between the exercise price of stock options and the quoted market price of our stock on that day for all in-the-money stock options. 120 Restricted Stock Award (RSA) and Restricted Stock Unit (RSU) Activity A summary of the activity for our restricted common stock, RSAs and RSUs during the reporting periods and a summary of information related to unvested restricted common stock, RSAs and RSUs and those expected to vest based on the achievement of a performance condition are presented below (in thousands, except per share amounts and contractual life years): Unvested balance—December 31, 2015 Granted Vested Cancelled Unvested balance—December 31, 2016 Granted Vested Cancelled Unvested balance—December 31, 2017 Granted Vested Cancelled Unvested balance—December 31, 2018 Unvested awards for which the requisite service period has not been rendered and vesting is subject to the achievement of a performance condition—December 31, 2018 Weighted- Average Grant Date Fair Value (per share) Weighted- Average Contractual Life (years) Aggregate Intrinsic Value $33.68 13.76 33.99 27.17 $22.23 12.59 21.56 17.10 $17.09 15.42 18.11 16.81 $15.53 1.2 $328,761 Number of Shares 20,054 12,711 (6,222) (6,660) 19,883 13,727 (7,316) (6,277) 20,017 12,209 (8,828) (3,117) 20,281 4,041 $15.68 0.67 $ 65,500 Included in the 12.7 million shares granted during the year ended December 31, 2016 are 3.6 million shares granted to employees from acquisitions consummated in 2016. During the years ended December 31, 2018, 2017 and 2016, we issued 1.3 million, 1.8 million and 3.0 million shares, respectively, of restricted common stock, restricted stock awards or restricted stock units to certain employees which vest upon the achievement of certain performance conditions in addition to a continued service relationship with the Company. A n n u a l R e p o r t Stock-Based Compensation We record stock-based compensation based on the fair value as determined on the date granted. We determine the fair value of stock options and shares of common stock to be issued under the ESPP using the Black-Scholes option-pricing model. The fair value of restricted stock units and restricted stock awards equals the market value of the underlying stock on the date of grant. We grant performance-based restricted stock units and restricted stock awards to certain employees which vest upon the achievement of certain performance conditions, subject to the employees’ continued service relationship with us. With respect to performance-based restricted stock units, we assess the probability of vesting at each reporting period and adjust our compensation cost based on this probability assessment. We recognize such compensation expense on a straight-line basis over the service provider’s requisite service period. We determined valuation assumptions as follows: Fair Value of Common Stock We use the listed stock price on the date of grant as the fair value of our common stock. 121 Risk-Free Interest Rate We base the risk-free interest rate used in the Black-Scholes option-pricing model on the implied yield available on U.S. Treasury zero-coupon issues with an equivalent expected term of the options for each option group. Expected Term The expected term represents the period that our stock-based awards are expected to be outstanding. We base the expected term assumption on our historical experience combined with estimates of post-vesting holding periods. Volatility We determine the price volatility factor based on the historical volatilities of our peer group as we do not have sufficient trading history for our common stock. Dividend Yield The expected dividend assumption is based on our current expectations about our anticipated dividend policy. The following table summarizes the assumptions used in the Black-Scholes option-pricing model to determine the fair value of our common shares under the ESPP: Year Ended December 31, 2018 2017 2016 Fair value of common stock Risk-free interest rate Expected term (in years) Volatility Dividend yield $16.69 – $20.01 $14.14 – $15.65 $13.12 – $14.12 2.08% – 2.70% 1.05% – 1.62% 0.38% – 0.79% 0.5 – 1.0 29% – 52% —% 0.5 – 1.0 57% – 63% —% 0.5 – 1.0 32% – 38% —% Stock-based compensation expense related to stock options, ESPP and restricted stock units and awards is included in the consolidated statements of operations as follows (in thousands): Cost of product, subscription and support revenue Cost of professional services revenue Research and development Sales and marketing General and administrative Restructuring Total Year Ended December 31, 2018 2017 2016 $ 14,178 14,184 49,503 47,592 28,218 — $ 18,249 14,407 56,720 46,766 30,194 — $ 16,684 15,219 64,755 57,750 43,343 1,144 $153,675 $166,336 $198,895 As of December 31, 2018, total compensation cost related to stock-based awards not yet recognized was $229.3 million, which is expected to be amortized on a straight-line basis over the weighted-average remaining vesting period of approximately 2.5 years. 122 13. Income Taxes Loss before income taxes consisted of the following (in thousands): United States Foreign Total Year Ended December 31, 2018 2017* 2016* $(119,886) $(110,011) $(283,875) (210,281) (170,541) (117,713) $(237,599) $(280,552) $(494,156) * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. The provision for (benefit from) income taxes consisted of the following (in thousands): Year Ended December 31, 2018 2017 2016 Federal: Current Deferred State: Current Deferred Foreign: Current Deferred Total $ — $ — $ — (310) (429) (10,941) 109 (194) — 2 49 (1,384) 6,502 (464) 5,917 (977) 3,156 399 $5,524 $4,632 $ (8,721) Reconciliation of the federal statutory income tax rate to the effective tax rate is as follows: Federal statutory rate Effect of: State taxes, net of federal tax benefit Change in valuation allowance Research and development tax credit Stock-based compensation Impact of foreign tax differential Non-deductible/non-taxable items Impact of Tax Act Other, net Total Year Ended December 31, 2018 2017 2016 21.0% 35.0% 35.0% — (10.0) 1.6 (2.4) (11.5) (0.2) — (0.8) — 7.4 1.0 0.5 (20.6) (0.4) (24.0) (0.5) 0.3 (16.3) 1.1 (2.8) (14.7) (0.8) — — (2.3)% (1.6)% 1.8% A n n u a l R e p o r t 123 The components of the deferred tax assets and liabilities are as follows (in thousands): Deferred tax assets: Net operating loss carryforwards Accruals and reserves Stock-based compensation Fixed assets Deferred revenue Research and development credits Other deferred tax assets Gross deferred tax assets Valuation allowance Total deferred tax assets Deferred tax liabilities: Accruals and reserves Acquisition related intangibles Fixed Assets Convertible senior notes Other deferred tax liabilities Deferred Commissions Total deferred tax liabilities Total net deferred tax assets As of December 31, 2018 2017* $ 133,484 14,783 14,238 — 97,863 44,695 1,494 $ 143,791 8,289 22,345 7,727 82,419 37,474 1,325 306,557 (193,265) 303,370 (202,336) 113,292 101,034 (5,447) (34,293) (4,981) (48,786) — (17,089) (5,382) (45,521) — (31,877) — (15,867) (110,596) (98,647) $ 2,696 $ 2,387 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. On December 22, 2017, the U.S. government enacted comprehensive tax legislation commonly referred to as the Tax Act. The Tax Act includes a provision to tax GILTI of foreign subsidiaries and a base erosion abuse tax measure that taxes certain payments between a U.S. corporation and its foreign subsidiaries. Under U.S. GAAP, we can make an accounting policy election to either treat taxes due on the GILTI inclusion as a current period expense or factor such amounts into our measurement of deferred taxes. We have elected the current period expense method. The SEC staff issued Staff Accounting Bulletin No. 118 (“SAB 118”) which provides for a measurement period of up to one year after the enactment date of the Tax Act to finalize the related income tax impacts. In accordance with SAB 118, we provided our best estimate of the impact of the Tax Act in the period ended December 31, 2017. We remeasured our existing net U.S. deferred tax assets using the enacted tax rate and other known significant changes to the tax code. This remeasurement resulted in a total decrease in these assets by $71.7 million which was fully offset by the decrease in valuation allowance. In addition, we recorded a $0.3 million tax benefit related to the release of valuation allowance on AMT credit carryovers because under the Tax Act, existing AMT credits are refundable from 2018 through 2021. As a result of cumulative overall foreign losses, we did not incur the one-time transition tax. As of December 31, 2018, we have completed the accounting for the Tax Act within the measurement period. Our current period adjustments related to the estimated items were immaterial. A valuation allowance is provided when it is more likely than not that the deferred tax asset will not be realized. The valuation allowance decreased by approximately $9.1 million during the year ended December 31, 2018, primarily as a result of the additional net deferred tax liability adjusted under convertible debt and deferred revenue that is recorded during the year. 124 As of December 31, 2018, we had federal and state net operating loss carry forwards of approximately $513.7 million and $583.9 million, respectively, available to reduce future taxable income, if any. If not utilized, the federal net operating loss carry forwards will expire from the years ending December 31, 2028 through 2037 while state net operating loss carry forwards will expire from the years ending December 31, 2019 through 2037. As of December 31, 2018, we also had federal and state research and development tax credit carry forwards of approximately $30.3 million and $18.1 million, respectively. If not utilized, the federal credit carry forwards will expire in various amounts from the years ended December 31, 2024 through 2038. The state credit will expire from the year ended December 31, 2037. Utilization of the net operating loss carry forwards and credits may be subject to an annual limitation due to the ownership change limitations provided by the Internal Revenue Code of 1986, as amended, and similar state provisions. The annual limitation may result in the expiration of net operating losses and credits before utilization. In May 2014, the FASB issued ASU No. 2014-09, Revenue from Contracts with Customers (Topic 606). This standard provides a single model for revenue arising from contracts with customers and supersedes current revenue recognition guidance. The core principle of the guidance is that an entity should recognize revenue to depict the transfer of promised goods or services to customers in an amount that reflects the consideration to which the entity expects to be entitled in exchange for those goods or services. We adopted the standard effective January 1, 2018 retrospectively. As a result, the table of deferred tax assets shown above includes deferred tax assets and liabilities as of December 31, 2017 that arose directly from the adoption of ASC 606, which is offset with additional valuation allowance. As of December 31, 2018, we had $42.5 million of unrecognized tax benefits, of which if recognized, $1.8 million would affect our effective tax rate. We file income tax returns in U.S. federal, state and foreign jurisdictions. As we have net operating loss carry forwards for U.S. federal and state jurisdictions, the statute of limitations is open for all tax years. For foreign jurisdictions, the tax years open to examination include the years 2014 and forward. We recognize both interest and penalties associated with uncertain tax positions as a component of income tax expense. During the year ended December 31, 2018 we recognized interest and penalties of $151,000. During the years ended December 31, 2017 and 2016, we recognized a $36,000 increase and $31,000 decrease to interest and penalties, respectively. As of December 31, 2018 and 2017, our total accrual for interest and penalties was $554,000 and $403,000, respectively. As of December 31, 2018, we believe it is reasonably possible that our unrecognized tax benefits will decrease by approximately $0.3 million in the next 12 months due to potential foreign tax return filing. A reconciliation of gross unrecognized tax benefits is as follows (in thousands): Unrecognized tax benefits at the beginning of the period Additions for tax positions related to the current year Increases related to prior year tax positions Decreases related to prior year tax positions Decreases based on settlements with taxing authorities Lapse of statute of limitations Unrecognized tax benefits at the end of the period Year Ended December 31, 2018 2017 2016 $39,387 2,651 501 — — (49) $ 43,637 10,780 — (14,955) — (75) $31,902 12,435 561 (1,213) (48) — $42,490 $ 39,387 $43,637 As of December 31, 2018, we have not made any tax provision for U.S. income taxes on approximately $36.5 million of earnings in certain foreign subsidiaries as a result of cumulative and current overall foreign 125 A n n u a l R e p o r t losses. We expect to reinvest these earnings outside of the U.S. indefinitely. If we were to distribute these earnings to the U.S., we could be subject to U.S. income taxes and foreign withholding taxes. Determination of the amount of unrecognized deferred tax liability related to these earnings is not practicable. 14. Net Loss per Share Basic net loss per share is calculated by dividing net loss by the weighted average number of common shares outstanding during the period, less shares subject to repurchase, and excludes any dilutive effects of employee share based awards and options. Diluted net income per common share is computed giving effect to all potentially dilutive common shares, including common stock issuable upon exercise of stock options, conversion of the Convertible Senior Notes and unvested restricted common stock and stock units. As we had net losses for the years ended December 31, 2018, 2017 and 2016, all potential common shares were excluded as they were determined to be anti-dilutive. The following table sets forth the computation of net loss per common share (in thousands, except per share amounts): Numerator: Net loss Denominator: Year Ended December 31, 2018 2017* 2016* $(243,123) $(285,184) $(485,435) Weighted average number of shares outstanding—basic and diluted 190,803 177,757 163,211 Net loss per share—basic and diluted $ (1.27) $ (1.60) $ (2.97) * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. See Note 1 for impact of adoption. The following outstanding options, unvested shares and units, ESPP shares, shares issuable upon the conversion of our Convertible Senior Notes and shares contingently issuable were excluded (as common stock equivalents) from the computation of diluted net loss per common share for the periods presented as their effect would have been anti-dilutive (in thousands): Options to purchase common stock Unvested restricted stock awards and units Convertible senior notes iSIGHT earn-out contingently issuable shares ESPP shares 15. Employee Benefit Plan 401(k) Plan As of December 31, 2018 3,309 20,281 35,442 — 160 2017 4,433 20,017 15,141 — 166 2016 8,085 19,883 15,141 1,793 314 We have established a 401(k) tax-deferred savings plan (the “401(k) Plan”) which permits participants to make contributions by salary deduction pursuant to Section 401(k) of the Internal Revenue Code of 1986, as amended. All participants’ interests in their deferrals are 100% vested when contributed. We are responsible for administrative costs of the 401(k) Plan and have made no matching contributions into our 401(k) Plan since inception. Under the 401(k) Plan, pre-tax contributions are allocated to each participant’s individual account and are then invested in selected investment alternatives according to the participants’ directions. The 401(k) Plan is 126 intended to qualify under Sections 401(a) and 501(a) of the Code. As a tax-qualified retirement plan, contributions to the 401(k) Plan and earnings on those contributions are not taxable to the employees until distributed, and all contributions are deductible by us when and if made. 16. Segment and Major Customers Information Disaggregation of revenue by geography We conduct business globally and are primarily managed on a geographic basis. Our Chief Executive Officer, who is our chief operating decision maker, reviews financial information presented on a consolidated basis accompanied by information about revenue by geographic region for purposes of allocating resources and evaluating financial performance. We define our regions into United States (“U.S.”), Europe, the Middle East, and Africa (“EMEA”), Asia Pacific and Japan (“APAC”), and all remaining geographies (primarily Latin America and Canada) included in Others. There are no segment managers who are held accountable for operations, operating results, and plans for levels, components, or types of products or services below the consolidated unit level. Accordingly, we are considered to be in a single reportable segment and operating unit structure. Revenue by geographic region based on the billing address is as follows (in thousands): US EMEA APAC Other Total revenue Year Ended December 31, 2018 2017* 2016* $523,150 135,736 122,516 49,548 $521,232 116,205 105,196 37,015 $490,802 93,832 90,682 30,679 $830,950 $779,648 $705,995 A n n u a l R e p o r t * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. We generate revenue from sales of our network, email and endpoint security solutions, network forensics appliances, security orchestration software, cloud threat intelligence and analytics subscriptions, managed security service and our professional services. We disaggregate our revenue into two main categories: (i) product, subscription, and support and (ii) professional services. Within the Product, subscription and support category, we provide supplemental data to distinguish between solutions that are deployed on-premise (or in hybrid on-premise/cloud configurations), and solutions and managed services that are delivered entirely through the cloud. Security solutions deployed on-premise (or in hybrid on-premise/cloud configurations) are included in the Product and related subscription and support sub-category, and solutions without an on-premise component are included in the Cloud subscription and managed services sub-category. Revenue in Product and related subscription and support sub-category consists primarily of revenue from sales of our network, email and endpoint security solutions that are deployed on the customer’s premise, either as an integrated security appliance or in distributed hybrid on-premise/cloud configurations. Both deployment options are available on pre-configured appliance hardware or as virtual appliance software, and include FireEye intelligence-driven analysis (“IDA”) and, Multi-vector Virtual Execution (“MVX”) software, our Dynamic Threat Intelligence (DTI) cloud updates and support services. To complement our product, subscription and support solutions, we offer professional services, including incident response and other security consulting services, to our customers who have experienced a cyber security breach or desire assistance assessing the resilience of their information systems infrastructure. The majority our professional services are offered on a time and materials basis, through a fixed fee arrangement, or on a retainer 127 basis. Revenue from professional services is recognized as services are delivered. Revenue from our Expertise-on-Demand micro-services and some pre-paid professional services is deferred, and revenue is recognized when services are delivered. The following table depicts the disaggregation of revenue according to revenue type and is consistent with how we evaluate our financial performance (in thousands): Revenue by Category Product and related subscription and support Cloud subscription and managed services Professional services Total revenue Year Ended December 31, 2018 2017* 2016* $498,992 188,390 143,568 $479,521 166,444 133,683 $437,238 147,647 121,110 $830,950 $779,648 $705,995 * Certain prior period amounts have been adjusted as a result of adoption of ASC 606. Long lived assets by geography Long lived assets by geographic region based on physical location is as follows (in thousands): Property and Equipment, net: United States International Total property and equipment, net As of December 31, 2018 2017 $80,313 8,850 $60,202 11,155 $89,163 $71,357 For the years ended December 31, 2018, 2017 and 2016, one distributor represented 20%, 19% and 19%, respectively, and one reseller represented 15%, 13% and 12%, respectively, of the Company’s total revenue. As of December 31, 2018 and 2017, no customer represented 10% or more of the Company’s net accounts receivable balance. 128 Item 9. Changes in and Disagreements With Accountants on Accounting and Financial Disclosure None. Item 9A. Controls and Procedures Limitations on Effectiveness of Controls In designing and evaluating our disclosure controls and procedures, management recognizes that any controls and procedures, no matter how well designed and operated, can provide only reasonable assurance of achieving the desired control objectives. In addition, the design of disclosure controls and procedures must reflect the fact that there are resource constraints and that management is required to apply its judgment in evaluating the benefits of possible controls and procedures relative to their costs. Evaluation of Disclosure Controls and Procedures Our management, with the participation of our Chief Executive Officer and Chief Financial Officer, evaluated the effectiveness of our disclosure controls and procedures as of December 31, 2018. The term “disclosure controls and procedures,” as defined in Rule 13a-15(e) under the Securities Exchange Act of 1934, as amended (or the “Exchange Act”), means controls and other procedures of a company that are designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the SEC’s rules and forms. Disclosure controls and procedures include, without limitation, controls and procedures designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is accumulated and communicated to management, including our principal executive and principal financial officers, as appropriate to allow timely decisions regarding required disclosure. Based on our evaluation, our chief executive officer and chief financial officer concluded that, as of December 31, 2018, our disclosure controls and procedures were effective at the reasonable assurance level. Management’s Annual Report on Internal Control Over Financial Reporting Management is responsible for establishing and maintaining adequate internal control over financial reporting as defined in Rule 13a-15(f) under the Securities Exchange Act of 1934. Under the supervision and with the participation of our management, including our principal executive officer and principal financial officer, we conducted an evaluation of the effectiveness of our internal control over financial reporting as of December 31, 2018 based on the criteria related to internal control over financial reporting described in Internal Control - Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission. Based on our evaluation, management concluded that our internal control over financial reporting was effective as of December 31, 2018. Deloitte & Touche LLP, the independent registered public accounting firm that audited the consolidated financial statements included in this Form 10-K, has issued a report, included herein, on the effectiveness of the Company’s internal control over financial reporting as of December 31, 2018. Changes in Internal Control over Financial Reporting There were no changes in our internal control over financial reporting identified in connection with the evaluation required by Rule 13a-15(d) and 15d-15(d) of the Exchange Act that occurred during the quarter ended December 31, 2018 that have materially affected, or are reasonably likely to materially affect, our internal control over financial reporting. 129 A n n u a l R e p o r t REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM To the Stockholders and the Board of Directors of FireEye, Inc. Opinion on Internal Control over Financial Reporting We have audited the internal control over financial reporting of FireEye, Inc. and subsidiaries (the “Company”) as of December 31, 2018, based on criteria established in Internal Control-Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). In our opinion, the Company maintained, in all material respects, effective internal control over financial reporting as of December 31, 2018, based on criteria established in Internal Control-Integrated Framework (2013) issued by COSO. We have also audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States) (PCAOB), the consolidated financial statements as of and for the year ended December 31, 2018, of the Company and our report dated February 22, 2019, expressed an unqualified opinion on those financial statements and included an explanatory paragraph related to the Company’s change in method of accounting for revenue in fiscal year 2018 due to the adoption of ASC 606. Basis for Opinion The Company’s management is responsible for maintaining effective internal control over financial reporting and for its assessment of the effectiveness of internal control over financial reporting, included in the accompanying Management’s Annual Report on Internal Control Over Financial Reporting. Our responsibility is to express an opinion on the Company’s internal control over financial reporting based on our audit. We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB. We conducted our audit in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects. Our audit included obtaining an understanding of internal control over financial reporting, assessing the risk that a material weakness exists, testing and evaluating the design and operating effectiveness of internal control based on the assessed risk, and performing such other procedures as we considered necessary in the circumstances. We believe that our audit provides a reasonable basis for our opinion. Definition and Limitations of Internal Control over Financial Reporting A company’s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company’s internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the company; and (3) provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the company’s assets that could have a material effect on the financial statements. Because of its inherent internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate. limitations, /s/ DELOITTE & TOUCHE LLP San Jose, California February 22, 2019 130 Item 9B. Other Information None. A n n u a l R e p o r t 131 PART III Item 10. Directors, Executive Officers and Corporate Governance The information required by this item is incorporated by reference to our Proxy Statement for our 2019 Annual Meeting of Stockholders to be filed with the SEC within 120 days after the end of the fiscal year ended December 31, 2018. As part of our system of corporate governance, our board of directors has adopted a code of business conduct and ethics. The code applies to all of our employees, officers (including our principal executive officer, principal financial officer, principal accounting officer or controller, or persons performing similar functions), agents and representatives, including our independent directors and consultants, who are not employees of ours, with regard to their FireEye-related activities. Our code of business conduct and ethics is available on our website at www.fireeye.com in the Corporate Governance section of our Investor Relations webpage. We will post on this section of our website any amendment to our code of business conduct and ethics, as well as any waivers of our code of business conduct and ethics, that are required to be disclosed by the rules of the SEC or the NASDAQ Stock Market. The information on our website is not incorporated by reference into this Annual Report on Form 10-K Item 11. Executive Compensation The information required by this item is incorporated by reference to our Proxy Statement for our 2019 Annual Meeting of Stockholders to be filed with the SEC within 120 days after the end of the fiscal year ended December 31, 2018. Item 12. Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters The information required by this item is incorporated by reference to our Proxy Statement for our 2019 Annual Meeting of Stockholders to be filed with the SEC within 120 days after the end of the fiscal year ended December 31, 2018. Item 13. Certain Relationships and Related Transactions, and Director Independence The information required by this item is incorporated by reference to our Proxy Statement for our 2019 Annual Meeting of Stockholders to be filed with the SEC within 120 days after the end of the fiscal year ended December 31, 2018. Item 14. Principal Accountant Fees and Services The information required by this item is incorporated by reference to our Proxy Statement for our 2019 Annual Meeting of Stockholders to be filed with the SEC within 120 days after the end of the fiscal year ended December 31, 2018. 132 PART IV Item 15. Exhibits, Financial Statement Schedules Documents filed as part of this report are as follows: 1. Consolidated Financial Statements: Our Consolidated Financial Statements are listed in the “Index to Consolidated Financial Statements” in Part II, Item 8 of this Annual Report on Form 10-K. 2. Financial Statement Schedules: Schedule II—Valuation and Qualifying Accounts is included below, and should be read in conjunction with the Consolidated Financial Statements included in Part II, Item 8 of this Annual Report on Form 10-K. All other schedules have been omitted because they are not required, not applicable, or the required information is included elsewhere in this Annual Report on Form 10-K. 3. Exhibits Required by Item 601 of Regulation S-K: Exhibit No. Description of Exhibit Form File No. Exhibit Filing Date Incorporated by Reference 3.1 3.2 4.1 4.2 4.3 4.4 4.5 4.6 4.7 10.1† 10.2† 10.3† 10.4† Amended and Restated Certificate of Incorporation of the Registrant. Amended and Restated Bylaws of the Registrant. Form of the Registrant’s common stock certificate. Indenture, dated as of June 2, 2015, between the Registrant and U.S. Bank National Association. Form of Global 1.000% Convertible Senior Note due 2035 (included in Exhibit 4.2). Indenture, dated as of June 2, 2015, between the Registrant and U.S. Bank National Association. Form of Global 1.625% Convertible Senior Note due 2035 (included in Exhibit 4.4). Indenture, dated as of May 24, 2018, between the Registrant and U.S. Bank National Association. Form of Global 0.875% Convertible Senior Note due 2024 (included in Exhibit 4.6). Form of Indemnification Agreement between the Registrant and certain of its officers and directors. 8-K 001-36067 3.1 September 25, 2013 8-K 001-36067 3.1 August 4, 2016 S-1/A 333-190338 4.1 September 9, 2013 8-K 001-36067 4.1 June 5, 2015 8-K 001-36067 4.2 June 5, 2015 8-K 001-36067 4.3 June 5, 2015 8-K 001-36067 4.4 June 5, 2015 8-K 001-36067 4.1 May 25, 2018 8-K 001-36067 4.2 May 25, 2018 S-1 333-190338 10.1 August 2, 2013 Employee Incentive Plan. S-1 333-190338 10.17 August 2, 2013 Change of Control Severance Policy for Officers. 2008 Stock Plan, as amended, including form agreements under 2008 Stock Plan. S-1/A 333-190338 10.27 August 21, 2013 S-1/A 333-190338 10.6 September 9, 2013 133 A n n u a l R e p o r t Exhibit No. 10.5† Description of Exhibit 2013 Equity Incentive Plan, including form agreements under 2013 Equity Incentive Plan. 10.6† 10.7† 10.8† 10.09† 10.10† 10.11† 10.12† 10.13† 10.14† 10.15† 10.16† 10.17† 10.18† 10.19† 10.20† 10.21† 10.22 10.23 2013 Employee Stock Purchase Plan, as amended and restated as of August 2, 2016. Mandiant Corporation 2011 Equity Incentive Plan, as amended, including form agreements under Mandiant Corporation 2011 Equity Incentive Plan. Outside Director Compensation Policy, as amended and currently in effect. Offer Letter between the Registrant and Enrique Salem, dated February 2, 2013. Offer Letter between the Registrant and Ronald E. F. Codd, dated July 28, 2012. Offer Letter between the Registrant and Kimberly Alexy, dated December 12, 2014. Offer Letter between the Registrant and Stephen Pusey, dated June 12, 2015. Offer Letter between the Registrant and Robert E. Switz, dated September 11, 2017. Offer Letter between the Registrant and Adrian McDermott, dated January 25, 2019. Offer Letter between the Registrant and Alexa King, dated August 1, 2013. Offer Letter, between the Registrant and Kevin Mandia, dated December 24, 2013. Offer Letter between the Registrant and Travis Reese, dated June 27, 2016 Offer Letter between the Registrant and William Robbins, dated October 31, 2016. Offer Letter between the Registrant and Frank Verdecanna, dated February 20, 2018. Key Employee Non-Competition Agreement, dated as of December 30, 2013, by and between Kevin Mandia and the Registrant. Key Employee Non-Competition Agreement, dated as of December 30, 2013, by and between Travis Reese and the Registrant. Lease, dated as of August 4, 2016, by and between the Registrant and 601 McCarthy Owner, LLC. First Amendment, dated as of December 1, 2016, to the Lease dated as of August 4, 2016 by and between the Registrant and 601 McCarthy Owner, LLC. 134 Incorporated by Reference Form S-1/A 333-193717 File No. Exhibit 10.6 Filing Date March 3, 2014 10-Q 001-36067 10.1 November 4, 2016 S-1 333-193717 10.8 February 3, 2014 10-Q 001-36067 10.2 May 4, 2017 S-1 333-190338 10.11 August 2, 2013 S-1 333-190338 10.12 August 2, 2013 8-K 001-36067 10.1 January 8, 2015 8-K 001-36067 10.1 June 17, 2015 8-K 001-36067 10.1 September 13, 2017 8-K 001-36067 10.1 February 6, 2019 S-1/A 333-190338 10.16 August 21, 2013 8-K 001-36067 10.1 January 2, 2014 10-Q 001-36067 10.3 August 5, 2016 10-K 001-36067 10.21 February 24, 2017 10-K/A 001-36067 10.21 March 1, 2018 8-K 001-36067 10.3 January 2, 2014 10-Q 001-36067 10.4 August 5, 2016 8-K 001-36067 10.1 August 16, 2016 10-K/A 001-36067 10.26 March 1, 2018 Exhibit No. 10.24 10.25†† 10.26 10.27 10.28 10.29 10.30 10.31 10.32 10.33 21.1* 23.1* 24.1* 31.1* Description of Exhibit Second Amendment, dated as of October 19, 2017, to the Lease dated as of August 4, 2016 by and between the Registrant and 601 McCarthy Owner, LLC. Flextronics Design and Manufacturing Services Agreement, dated as of September 28, 2012, by and between the Registrant and Flextronics Telecom Systems, Ltd. Amendment to Flextronics Design and Manufacturing Services Agreement, effective as of August 1, 2013, by and among the Registrant, FireEye Ireland Limited and Flextronics Telecom Systems, Ltd. Design Statement of Work A-1 to Flextronics Design and Manufacturing Services Agreement, dated December 4, 2013, by and among the Registrant, FireEye Ireland Limited and Flextronics Telecom Systems, Ltd. Data Processing Addendum to Flextronics Design and Manufacturing Services Agreement, dated as of April 9, 2018, by and between the Registrant and Flextronics Telecom Systems, Ltd. Export Services (preparation and filing of the EEI) Addendum to Flextronics Design and Manufacturing Services Agreement, effective as of October 1, 2018, by and between the Registrant and Flextronics Telecom Systems, Ltd. Purchase Agreement, dated May 27, 2015, among the Registrant and Morgan Stanley & Co. LLC and J.P. Morgan Securities LLC, as representatives of the several Initial Purchasers named in Schedule I thereto Forward Stock Purchase Transaction, dated May 27, 2015, between the Registrant and Morgan Stanley & Co. LLC. Forward Stock Purchase Transaction, dated May 27, 2015, between the Registrant and Morgan Stanley & Co. LLC. Incorporated by Reference Form File No. 10-K/A 001-36067 Exhibit 10.27 March 1, 2018 Filing Date S-1/A 333-190338 10.19 September 9, 2013 10-Q 001-36067 10.3 November 5, 2014 10-Q 001-36067 10.4 November 5, 2014 10-Q 001-36067 10.2 August 3, 2018 10-Q 001-36067 10.1 November 2, 2018 8-K 001-36067 10.1 May 29, 2015 8-K 001-36067 10.2 May 29, 2015 8-K 001-36067 10.3 May 29, 2015 A n n u a l R e p o r t Form of Capped Call Confirmation. 8-K 001-36067 10.1 May 25, 2018 List of subsidiaries of the Registrant. Consent of Deloitte & Touche LLP, independent registered public accounting firm. Power of Attorney (included on the signature page to this Annual Report on Form 10-K). Rule 13a-14(a) / 15(d)-14(a) Certification of Principal Executive Officer. 135 Exhibit No. 31.2* 32.1** Description of Exhibit Form File No. Exhibit Filing Date Incorporated by Reference Rule 13a-14(a) / 15(d)-14(a) Certification of Principal Financial Officer. Certifications of Chief Executive Officer and Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002. 101.INS* XBRL Instance Document- the instance document does not appear in the Interactive Data File because its XBRL tags are embedded within the Inline XBRL document. 101.SCH* XBRL Taxonomy Extension Schema Document. 101.CAL* XBRL Taxonomy Extension Calculation Linkbase Document. 101.DEF* XBRL Taxonomy Extension Definition Linkbase Document. 101.LAB* XBRL Taxonomy Extension Label Linkbase Document. 101.PRE* XBRL Taxonomy Extension Presentation Linkbase Document. * Filed herewith. ** Furnished herewith. † †† Portions of this exhibit have been granted confidential treatment by the Securities and Exchange Indicates a management contract or compensatory plan or arrangement. Commission. SCHEDULE II VALUATION AND QUALIFYING ACCOUNTS (in thousands) Allowance for doubtful accounts receivable Year ended December 31, 2016 Year ended December 31, 2017 Year ended December 31, 2018 Item 16. Form 10-K Summary None Balance at beginning of period $2,021 1,590 $2,503 Charged to cost and expenses Write-offs, net of recoveries Balance at end of period $1,512 1,972 $ 105 $(1,943) (1,059) (83) $ $1,590 2,503 $2,525 136 SIGNATURES Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized, on February 22, 2019. FIREEYE, INC. By: /s/ KEVIN R. MANDIA Kevin R. Mandia Chief Executive Officer POWER OF ATTORNEY KNOW ALL THESE PERSONS BY THESE PRESENTS, that each person whose signature appears below constitutes and appoints Kevin R. Mandia, Frank E. Verdecanna and Alexa King, and each of them, his or her attorneys-in-fact, each with full power of substitution, for him or her in any and all capacities, to sign any and all amendments to this Annual Report on Form 10-K, and to file the same, with exhibits thereto and other documents in connection therewith, with the Securities and Exchange Commission, hereby ratifying and confirming all that each said attorneys-in-fact or his substitute or substitutes, may do or cause to be done by virtue hereof. Pursuant to the requirements of the Securities Exchange Act of 1934, this report has been signed below by the following persons on behalf of the registrant and in the capacities and on the dates indicated. Signature Title Date /S/ KEVIN R. MANDIA Kevin R. Mandia Chief Executive Officer and Director (Principal Executive Officer) February 22, 2019 /S/ FRANK E. VERDECANNA Frank E. Verdecanna Executive Vice President, Chief Financial Officer and Chief Accounting Officer (Principal Financial and Accounting Officer) February 22, 2019 /S/ KIMBERLY ALEXY Kimberly Alexy Ronald E. F. Codd /S/ ADRIAN McDERMOTT Adrian McDermott /S/ STEPHEN PUSEY Stephen Pusey /S/ ENRIQUE SALEM Enrique Salem /S/ ROBERT E. SWITZ Robert E. Switz Director February 22, 2019 Director Director February 22, 2019 Director February 22, 2019 Director February 22, 2019 Director February 22, 2019 137 A n n u a l R e p o r t corporate and stockholder information Executive Officers Kevin R. Mandia Chief Executive Officer Alexa King Executive Vice President, General Counsel and Secretary Travis M. Reese President William T. Robbins Executive Vice President of Worldwide Sales Frank E. Verdecanna Executive Vice President, Chief Financial Officer and Chief Accounting Officer Board of Directors Enrique Salem1 Chairman of the Board of FireEye, Inc. Managing Director, Bain Capital Ventures Kevin R. Mandia Chief Executive Officer, r, FireEye, Inc. Kimberly Alexy2,3 Principal, Alexy Capital M Management Ronald E. F. Codd1, 2,3 Independen ent Business Consultant Adrian McDermott1 Preside dent of Products, Zend desk Stephen Pusey1 F Former Group Chief Technology Officer, Vodafone Group Plc Robert E. Switz2,3 Former President and Chief Executive Officer, ADC Telecomunications, Inc. Corporate Headquarters FireEye, Inc. 601 McCarthy Blvd. Milpitas, CA 95035 Legal Counsel Wilson Sonsini Goodrich & Rosati, PC Palo Alto, California Independent Auditors DELOITTE & TOUCHE LLP San Jose, Californiaaa Transfer Agent and Registrar American Stock Transfer & Trust Company, LLC Av 6201 15th AvAvenue Brooklyn, N NY N 11219 www.astfitfinancial.com tfi help@@@astfinancial.com tel: 77 18 .921 . 8124 7 800.937.5449 1 Compensation Committee member 2 Audit Committee member 3 Nominating and Corporate Governance Committee member Stock Information FireEye comm b mon stock is listed on The NASDAQ Glob bal Select Market under the symbol FEYE. Investor Relations FireEye w ns ireEye welcomlcomes investor interest and maintains ns a section on its website with investor information, including press releaeleases, stock data, SEC filings,s, and access to quarterly webcasts. Investors may s, subscribe to automated emd email alerts for press s releases, events and SEC filings through the site. s Website: investors.FireEye.com Email: investor.relations@fireeye.com Annual Stockholders’ Meeting The annual meeting of stockholders will be held d at d at d at The a , 20 9 a at 10 a.m. Pacific Time on May 23, 2019 atat 1 FireEye, Inc. 601 McCarthy Blvd. Milpitas, CA 95035 nt, and Hel nt, and Helix are registered © 2019 FireEye, Inc. All rights reserved. FireEye, Mandiannt, and Helix are registered ered trademarks ssksrkaraaaaa kss ss or trademarks of FireEye, Inc. in the United States and othhher countries. her countrie FireEye, Inc. 601 McCarthy Blvd. Milpitas, CA 95035 408.321.6300 / 877.FIREEYE info@FireEye.com www.FireEye.com FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,700 customers in more than 100 countries, including more than 50% of the Forbes Global 2000. © 2019 FireEye, Inc. All rights reserved. FireEye and Mandiant are registered trademarks of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Continue reading text version or see original annual report in PDF format above