Tenable
Annual Report 2023

Download report (PDF) Advanced Search
Loading PDF...

More annual reports from Tenable:

2023 Report
2022 Report
2021 Report
2020 Report
2019 Report

Share your feedback:

Plain-text annual report

SCHEDULE 14A INFORMATION Proxy Statement Pursuant to Section 14(a) of the Securities Exchange Act of 1934 Filed by the Registrant Filed by a Party other than the Registrant Check the appropriate box: ý ¨ ¨ ¨ ý ¨ ¨ Preliminary Proxy Statement Confidential, for Use of the Commission Only (as permitted by Rule 14a-6(e)(2)) Definitive Proxy Statement Definitive Additional Materials Soliciting Material Pursuant to § 240.14a-12 Tenable Holdings, Inc. (Name of Registrant as Specified In Its Charter) Payment of Filing Fee (Check the appropriate box) ý ¨ ¨ No fee required. Fee paid previously with preliminary materials. Fee computed on table in exhibit required by Item 25(b) per Exchange Act Rules 14a-6(i)(1) and 0-11. 1 2 NOTICE OF ANNUAL MEETING OF STOCKHOLDERS WHEN WHERE Wednesday, May 22, 2024 Via Webcast RECORD DATE March 28, 2024 1:00 pm Eastern Time https://www.proxydocs.com/ TENB Only stockholders of record at the close of business on that date may vote at the Annual Meeting or any adjournment thereof. ITEMS OF BUSINESS Electing the Board of Directors’ nominees, Arthur W. Coviello, Jr., George Alexander Tosheff and Margaret Keane, to the Board of Directors to hold office until the 2027 Annual Meeting of Stockholders. BOARD VOTING RECOMMENDATION PAGE REFERENCE FOR each director nominee 16 Ratifying the selection by the Audit Committee of the Board of Directors of Ernst & Young LLP as the independent registered public accounting firm of the Company for the year ending December 31, 2024. Approving, on a non-binding advisory basis, the compensation of the Company's Named Executive Officers as disclosed in this proxy statement. FOR FOR 32 34 Conducting any other business properly brought before the Annual Meeting, including any adjournments or postponements of the meeting. Each of these items of business is more fully described in the proxy statement accompanying this notice. Important Notice Regarding the Availability of Proxy Materials for the Virtual Stockholders' Meeting to Be Held on Wednesday, May 22, 2024 at 1:00 p.m. Eastern Time. The proxy statement and annual report to shareholders are available at https://www.proxydocs.com/TENB. By Order of the Board of Directors, Michelle VonderHaar Chief Legal Officer and Corporate Secretary Columbia, MD April 11, 2024 You are cordially invited to attend the virtual annual meeting. Whether or not you expect to attend the meeting, please vote over the telephone or the Internet as instructed in these materials as promptly as possible in order to ensure your representation at the meeting. Even if you have voted by proxy, you may still vote online if you attend the virtual annual meeting. Please note, however, that if your shares are held of record by a broker, bank or other nominee and you wish to vote at the meeting, you must obtain a proxy issued in your name from that record holder. 3 CONTENTS QUESTIONS AND ANSWERS ABOUT THESE PROXY MATERIALS AND VOTING PROPOSAL 1 ELECTION OF DIRECTORS Information Regarding the Board of Directors and Corporate Governance Independence of the Board of Directors Role of the Board in Risk Oversight Meetings of the Board of Directors Information Regarding Committees of the Board of Directors Audit Committee Compensation Committee Nominating and Corporate Governance Committee Cybersecurity Risk Management Committee Stockholder Communications with the Board of Directors Code of Ethics Hedging Policy PROPOSAL 2 RATIFICATION OF SELECTION OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM Fees and Services Pre-Approval Policies and Procedures PROPOSAL 3 ADVISORY VOTE TO APPROVE THE NAMED EXECUTIVE OFFICER COMPENSATION Corporate Social Responsibility Executive Officers Security Ownership of Certain Beneficial Owners and Management Executive Compensation Executive Summary Executive Compensation Philosophy and Objectives Compensation Elements Compensation-Setting Process Employment Arrangements Post-Employment Compensation Other Compensation Policies Tax and Accounting Considerations Summary Compensation Table Grants of Plan-Based Awards Outstanding Equity Awards Options Exercised and Stock Vested Employment Agreements with Our Named Executive Officers Potential Payments Upon Termination or Change in Control CEO Pay Ratio Pay versus Performance Director Compensation Securities Authorized for Issuance Under Equity Compensation Plans Transactions With Related Persons and Indemnification Related-Person Transactions Policy and Procedures Certain Related Person Transactions Indemnification Householding of Proxy Materials 4 Page 9 16 22 22 23 24 24 24 26 28 30 30 31 31 32 32 33 34 35 40 42 45 45 48 50 59 61 62 62 63 64 65 66 67 68 69 70 72 76 78 79 79 79 80 81 Other Matters Appendix: Reconciliation of Non-GAAP Measures 82 83 Cautionary Note Regarding Forward-Looking Statements This proxy statement contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. All statements regarding performance, events, developments or achievements that we expect or anticipate will occur in the future, including statements expressing our general views about future operating results and our corporate social responsibility and diversity and inclusion progress, plans and goals, are forward-looking statements. The inclusion of environmental, diversity and social- related statements is not an indication that these are material to investors or required to be disclosed in our filings with the SEC. In addition, such statements may be based on standards for measuring progress that are still developing, processes that continue to evolve and assumptions that are subject to change in the future. Forward-looking statements are subject to certain risks and uncertainties that could cause our actual results to differ materially from historical experience and our present expectations or projections. These risks and uncertainties include, but are not limited to, those described in Item 1A, Risk Factors, in our Annual Report on Form 10-K for the year ended December 31, 2023 and those set forth in our future filings with the SEC. We disclaim and do not undertake any obligation to update, revise, or withdraw any forward-looking statements, whether as a result of new information, future events, or otherwise, except as required by applicable law or regulation. 5 To Our Stockholders, We manage our company on the simple, powerful principle that what we do matters to the world. In a year where artificial intelligence took center stage and geopolitical tensions dominated the headlines and disrupted supply chains, our mission to help organizations understand and reduce cyber risk has never been more critical. The communities where we live, the government agencies on which we rely and the enterprises that power the global economy all depend on cybersecurity. And they are increasingly turning to Tenable to understand where they are exposed and how to reduce risk. This is a pivotal time and Tenable is at the center of it. Our stakeholders –cust omers, partners, employees and investors –drive o ur every decision. Complex times call for radical simplicity and in 2023 we seized an opportunity to help more organizations consolidate multiple use cases and products on a single, unified platform. Today, Tenable One, our Exposure Management platform, is helping over a thousand customers protect their most vulnerable and crucial assets. We’re adding critical asset coverage to the platform, integrating cloud and operational technology ("OT") security, bringing even more context and actionable insights. We’re innovating in cloud security, cutting through the complexity so security teams can quickly identify elusive problems and remediate them fast. We are helping our customers make better, faster and more informed business decisions based on cyber risk. Our commitment to our customers and partners Tenable helps organizations understand and reduce risk and we believe we do it better than anyone. Given our focus on operationalizing preventative security, our solutions constitute a strategic advantage in a world where regulators are increasingly requiring disclosures on board oversight and management’s role in assessing and managing material risks from cybersecurity threats. That’s why approximately 44,000 customers rely on us to stay ahead of bad actors. Together with our global network of partners, we are uniquely positioned to help customers see and understand their continuously expanding attack surface, from the cloud to the network and everywhere in between. For example, Tenable Cloud Security, our cloud-native application protection platform (CNAPP) technology, delivers unparalleled insights into identities and access and is integrated into Tenable One. Tenable One is also the first and only exposure management platform that provides holistic visibility into assets across IT and OT environments, a key differentiator as CISOs are increasingly accountable for securing both. Our commitment to our employees Tenable’s employees fuel our ambition and cement our reputation as atr usted cybersecurity innovator. We have worked diligently to build the company into a career destination – the kind of place where passionate high achievers can do their best work, feel supported and know that they are truly making a difference. We’re giving our people the tools and investments they need – tuition reimbursement, mentorship programs, advanced certification options and more – so they can level up their skills and focus on solving some of the thorniest cybersecurity challenges. We continue to invest in superb total rewards packages, with equity grants, generous time off, an employee stock purchase plan, volunteer days and more. In 2024, we introduced a full-service mental health benefit for employees and their families, with free therapy, coaching and work-life services. We believe that every investment in our people comes back to us many times over. We will continue to innovate in this space, developing and supporting our people so they can focus on delivering results that exceed expectations. Our commitment to our stockholders 6 Over the years, we have built trusted and candid relationships with our stockholders. We continuously reach-out, engage and solicit feedback from our investors on amyriad of topics because understanding what is top of mind from our investors and how we are perceived by the financial community is important to us. In 2023, we met with amajority of our top 25 active investors, as well as over 100 firms in total, an achievement that puts us well above average for midcap companies in investor engagement. In those conversations, we heard from anumber of investors that they value Tenable for our balanced-growth approach and competitive position. In 2023, we delivered: • • • Calculated current billings of $873.3 million, a 12% increase year-over-year* Non-GAAP operating margin of 15%, a 500 basis point improvement year-over-year* Unlevered free cash flow of $175.4 million, a 37% increase year-over-year* We believe our results in 2023 reflect our ability to balance growth with profitability. We will continue to invest to take and win share which will position us well for long-term success. And, as we scale the business, we will continue to work closely with these critical stakeholders. Our commitment to corporate social responsibility We care deeply about the places where we live and work. That responsibility begins with environmental stewardship. Our energy consumption and usage within data centers is an important component of the day-to-day operations of our business which is why Tenable outsources its data center needs primarily to Amazon Web Services ("AWS"). AWS, in addition to carefully choosing data center locations to mitigate environmental risk, has a long-term commitment to use 100% renewable energy. We continue to track our scope 1 and scope 2 emissions and have begun a process to identify and track scope 3 emissions. As ever, our employees are our most critical catalysts for change. Our Green Initiatives group shares best practices for an environmentally conscious lifestyle, builds global support for initiatives within Tenable and leads campaigns, such as trash clean-ups, sustainable lifestyle pledges and tree-planting initiatives. We hold ourselves accountable for increasing representation in our workforce of historically underrepresented communities, cultivating a more inclusive culture and engaging more impactfully in the global communities that surround us. We believe that the greater diversity of our employees, partners and customers leads to a greater diversity of ideas and creativity as well as better performance. In conclusion, we are pleased with our performance in 2023. We continued to execute on our roadmap, expanding our market leadership in exposure management and scaling our business by capturing large market opportunities in cloud security. We look forward to continuing to build on this great foundation. Sincerely, Amit Yoran Chairman & CEO *Refer to the Appendix for reconciliations of these non-GAAP measures to comparable GAAP measures. 7 Business Overview - 2023 Highlights We are a leading provider of exposure management solutions. Exposure management is an effective discipline for measuring, comparing and reducing cybersecurity risk in today's complex environments, spanning cloud resources, IT, OT and IoT assets, and more. In order to be effective, an exposure management platform must extend beyond traditional vulnerability management, which concentrates on the discovery and remediation of publicly disclosed Common Vulnerabilities and Exposures. The platform must include information about configuration issues, vulnerabilities and attack paths across a spectrum of assets and technologies — including cloud configurations and deployments; identity solutions, such as Active Directory; and web applications. Our 2023 business and financial highlights were as follows: • • • • • • • • Launched new AI-fueled identity security into our Exposure Management Platform. Unveiled new OT security functionality to provide broader protection for operational technology, critical infrastructure and industrial control systems and to make it easier to secure and maintain governance of the entire attack surface. Acquired Ermetic, Ltd. ("Ermetic"), an integrated cloud-native application protection platform (CNAPP) company with industry leading cloud infrastructure entitlement management (CIEM), to deliver market-leading contextual risk visibility, prioritization and remediation across infrastructure and identities, for total consideration of $243.8 million. Received numerous awards and distinctions including recognition as a "Leader" in both the GigaOm Radar for Operational Technology (OT) Security and “The Forrester Wave™: Vulnerability Risk Management," and named Best Security Company and Best Risk/Policy Management Solution of the Year (for Tenable One) in the 2023 SC Awards. Recognized globally as a premier employer of choice. Announced that our Board of Directors approved the repurchase of up to an aggregate of $100 million of our common stock. Revenue was $798.7 million, a 17% increase year-over-year. Calculated current billings was $873.3 million, a 12% increase year-over-year. • GAAP loss from operations was $52.2 million, compared to $67.8 million in 2022. • Non-GAAP income from operations was $121.0 million, compared to $67.7 million in 2022. • GAAP net loss was $78.3 million, compared to $92.2 million in 2022. • GAAP net loss per share was $0.68, compared to $0.83 in 2022. • • • • • • Non-GAAP net income was $97.2 million, compared to $44.3 million in 2022. Non-GAAP diluted earnings per share was $0.80, compared to $0.38 in 2022. Cash and cash equivalents and short-term investments were $474.0 million at December 31, 2023, compared to $567.4 million at December 31, 2022. Net cash provided by operating activities was $149.9 million, compared to $131.2 million in 2022. Unlevered free cash flow was $175.4 million, compared to $128.1 million in 2022. Repurchased 0.4 million shares of our common stock for $14.9 million. Refer to the Appendix for reconciliations of non-GAAP measures to comparable GAAP measures. 8 TENABLE HOLDINGS, INC. 6100 Merriweather Drive, 12th Floor Columbia, Maryland 21044 PROXY STATEMENT FOR THE 2024 ANNUAL MEETING OF STOCKHOLDERS May 22, 2024 QUESTIONS AND ANSWERS ABOUT THESE PROXY MATERIALS AND VOTING Why did I receive a notice regarding the availability of proxy materials on the Internet? Pursuant to rules adopted by the Securities and Exchange Commission (the “SEC”), we have elected to provide access to our proxy materials over the Internet. Accordingly, we have sent you a Notice of Internet Availability of Proxy Materials (the “Notice”) because the Board of Directors (the "Board of Directors" or the "Board") of Tenable Holdings, Inc. (sometimes referred to as the “Company” or “Tenable”) is soliciting your proxy to vote at the 2024 Annual Meeting of Stockholders, including at any adjournments or postponements of the meeting. All stockholders will have the ability to access the proxy materials on the website referred to in the Notice or request to receive a printed set of the proxy materials. Instructions on how to access the proxy materials over the Internet or to request a printed copy may be found in the Notice. We intend to mail the Notice on or about April 11, 2024 to all stockholders of record entitled to vote at the Annual Meeting. Will I receive any other proxy materials by mail? We may, at our discretion, elect to send you aproxy c ard. We may also send you a second Notice on or after April 24, 2024. How do Iattend the Annual Meeting? The Annual Meeting will be a virtual stockholder meeting through which you can listen to the meeting and vote online. The Annual Meeting can be accessed by visiting https:// www.proxydocs.com/TENB and entering your control number which is included in the proxy materials mailed to you. Upon completing your registration, you will receive further instructions via email, including a unique link that will allow you access to the Annual Meeting. We recommend that you log in a few minutes before the Annual Meeting to ensure that you are logged in when the meeting starts. Online check-in will begin at approximately 12:45 p.m. Eastern Time. Information on how to vote online during the Annual Meeting is discussed below. Stockholders attending the virtual meeting will be afforded the same rights and opportunities to participate as they would at an in-person meeting, however any questions will need to be submitted in advance of the meeting. In accordance with the rules of conduct, we ask that you limit your submission to one brief question or comment prior to the meeting that is relevant to the Annual Meeting or our business and that such remarks are respectful of your fellow stockholders and meeting participants. 9 Who can vote at the Annual Meeting? Only stockholders of record at the close of business on March 28, 2024 (the "Record Date") will be entitled to vote at the Annual Meeting. On the Record Date, there were 118,743,082 shares of the Company's common stock outstanding and entitled to vote. Stockholder of Record: Shares Registered in Your Name If on March 28, 2024 your shares were registered directly in your name with Tenable’s transfer agent, Equiniti Trust Company, LLC (formerly American Stock Transfer & Trust Company, LLC), then you are a stockholder of record with respect to those shares and the Notice was sent directly to you by the Company. As ast ockholder of record, you may vote online during the meeting or vote by proxy. Whether or not you plan to attend the Annual Meeting, we urge you to vote by proxy using a proxy card that you may request or that we may elect to deliver at a later time or vote by proxy over the telephone or Internet as instructed below to ensure your vote is counted. Beneficial Owner: Shares Registered in the Name of a Broker or Bank If on March 28, 2024 your shares were held, not in your name, but rather in an account at a brokerage firm, bank or other similar organization, then you are the beneficial owner of shares held in “street name” and the Notice is being forwarded to you by that organization. The organization holding your account is considered to be the stockholder of record for purposes of voting at the Annual Meeting. As a beneficial owner, you have the right to direct that organization on how to vote the shares in your account. You will receive instructions from the organization that you must follow in order to submit your voting instructions and have your shares voted at the Annual Meeting. You are also invited to attend the Annual Meeting. However, since you are not the stockholder of record, you may not vote your shares online during the Annual Meeting unless you request and obtain a valid proxy from the organization. What am I voting on? There are three matters scheduled for avote: • • • Election of three directors (Proposal 1); Ratification of selection by the Audit Committee of the Board of Directors of Ernst & Young LLP as independent registered public accounting firm of the Company for the year ending December 31, 2024 (Proposal 2); and Advisory approval, on a non-binding basis, of the compensation of our Named Executive Officers as disclosed in this proxy statement (Proposal 3). What if another matter is properly brought before the meeting? The Board of Directors knows of no other matters that will be presented for consideration at the Annual Meeting. If any other matters are properly brought before the meeting, it is the intention of the persons named in the accompanying proxy to vote on those matters in accordance with their best judgment. How do Ivo te? You may either vote “For” all the nominees to the Board of Directors or you may “Withhold” your vote for any nominee you specify. For Proposals 2and 3, you may vote “For” or “Against” or "Abstain" from voting. 10 Stockholder of Record: Shares Registered in Your Name If you are a stockholder of record, you may vote online during the Annual Meeting, vote by proxy using a proxy card that you may request or that we may elect to deliver at a later time, vote by proxy over the telephone or vote by proxy through the Internet. Whether or not you plan to attend the meeting, we urge you to vote by proxy to ensure your vote is counted. You may still attend the meeting and vote online during the meeting even if you have already voted by proxy. • • • • To vote online during the meeting, access the Annual Meeting by visiting www.proxypush.com/TENB and entering your control number which is included in the proxy materials mailed to you. Please have your Notice in hand when you access the website and follow the instructions. To vote using the proxy card, simply complete, sign and date the proxy card that may be delivered and return it promptly in the envelope provided. If you return your signed proxy card to us before the Annual Meeting, we will vote your shares as you direct. To vote over the telephone, dial toll-free 866-230-6244 using a touch-tone phone and follow the recorded instructions. You will be asked to provide the control number from the Notice. To ensure your vote is counted, your telephone vote must be received either prior to the start of the meeting or, if you are attending the meeting, before the polls close during the meeting. To vote through the Internet, go to www.proxypush.com/TENB to complete an electronic proxy card. You will be asked to provide the control number from the Notice. To ensure your vote is counted, your Internet vote must be received either prior to the start of the meeting or, if you are attending the meeting, before the polls close during the meeting. Beneficial Owner: Shares Registered in the Name of Broker or Bank If you are a beneficial owner of shares registered in the name of your broker, bank or other agent, you should have received a Notice containing voting instructions from that organization rather than from Tenable. Simply follow the voting instructions in the Notice to ensure that your vote is counted. To vote online during the Annual Meeting, you must obtain a valid proxy from your broker, bank or other agent. Follow the instructions from your broker, bank or other agent included with these proxy materials, or contact that organization to request a proxy form. Internet proxy voting will be provided to allow you to vote your shares online, with procedures designed toensu re the authenticity and correctness of your proxy vote instructions. However, please be aware that you must bear any costs associated with your Internet access, such as usage charges from Internet access providers and telephone companies. How many votes do I have? On each matter to be voted upon, you have one vote for each share of common stock you own as of March 28, 2024. If I am astoc kholder of record and Ido not vote, or if I return a proxy card or otherwise vote without giving specific voting instructions, what happens? If you are a stockholder of record and do not vote by completing your proxy card, by telephone, through the Internet or online during the Annual Meeting, your shares will not be voted. If you return a signed and dated proxy card or otherwise vote without marking voting selections, your shares will be voted, as applicable, “For” the election of all nominees for director, “For” the ratification of Ernst & Young LLP as independent auditors for the year ending December 31, 2024, 11 and "For" the approval of, on anon-binding advisory b asis, the compensation of our Named Executive Officers. If any other matter is properly presented at the meeting, your proxy holder (one of the individuals named on your proxy card) will vote your shares using his or her best judgment. If I am abe neficial owner of shares held in street name and Ido not prov ide my broker or bank with voting instructions, what happens? If you are a beneficial owner of shares held in street name and you do not instruct your broker, bank or other agent how to vote your shares, your broker, bank or other agent may still be able to vote your shares in its discretion. In this regard, brokers, banks and other securities intermediaries may use their discretion to vote your “uninstructed” shares with respect to matters considered to be “routine” under applicable rules, but not with respect to “non-routine” matters. Proposals 1and 3 are considered to be “non-routine” under applicable rules, meaning that your broker may not vote your shares on those proposals in the absence of your voting instructions. However, Proposal 2 is considered to be “routine” under applicable rules, meaning that if you do not return voting instructions to your broker by its deadline, your shares may be voted by your broker in its discretion on Proposal 2. If you are a beneficial owner of shares held in street name, in order to ensure your shares are voted in the way you would prefer, you must provide voting instructions to your broker, bank or other agent by the deadline provided in the materials you receive from your broker, bank or other agent. Who is paying for this proxy solicitation? We will pay for the entire cost of soliciting proxies. In addition to these proxy materials, our directors and employees may also solicit proxies in person, by telephone or by other means of communication. Directors and employees will not be paid any additional compensation for soliciting proxies. We may also reimburse brokerage firms, banks and other agents for the cost of forwarding proxy materials to beneficial owners. What does it mean if I receive more than one Notice? If you receive more than one Notice, your shares may be registered in more than one name or in different accounts. Please follow the voting instructions on the Notice to ensure that all of your shares are voted. Can Ichan ge my vote after submitting my proxy? Stockholder of Record: Shares Registered in Your Name Yes. You can revoke your proxy at any time before the final vote at the Annual Meeting. If you are the record holder of your shares, you may revoke your proxy in any one of the following ways: • • • • You may submit another properly completed proxy card with a later date. You may grant a subsequent proxy by telephone or through the Internet. You may send a timely written notice that you are revoking your proxy to Tenable Holdings, Inc., Attention: Corporate Secretary at 6100 Merriweather Drive, 12th Floor, Columbia, Maryland 21044. You may attend the Annual Meeting and vote online. Simply attending the Annual Meeting will not, by itself, revoke your proxy. 12 Your most current proxy card or telephone or Internet proxy is the one that is counted. Beneficial Owner: Shares Registered in the Name of Broker or Bank If your shares are held by your broker, bank or other agent, you should follow the instructions provided by your broker, bank or other agent. When are stockholder proposals and director nominations due for next year’s Annual Meeting? To be considered for inclusion in next year’s proxy materials, your proposal must be submitted in writing by December 12, 2024, to 6100 Merriweather Drive, 12th Floor, Columbia, Maryland 21044. If you wish to nominate an individual for election at, or bring business other than through a stockholder proposal before, the 2025 Annual Meeting of Stockholders, you must deliver your notice to our Corporate Secretary at the address above between January 22, 2025 and February 21, 2025. Your notice to the Corporate Secretary must set forth information specified in our bylaws, including your name and address and the class and number of shares of our stock that you beneficially own. In addition to satisfying the foregoing requirements under Tenable's bylaws, to comply with the universal proxy rules, stockholders who intend to solicit proxies in support of director nominees other than Tenable's nominees must provide notice that sets forth the information required by Rule 14a-19(b) under the Securities Exchange Act of 1934, as amended (the "Exchange Act"). If you propose to bring business before an annual meeting of stockholders other than a director nomination, your notice must also include, as to each matter proposed, the following: (1) abrief description of the business desired to be brought before such annual meeting, (2) the text of the proposal or business (including the text of any resolutions proposed for consideration and in the event that such business includes a proposal to amend the bylaws, the language of the proposed amendment), (3) the reasons for conducting that business at the annual meeting, and (4) any material interest you have in that business. If you propose to nominate an individual for election as adirect or, your notice must also include, as to each person you propose to nominate for election as a director, the following: (1) the name, age, business address and residence address of the person, (2) the principal occupation or employment of the person, (3) the class and number of shares of our stock that are owned of record and beneficially owned by the person, (4) the date or dates on which the shares were acquired and the investment intent of the acquisition; (5) aques tionnaire with respect to the background, qualifications, stock ownership and independence of the person and a written representation or agreement that the person is not and will not become a party to any voting commitment, and (6) any other information concerning the person as would be required to be disclosed in a proxy statement soliciting proxies for the election of that person as adirect or in an election contest (even if an election contest is not involved and whether or not proxies are being or will be solicited), or that is otherwise required to be disclosed or provided to the Company pursuant to Section 14 of the Exchange Act, and the rules and regulations promulgated under the Exchange Act, including the person's written consent to being named in a proxy statement, associated proxy card and other filings as a nominee and to serving as adirect or if elected. We may require any proposed nominee to furnish other information as we may reasonably require to determine the eligibility of the proposed nominee to serve as an independent director or that could be material to a reasonable stockholder's understanding of the independence, or lack of independence, of the proposed nominee. For more information, and more detailed requirements about advance notice of stockholder proposals and director nominations, please refer to our Second Amended and Restated Bylaws, filed as Exhibit 3.1 to our Current Report on Form 8-K (File No. 001-38600), filed with the SEC on November 15, 2023. 13 How are votes counted? Votes will be counted by the inspector of election appointed for the meeting, who will separately count, for Proposal 1, the proposal to elect directors, votes “For,” “Withhold” and broker non-votes (described below); for Proposal 2, the proposal to ratify our independent auditors, votes “For,” “Against” and “Abstain”; and, for Proposal 3, the proposal to approve, on a non-binding advisory basis, the compensation of our Named Executive Officers, ”For," "Against" and “Abstain” and broker non-votes. If you “Abstain” it will be counted towards the vote total for Proposals 2and 3. For Proposal 2 and 3, it will have the same effect as “Against” votes. Broker non-votes on Proposals 1 and 3 will have no effect and will not be counted toward the vote total for those proposals. We do not expect broker non-votes on Proposal 2. What are “broker non-votes”? A "broker non-vote" occurs when your broker submits aproxy f or the meeting with respect to "routine" matters but does not vote on "non-routine" matters because you did not provide voting instructions on such "non-routine" matters. These un-voted shares with respect to the "non-routine matters" are counted as “broker non-votes.” Proposals 1and 3 are considered to be “non-routine” under applicable rules and we therefore expect broker non-votes on these proposals. However, as Proposal 2 is considered “routine” under applicable rules, we do not expect broker non-votes on this proposal. As a reminder, if you are a beneficial owner of shares held in street name, in order to ensure your shares are voted in the way you would prefer, you must provide voting instructions to your broker, bank or other agent by the deadline provided in the materials you receive from your broker, bank or other agent. How many votes are needed to approve each proposal? For Proposal 1, the election of directors, the three nominees receiving the most “For” votes from the holders of shares present online at the meeting or represented by proxy and entitled to vote on the election of directors will be elected. Only votes “For” will affect the outcome. Broker non-votes will have noef fect. To be approved, Proposal 2, ratification of the selection of Ernst & Young LLP as the Company’s independent registered public accounting firm for 2024, must receive “For” votes from the holders of a majority of shares present online at the meeting or represented by proxy and entitled to vote on the matter. If you “Abstain” from voting, it will have the same effect as an “Against” vote. Since brokers have the authority to vote on your behalf with respect to Proposal 2, we do not expect broker non- votes on this proposal. For Proposal 3, advisory approval of the compensation of our Named Executive Officers will be considered to be approved if it receives "For" votes from the holders of a majority of the shares present online at the meeting or represented by proxy and entitled to vote thereon to be approved. If you “Abstain” from voting, it will have the same effect as an “Against” vote on this proposal. Broker non-votes will have no effect. What is the quorum requirement? A quorum of stockholders is necessary to hold avalid meeting. A quorum will be present if stockholders holding at least a majority of the voting power of the outstanding shares entitled to vote are present online at the meeting or represented by proxy. On the Record Date, there were 14 118,743,082 shares outstanding and entitled to vote. Thus, the holders of 59,371,542 shares must be present online at the meeting or represented by proxy at the meeting to have a quorum. Abstentions and broker non-votes will be counted towards the quorum requirement. If there is no quorum, the chairperson of the meeting or the holders of a majority of shares present online at the meeting or represented by proxy may adjourn the meeting to another date. Will a list of record stockholders as of the Record Date be available? Upon request, a list of our record stockholders as of the close of business on the Record Date will be made available to stockholders. In addition, for the ten days ending the day prior to the Annual Meeting, the list will be available upon request for examination by any stockholder of record for a legally valid purpose. To access the list of record stockholders beginning May 12, 2024 and until the Annual Meeting, stockholders should email David Bartholomew, Deputy General Counsel, at dbartholomew@tenable.com. How do Iask a question at the Annual Meeting? Only stockholders of record as of March 28, 2024 may submit questions or comments in advance of the virtual stockholders meeting, not during. If you would like to submit a question or comment, you may do so prior to 5:00 p.m. Eastern Time on May 20, 2024 by following the instructions in your registration documents on https://www.proxydocs.com/TENB. To help ensure that we have aproduc tive and efficient meeting, and in fairness to all stockholders in attendance, you will also find posted our rules of conduct for the Annual Meeting when you log in prior to the start of the Annual Meeting. Our management may group pre-submitted questions by topic with a representative question read aloud and answered. In addition, questions may be ruled out of order if they are, among other things, irrelevant to our business, related to pending or threatened litigation, disorderly, repetitious of statements already made, or in furtherance of the speaker's own personal, political or business interests. Questions will be addressed in the "Question and Answer" portion of the Annual Meeting. What do I do if I have technical difficulties in connection with the Annual Meeting? If you encounter any difficulties accessing the virtual meeting during the check-in or meeting time, please call the technical support number that will be posted on the Annual Meeting login page. Technical support will be available beginning at approximately 12:00 p.m. Eastern Time on May 22, 2024. How can I find out the results of the voting at the Annual Meeting? Preliminary voting results will be announced at the Annual Meeting. In addition, final voting results will be published in a current report on Form 8-K that we expect to file within four business days after the Annual Meeting. If final voting results are not available to us in time to file a Form 8-K within four business days after the meeting, we intend to file a Form 8-K to publish preliminary results and, within four business days after the final results are known to us, file an additional Form 8-K to publish the final results. 15 PROPOSAL 1 ELECTION OF DIRECTORS Tenable’s Board of Directors is divided into three classes and each class has a three-year term. Vacancies on the Board may be filled only by persons elected by a majority of the remaining directors. A director elected by the Board to fill a vacancy in aclass, including vacancies created by an increase in the number of directors, shall serve for the remainder of the full term of that class and until the director’s successor is duly elected and qualified. The Board of Directors currently consists of nine members. There are three directors in the class whose term of office expires in 2024. Mr. Coviello was previously elected by Tenable's stockholders. Ms. Keane and Mr. Tosheff were recommended to the Board by amember of senior management, nominated by the Nominating and Corporate Governance Committee, and elected by the Board. If elected at the Annual Meeting, each of these nominees would serve until the 2027 Annual Meeting of Stockholders and until their successor has been duly elected and qualified, or, if sooner, until the director’s death, resignation or removal. It is the Company’s policy to invite and encourage directors and nominees for director to attend each annual meeting of stockholders. In 2023, all of our then-serving directors attended the Annual Meeting. Directors are elected by a plurality of the votes of the holders of shares present online at the meeting or represented by proxy and entitled to vote on the election of directors. Accordingly, the three nominees receiving the highest number of affirmative votes will be elected. Shares represented by executed proxies will be voted, if authority to do so is not withheld, for the election of the three nominees named below. If any nominee becomes unavailable for election as a result of an unexpected occurrence, shares that would have been voted for that nominee will instead be voted for the election of a substitute nominee proposed by the Board. Each person nominated for election has agreed to serve if elected. The Company’s management has no reason to believe that any nominee will be unable to serve. The following table reflects certain diversity information regarding our directors based on self- identification by each director. Board Diversity Matrix (as of March 28, 2024) Total Number of Directors Part I: Gender Identity Directors Part II: Demographic Background African American or Black White Did Not Disclose Demographic Background Female Male 3 0 3 9 1 6 1 4 Our Board Diversity Matrix as of March 30, 2023 can be found in our proxy statement for the 2023 Annual Meeting filed with the SEC on April 12, 2023. 16 The following table lists the skills and experience that our Nominating and Corporate Governance Committee and Board consider important for our directors to have given our current business and future market opportunities, and the directors who we believe possess them: Coviello Higgins Howe Huffard Keane Seawell Tosheff Vicks Yoran ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ Cybersecurity Experience Enterprise SaaS Experience CEO/COO Management Experience Operations Experience Business Development Experience Moving Innovation Through to Commercialization Relationships with the DoD and/or other Relevant Agencies Capital Markets Experience Financial Reporting, Accounting and Internal Controls Experience Board/Corporate Governance Experience Human Resources/ Executive Compensation Legal and/or Risk Management Experience ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ 17 CLASS III NOMINEES FOR ELECTION FOR A THREE-YEAR TERM EXPIRING AT THE 2027 ANNUAL MEETING The following is abrief b iography of each nominee for director and a discussion of the specific experience, qualifications, attributes or skills of each nominee that led the Nominating and Corporate Governance Committee of the Board of Directors to recommend that person as anominee for director, as of the date of this proxy statement. The Nominating and Corporate Governance Committee seeks to assemble a board of directors that, as a whole, possesses the appropriate balance of professional and industry knowledge, financial expertise and high-level management experience necessary to oversee and direct the Company’s business. To that end, the Committee has identified and evaluated nominees in the broader context of the Board’s overall composition, with the goal of recruiting members who complement and strengthen the skills of other members and who also exhibit integrity, collegiality, sound business judgment and other qualities that the Committee views as critical to the effective functioning of the Board. To provide a mix of experience and perspective on the Board, the Committee also takes into account gender, age, and ethnic diversity. The brief biographies below include information, as of the date of this proxy statement, regarding the specific and particular experience, qualifications, attributes or skills of each director or nominee that led the Committee to believe that that nominee should continue to serve on the Board. 18 Arthur W. Coviello, Jr., age 70 Arthur W. Coviello, Jr. has served as a member of our Board of Directors since February 2018 and as our Lead Independent Director since February 2022. Mr. Coviello has served as Managing Partner of Syn Ventures, a venture capital fund, since June 2021. Mr. Coviello has served on the Board of Directors of Synchrony Financial ("Synchrony") since November 2015. Mr. Coviello was previously a venture partner at Rally Ventures, LLC, a position he held from May 2015 to July 2022, and previously was on the boards of directors of FireEye/ Mandiant, Inc. from December 2020 to October 2022, and Epiphany Technology Acquisition Corp. from November 2020 to January 2023. Mr. Coviello received a B.B.A. with a concentration in Accounting from the University of Massachusetts. Our Board of Directors believes that Mr. Coviello is qualified to serve as a director based on his extensive security industry and management experience and his experience as adirect or of public technology companies. George Alexander Tosheff, age 57 George Alexander Tosheff has served as a member of our Board of Directors since September 2022. Mr. Tosheff has served as Senior Vice President, Chief Security Officer of VMware, Inc. (recently acquired by Broadcom) since February 2022 following his promotion from Vice President, Chief Security Officer, a position he held since 2014. Mr. Tosheff served as amember of our Customer Advisory Board from 2017 until September 2022. Mr. Tosheff received a B.S. in Physics from California State University. Our Board of Directors believes that Mr. Tosheff is qualified to serve as a director based on his extensive cybersecurity expertise and management experience. Margaret Keane, age 64 Margaret Keane has served as a member of our Board of Directors since June 2023. Ms. Keane is the former Executive Chair of the Board of Directors of Synchrony, a position she held from April 2021 to April 2023. Ms. Keane was a member of Synchrony's Board of Directors from 2013 to April 2023. Ms. Keane served as Synchrony’s Chief Executive Officer from February 2014 to March 2021 and President from February 2014 to May 2019. She previously served as the Chief Executive Officer and President of the North American retail finance business of the General Electric Company from April 2011 to February 2014. Ms. Keane serves on the Board of Directors for the Allstate Corporation, an insurance company, a position she has held since April 2018. Ms. Keane earned a bachelor’s degree in government and politics and an M.B.A. from St. John’s University. Our Board of Directors believes that Ms. Keane is qualified to serve as a director based on her extensive management experience. THE BOARD OF DIRECTORS RECOMMENDS A VOTE IN FAVOR OF EACH NAMED NOMINEE. 19 DIRECTORS CONTINUING IN OFFICE UNTIL THE 2025 ANNUAL MEETING Amit Yoran, age 53 Amit Yoran has served as our Chief Executive Officer and Chairman since December 2016 and was appointed as our President, in addition to Chief Executive Officer and Chairman, in May 2018. Mr. Yoran has served on the Board of Directors of BlackLine Systems, Inc., an enterprise software company, since January 2023. Prior to joining Tenable, Mr. Yoran served as President of RSA Solutions, Inc. from October 2014 to December 2016. Mr. Yoran received a B.S. in Computer Science from the United States Military Academy at West Point and an M.S. in Computer Science from George Washington University. Our Board of Directors believes that Mr. Yoran is qualified to serve as a director based on his role as our Chief Executive Officer and his extensive management experience in the technology and security industries. Niloofar Razi Howe, age 55 Niloofar Razi Howe has served as a member of our Board of Directors since May 2021. Ms. Howe has served as a Senior Operating Partner at Energy Impact Partners, a venture capital fund since 2019. Ms. Howe has served on the Board of Directors of Composecure, Inc. since December 2021. Ms. Howe also currently serves on the board of directors of a number of private technology companies. Ms. Howe received a B.A. in English Literature from Columbia College and holds a Juris Doctor degree from Harvard Law School. Our Board of Directors believes that Ms. Howe is qualified as adirect or based on her extensive cybersecurity and management experience and her experience as a director of technology companies. Linda Zecher Higgins, age 70 Linda Zecher Higgins has served as a member of our Board of Directors since August 2019. Ms. Higgins is the Chief Executive Officer and Managing Director of the Barkley Group, a consulting firm focused on effective digital transformation, and has held such positions since January 2017. Ms. Higgins has served as a member of the board of directors of Hasbro, Inc. since October 2014. Ms. Higgins served as a member of the board of directors of C5 Acquisition Corp from January 2022 to September 2023 and also served as the Corporate Vice President, Worldwide Public Sector of Microsoft Corporation from 2003 to 2011. In July 2023, Ms. Higgins was hired as the Chief Executive Officer of IronNet, Inc., a cybersecurity company, to assist in its restructuring efforts. In October 2023, IronNet, Inc., filed avoluntary C hapter 11 restructuring plan with the U.S. Bankruptcy Court for the District of Delaware, which was completed in February 2024. Ms. Higgins received a B.S. in Earth Science from The Ohio State University. Our Board of Directors believes that Ms. Higgins is qualified to serve as a director based on her extensive management experience with technology companies and her experience as adirect or of public companies. 20 DIRECTORS CONTINUING IN OFFICE UNTIL THE 2026 ANNUAL MEETING John C. Huffard, Jr., age 56 John C. Huffard, Jr. has served as a member of our Board of Directors since 2002. Mr. Huffard served as our Chief Operating Officer from May 2018 through December 2019. Prior to that, he served as our President and Chief Operating Officer from November 2008 to May 2018, and he co-founded our company in 2002. Mr. Huffard has also served as a member of the board of directors of Norfolk Southern Corporation since February 2020. Mr. Huffard received a B.S.B.A. from Washington and Lee University and an M.B.A. from Babson College. Our Board of Directors believes that Mr. Huffard is qualified to serve as a director based on his in-depth knowledge of our company and our products due to his role as our co-founder and subsequent role as our Chief Operating Officer. A. Brooke Seawell, age 76 A. Brooke Seawell has served as a member of our Board of Directors since October 2017. Mr. Seawell is aVe nture Partner at New Enterprise Associates Inc., a position he has held since January 2005. Mr. Seawell has served on the board of directors of NVIDIA Corporation, an accelerated computing company, since December 1997. He previously served on the board of directors of Eargo, Inc., a medical device company, from September 2020 to December 2022, and Tableau Software, Inc., a business intelligence software company, from November 2011 to August 2019. Mr. Seawell received both a B.A. in Economics and an M.B.A. in Finance from Stanford University. Our Board of Directors believes that Mr. Seawell is qualified to serve as a director based on his extensive experience in technology finance and operations, including having served as the chief financial officer of two public companies and his experience as a director of public technology companies. Raymond Vicks, Jr., age 64 Raymond Vicks, Jr. has served as a member of our Board of Directors since January 2022. Mr. Vicks has served on the Board of Directors of Bowman Consulting Group Ltd since May 2022. Mr. Vicks previously served as Managing Partner at the BMV Group, a position he held from August 2015 until his retirement in 2019. Concurrent with that role, Mr. Vicks also served as the Chief Financial Officer of the HSC Health Care System from 2015 to 2018. Prior to that, Mr. Vicks served in roles of increasing responsibility at PricewaterhouseCoopers LLP from 1995 to 2014, where at the time of his departure, he was a Partner. Mr. Vicks is a Certified Public Accountant and received a B.S. in accounting from Virginia Tech. Our Board of Directors believes that Mr. Vicks is qualified to serve as a director based on his based on his extensive public accounting and management experience. 21 INFORMATION REGARDING THE BOARD OF DIRECTORS AND CORPORATE GOVERNANCE Independence of the Board of Directors As required under the Nasdaq Stock Market (“Nasdaq”) listing standards, a majority of the members of a listed company’s Board of Directors must qualify as “independent,” as affirmatively determined by the Board of Directors. The Board consults with the Company’s counsel to ensure that the Board’s determinations are consistent with relevant securities and other laws and regulations regarding the definition of “independent,” including those set forth in pertinent listing standards of Nasdaq, as in effect from time to time. Our Board determines the independence of each director based on their business and personal activities that might affect us and our management. Each director completes a detailed questionnaire on an annual basis that provides information about relationships that might affect their independence. The Board, with support from our counsel, then evaluates all known relevant facts and circumstances concerning any identified relationship and assesses whether any such relationship would interfere with the independent judgment of the director in carrying out their responsibilities. Consistent with these considerations, after review of all relevant identified transactions or relationships between each director, or any of his or her family members, and the Company, its senior management and its independent registered public accounting firm, the Board has affirmatively determined that the following eight of our current directors are independent directors within the meaning of the applicable Nasdaq listing standards: Arthur W. Coviello, Jr., John C. Huffard, Jr., Margaret Keane, Niloofar Razi Howe, A. Brooke Seawell, George Alexander Tosheff, Raymond Vicks, Jr., and Linda Zecher Higgins. In making this determination, the Board found that none of these directors or nominees for director had a material or other disqualifying relationship with the Company. Board Leadership Structure Our Board of Directors is currently chaired by Mr. Yoran, our Chief Executive Officer. The Board believes that combining the positions of Chief Executive Officer and Board Chair helps to ensure that the Board and management act with a common purpose and provides a single, clear chain of command to execute Tenable’s strategic initiatives and business plans. In addition, the Board believes that a combined Chief Executive Officer/Board Chair is better positioned to act as abridge between management and the Board, facilitating the regular flow of information. The Board also believes that it is advantageous to have aBo ard Chair with significant history with and extensive knowledge of Tenable (as is the case with Mr. Yoran). The Board has also appointed Mr. Coviello as lead independent director in order to help reinforce the independence of the Board as a whole. Mr. Coviello will remain lead independent director until February of 2025, assuming his re-election as of the 2024 Annual Meeting. The position of lead independent director has been structured to serve as an effective balance to Mr. Yoran’s leadership as our combined Chief Executive Officer and Board Chair. Mr. Coviello has served as a director since 2018 and currently serves as the Chair of the Nominating and Corporate Governance Committee. Mr. Coviello has extensive security industry and management experience, and experience as adirect or of public technology companies. The Board believes Mr. Coviello's experience, breadth of knowledge and contributions to the Board position him well to provide strong leadership and oversight of ongoing Board matters and to contribute valuable insight with respect to Tenable's business. The Board believes that Mr. Coviello is highly qualified to assist the Board in overseeing the identification, assessment and management of the Company's exposure to various risks as a result of his extensive management and security experience. The Board believes that Mr. Coviello will be able to provide leadership and help guide the Board's independent oversight of the Company's risk exposures through his role as lead independent director. The lead independent director is empowered to, among 22 other duties and responsibilities, work with the Chief Executive Officer and Board Chair to develop and approve an appropriate Board meeting schedule and Board meeting agendas; provide the Chief Executive Officer and Board Chair feedback on the quality, quantity, and timeliness of the information provided to the Board; develop the agenda and moderate executive sessions of the independent members of the Board; preside over Board meetings when the Chief Executive Officer and Board Chair is not present or when Board or Chief Executive Officer performance or compensation is discussed; act as principal liaison between the independent members of the Board and Chief Executive Officer and Board Chair; convene meetings of the independent directors as appropriate; and perform such other duties as may be established or delegated by the Board. As a result, the Company believes that the lead independent director can help ensure the effective independent functioning of the Board in its oversight responsibilities. Role of the Board in Risk Oversight One of the Board’s key functions is informed oversight of Tenable’s risk management process. The Board does not have a standing risk management committee, but rather administers this oversight function directly through the Board as awhole, as well as through various Board standing committees that address risks inherent in their respective areas of oversight. In particular, our Board is responsible for monitoring and assessing strategic risk exposure, including a determination of the nature and level of risk appropriate for the Company. Our Audit Committee has the responsibility to consider and discuss our major financial risk exposures and the steps our management has taken to monitor and control these exposures, including risks pertaining to financial accounting, investments and cash management, and disclosure controls and procedures. The Audit Committee also monitors compliance with legal and regulatory requirements and oversees the performance of our internal audit function and the performance and independence of external auditors. Our Nominating and Corporate Governance Committee monitors the effectiveness of our corporate governance guidelines, including as it relates to regulatory changes and other developments. The Nominating and Corporate Governance Committee also oversees our corporate social responsibility program, stockholder engagement, and board and committee composition and refreshment. Our Compensation Committee assesses and monitors whether any of our compensation policies and programs has the potential to encourage excessive risk-taking, and risks associated with human capital management, including recruiting, retention, diversity and inclusion. Our Cybersecurity Risk Management Committee assists the Board in fulfilling its oversight responsibility with respect to the management of risks related to our information technology use and protection, cybersecurity, and product security. Typically, the entire Board meets with members of management responsible for risk management at least annually, and the applicable Board committees meet at least annually with the employees responsible for risk management in the committees’ respective areas of oversight. Both the Board as a whole and the various standing committees receive periodic reports from members of management responsible for risk management, as well as incidental reports as matters may arise. It is the responsibility of the committee chairs to report findings regarding material risk exposures to the Board as quickly as possible. 23 Meetings of the Board of Directors The Board of Directors met four times during 2023. All directors attended at least 75% of the aggregate number of meetings of the Board and of each of the committees on which they served, held during the portion of the last year for which they were directors or committee members, respectively. Information Regarding Committees of the Board of Directors The Board has four committees: an Audit Committee, a Compensation Committee, a Cybersecurity Risk Management Committee, and a Nominating and Corporate Governance Committee. The following table provides the current membership of each of the Board committees, and identifies the chairperson of each committee and the number of committee meetings held in 2023: Name Arthur W. Coviello, Jr. Margaret Keane(1) Linda Zecher Higgins Niloofar Razi Howe(2) John C. Huffard, Jr.(3) A. Brooke Seawell George Alexander Tosheff Raymond Vicks, Jr. Total meetings in 2023 _____________ * Committee Chairperson Audit Compensation Cybersecurity Risk Management Nominating and Corporate Governance X* X X* X 5 X X* X 4 X X 4 X X* X X 8 Ms. Keane joined the Board, Compensation Committee and Cybersecurity Risk Management (1) Committee in June 2023. (2) 2023. (3) Ms. Howe was elected to the Nominating and Corporate Governance Committee in June Mr. Huffard was elected to the Audit Committee in August 2023. Below is adescripti on of each committee of the Board of Directors. Each of the committees has the authority to engage legal counsel or other experts or consultants, as it deems appropriate to carry out its responsibilities. The Board of Directors has determined that each member of each committee meets the applicable Nasdaq rules and regulations regarding “independence” and each member is free of any relationship that would impair his or her individual exercise of independent judgment with regard toth e Company. Audit Committee The Audit Committee of the Board of Directors was established by the Board in accordance with Section 3(a)(58)(A) of the Exchange Act to oversee the Company’s corporate accounting and financial reporting processes and audits of its financial statements. For this purpose, the Audit Committee performs several functions. The principal duties and responsibilities of our audit committee include, among other things: • selecting a qualified firm to serve as the independent registered public accounting firm to audit our financial statements; 24 • • • • • • • • approving (or, as permitted, pre-approving) all audit and all permissible non-audit services to be performed by the independent registered public accounting firm; helping to ensure the independence and performance of the independent registered public accounting firm; obtaining and reviewing areport b y the independent registered public accounting firm at least annually, that describes its internal quality-control procedures, any material issues with such procedures, and any steps taken to deal with such issues when required by applicable law; discussing the scope and results of the audit with the independent registered public accounting firm, and reviewing, with management and the independent registered public accounting firm, our interim and year-end operating results, including a review of our disclosures under "Management's Discussion and Analysis of Financial Condition and Results of Operations"; reviewing our policies on risk assessment and risk management; overseeing the organization and performance of the Company's internal audit function; developing procedures for employees to submit concerns anonymously about questionable accounting or audit matters; reviewing related party transactions; and • meeting in executive session with management and the Company's independent registered public accountants. The Audit Committee is currently composed of four directors: Messrs. Seawell, Huffard, Tosheff, and Vicks. The Audit Committee met eight times during 2023. The Board has adopted a written Audit Committee charter that is available to stockholders on our website at www.investors.tenable.com. The Board of Directors reviews the Nasdaq listing standards definition of independence for Audit Committee members on an annual basis and has determined that all of the current members of the Audit Committee are independent (as independence is currently defined in Rule 5605(c)(2)(A)(i) and (ii) of the Nasdaq listing rules and under Rule 10A-3 under the Exchange Act). The Board of Directors has also determined that Messrs. Seawell and Vicks each qualifies as an “audit committee financial expert,” as defined in applicable SEC rules. The Board made a qualitative assessment of Messrs. Seawell's and Vicks' level of knowledge and experience based on a number of factors, including their formal education, Mr. Seawell's experience as achief f inancial officer of public reporting companies and Mr. Vicks' public accounting experience. Report of the Audit Committee of the Board of Directors* The Audit Committee has reviewed and discussed the audited financial statements for the year ended December 31, 2023 with management of the Company. The Audit Committee has discussed with the independent registered public accounting firm the matters required to be discussed by the applicable requirements of the Public Company Accounting Oversight Board (“PCAOB”) and SEC. The Audit Committee has also received the written disclosures and the letter from the independent registered public accounting firm required by applicable requirements of the PCAOB regarding the independent registered public accounting firm's communications with the audit committee concerning independence, and has discussed with the independent registered public accounting firm the accounting firm’s independence. Based on the foregoing, the Audit Committee recommended to the Board of Directors that the audited financial statements be included in the Company’s Annual Report on Form 10-K for the year ended December 31, 2023. 25 A. Brooke Seawell, Chair John C. Huffard, Jr. George Alexander Tosheff Raymond Vicks, Jr. *The material in this report is not "soliciting material," is not deemed "filed" with the Commission and is not to be incorporated by reference in any filing of the Company under the Securities Act or the Exchange Act, whether made before or after the date hereof and irrespective of any general incorporation language in any such filing. Compensation Committee The Compensation Committee of the Board of Directors acts on behalf of the Board to review, modify and oversee the Company’s compensation strategy, policies, plans and programs, including: • • • • establishment of corporate and individual performance objectives relevant to the compensation of our executive officers, directors and other senior management and evaluation of performance in light of these stated objectives; review and approve the compensation and other terms of employment or service, including severance and change-in-control arrangements, of our Chief Executive Officer, the other executive officers and other senior management; review and recommend to the Board for approval the type and amount of compensation to be paid or awarded to our directors; and administration of our equity compensation plans, bonus plans, benefit plans and other similar plans and programs. The Compensation Committee is currently composed of three directors: Mses. Higgins, Howe, and Keane. All members of the Company’s Compensation Committee are independent (as independence is currently defined inRule 5605(d)(2) of the Nasdaq listing rules). The Compensation Committee met five times during 2023. The Board has adopted a written Compensation Committee charter that is available to stockholders on our website at www.investors.tenable.com. Compensation Committee Processes and Procedures Typically, the Compensation Committee meets quarterly and with greater frequency when necessary. The agenda for each meeting is usually developed by the Chair of the Compensation Committee, in consultation with the Chief Executive Officer, Chief People and Culture Officer and Compensia, Inc. ("Compensia"), the compensation consultant engaged by the Compensation Committee. The Compensation Committee meets regularly in executive session. In addition to our Chief Executive Officer, our Chief People Officer and our Deputy General Counsel also regularly attend meetings at the invitation of the Compensation Committee and take part in discussions about executive compensation. From time to time, various members of management and other employees as well as outside advisors or consultants may be invited by the Compensation Committee to make presentations, to provide financial or other background information or advice or to otherwise participate in Compensation Committee meetings. The Chief Executive Officer may not participate in, or be present during, any deliberations or determinations of the Compensation Committee regarding his compensation or individual performance objectives. The charter of the Compensation Committee grants the Compensation Committee full access to all books, records, facilities and personnel of the Company. In addition, under its charter, the Compensation Committee has the authority to obtain, at the expense of the Company, advice and assistance from compensation consultants and internal and external legal, accounting or other advisors and other external resources that the Compensation Committee considers necessary or appropriate in the performance of its duties. The Compensation 26 Committee has direct responsibility for the oversight of the work of any consultants or advisers engaged for the purpose of advising the Committee. In particular, the Compensation Committee has the sole authority to retain, in its sole discretion, compensation consultants to assist in its evaluation of executive and director compensation, including the authority to approve the consultant’s reasonable fees and other retention terms. Under the charter, the Compensation Committee may select, or receive advice from, a compensation consultant, legal counsel or other adviser to the compensation committee, other than in-house legal counsel and certain other types of advisers, only after taking into consideration six factors, prescribed by the SEC and Nasdaq, that bear upon the adviser’s independence; however, there is no requirement that any adviser be independent. During the past calendar year, after taking into consideration the six factors prescribed by the SEC and Nasdaq described above, the Compensation Committee retained Compensia as its compensation consultant. Our Compensation Committee identified Compensia based on Compensia's general reputation in the industry. The Compensation Committee requested that Compensia: • • evaluate the efficacy of the Company’s existing compensation strategy and practices in supporting and reinforcing the Company’s long-term strategic goals; and assist in refining the Company’s compensation strategy and in developing and implementing an executive compensation program to execute that strategy. As part of its engagement, Compensia was requested by the Compensation Committee to review and update the group of companies that we use for comparative purposes and to perform an analysis of competitive performance and compensation levels for that group. The specific determinations of the Compensation Committee with respect to executive compensation for the year ended December 31, 2023, as well as the role of the compensation consultant in assisting with those determinations, are described in greater detail in the “Compensation Discussion and Analysis” section of this proxy statement. Under its charter, the Compensation Committee may form, and delegate authority to, subcommittees as appropriate. In 2023, the Compensation Committee delegated authority to Mr. Yoran, in his capacity as our Chief Executive Officer and Chairman, to grant, without any further action required by the Compensation Committee, stock awards to certain employees who are not his direct reports or officers of the Company, up to and including employees at the senior vice president level. The purpose of this delegation of authority is to enhance the flexibility of equity award administration within the Company and to facilitate the timely grant of stock awards to employees, particularly new employees and promoted employees, within specified limits approved by the Compensation Committee. The number of shares underlying awards approved by Mr. Yoran for on- hire, annual, promotion, and retention-and-merit-based awards, are subject to certain limitations and guidelines approved by the Compensation Committee from time to time. As part of its oversight function, the Compensation Committee reviews on aquar terly basis the list of grants made by Mr. Yoran. The Compensation Committee reviews the delegated authority periodically and amends it as necessary. During 2023, Mr. Yoran exercised his authority to grant a total of 3,017,494 restricted stock units ("RSUs") to qualifying employees. No other equity awards were granted pursuant to Mr. Yoran’s authority during 2023. The Compensation Committee typically makes adjustments to annual compensation, approves changes to the key financial metric targets and formulas used to determine annual bonus payments, approves additional equity awards and establishes new performance objectives at one or more meetings held during the first quarter of the year. However, the Compensation Committee also considers matters related to individual compensation, such as compensation for new executive hires, as well as high-level strategic issues, such as the efficacy of the Company’s compensation strategy, potential modifications to that strategy and new trends, plans or approaches to compensation, at 27 various meetings throughout the year. Generally, the Compensation Committee’s process comprises two related elements: the determination of compensation levels and the establishment of performance objectives for the current year. For executives other than the Chief Executive Officer, the Compensation Committee solicits and considers evaluations and recommendations submitted to the Committee by the Chief Executive Officer. In the case of the Chief Executive Officer, the evaluation of his performance is conducted by the Compensation Committee, which determines any adjustments to his compensation as well as awards to be granted. For all executives and directors as part of its deliberations, the Compensation Committee may review and consider, as appropriate, materials such as financial reports and projections, operational data, tax and accounting information, tally sheets that set forth the total compensation that may become payable to executives in various hypothetical scenarios, executive and director stock ownership information, company stock performance data, analyses of historical executive compensation levels and current company-wide compensation levels and recommendations of the Compensation Committee’s compensation consultant, including analyses of executive and director compensation paid at other companies identified by the consultant. Compensation Committee Interlocks and Insider Participation None of the current members of our Compensation Committee has ever been an executive officer or employee of ours. None of our executive officers currently serves, or has served during the last completed year, on the compensation committee or board of directors of any other entity that has one or more executive officers serving as a member of our Board of Directors or Compensation Committee. Report of the Compensation Committee of the Board of Directors* The Compensation Committee has reviewed and discussed with management the Compensation Discussion and Analysis (“CD&A”) contained in this proxy statement. Based on this review and discussion, the Compensation Committee has recommended to the Board of Directors that the CD&A be included in this proxy statement and incorporated into the Company’s Annual Report on Form 10-K for the year ended December 31, 2023. Linda Zecher Higgins, Chair Niloofar Razi Howe Margaret Keane *The material in this report is not “soliciting material,” is furnished to, but not deemed “filed” with, the Commission and is not deemed to be incorporated by reference in any filing of the Company under the Securities Act or the Exchange Act, other than the Company’s Annual Report on Form 10-K, where it shall be deemed to be “furnished,” whether made before or after the date hereof and irrespective of any general incorporation language in any such filing. Nominating and Corporate Governance Committee The Nominating and Corporate Governance Committee of the Board of Directors is responsible for identifying, reviewing and evaluating candidates to serve as directors of the Company (consistent with criteria approved by the Board), reviewing and evaluating incumbent directors, recommending to the Board for selection candidates for election to the Board of Directors, making recommendations to the Board regarding the membership of the committees of the Board, assessing the performance of management and the Board, developing a set of corporate governance principles for the Company and overseeing the Company's corporate environmental, social and governance programs and policies. 28 The Nominating and Corporate Governance Committee is currently composed of three directors: Mr. Coviello and Mses. Higgins and Howe. All members of the Nominating and Corporate Governance Committee are independent (as independence is currently defined in Rule 5605(a)(2) of the Nasdaq listing rules). The Nominating and Corporate Governance Committee met four times during 2023. The Board has adopted a written Nominating and Corporate Governance Committee charter that is available to stockholders on our website at www.investors.tenable.com. The Nominating and Corporate Governance Committee believes that candidates for director should have certain minimum qualifications, including the ability to read and understand basic financial statements and having the highest personal integrity and ethics. The Nominating and Corporate Governance Committee also intends to consider such factors as possessing relevant expertise upon which to be able toof fer advice and guidance to management, having sufficient time to devote to the affairs of the Company, demonstrated excellence in his or her field, having the ability to exercise sound business judgment and having the commitment to rigorously represent the long- term interests of the Company’s stockholders. However, the Nominating and Corporate Governance Committee retains the right to modify these qualifications from time to time. Board diversity and inclusion is critical to Tenable’s success. Candidates for director nominees are reviewed in the context of the current composition of the Board, the operating requirements of the Company and the long- term interests of stockholders. In conducting this assessment, the Nominating and Corporate Governance Committee typically considers diversity (including gender, racial and ethnic diversity), age, skills and such other factors as it deems appropriate, given the current needs of the Board and the Company, to maintain a balance of knowledge, experience and capability. The Nominating and Corporate Governance Committee appreciates the value of thoughtful Board refreshment, and regularly identifies and considers qualities, skills and other director attributes that would enhance the composition of the Board. In the case of incumbent directors whose terms of office are set to expire, the Nominating and Corporate Governance Committee will review these directors’ overall service to the Company during their terms, including the number of meetings attended, level of participation, quality of performance and any other relationships and transactions that might impair the directors’ independence. The Committee also takes into account the results of the Board’s self- evaluation, conducted by outside counsel annually on a group and individual basis. In the case of new director candidates, the Nominating and Corporate Governance Committee also determines whether the nominee is independent for Nasdaq purposes, which determination is based upon applicable Nasdaq listing standards, applicable SEC rules and regulations and the advice of counsel, if necessary. The Nominating and Corporate Governance Committee then uses its network of contacts to compile a list of potential candidates, but also engages professional search firms from time to time to assist in identifying potential candidates. The Nominating and Corporate Governance Committee conducts any appropriate and necessary inquiries into the backgrounds and qualifications of possible candidates after considering the function and needs of the Board. The Nominating and Corporate Governance Committee meets to discuss and consider the candidates’ qualifications and then selects anominee for recommendation to the Board by majority vote. The Nominating and Corporate Governance Committee will consider director candidates recommended by stockholders. The Nominating and Corporate Governance Committee does not intend to alter the manner in which it evaluates candidates, including the minimum criteria set forth above, based on whether or not the candidate was recommended by a stockholder. Stockholders who wish to recommend individuals for consideration by the Nominating and Corporate Governance Committee to become nominees for election to the Board may do so by delivering a written recommendation to the Nominating and Corporate Governance Committee at the following address: Tenable Holdings, Inc., Attention: Corporate Secretary, 6100 Merriweather Drive, 12th Floor, Columbia, Maryland 21044, at least 90 days, but not more than 120 days prior to the anniversary date of the preceding year's annual meeting of stockholders. Submissions must include the name and 29 address of the stockholder on whose behalf the submission is made, the number of shares of Tenable stock owned beneficially by such stockholder on the date of the submission, the full name of the proposed nominee, a description of the proposed nominee’s business experience for at least the previous five years, complete biographical information and a description of the proposed nominee's qualifications as a director. Any submission must be accompanied by the written consent of the proposed nominee to be named as a nominee and to serve as adirect or if elected. Cybersecurity Risk Management Committee The Cybersecurity Risk Management Committee of the Board of Directors assists the Board in fulfilling its oversight responsibility with respect to the management of risks related to the Company's information technology use and protection, cybersecurity, and product security. The Cybersecurity Risk Management Committee is responsible for oversight of the Company's: • • quality and effectiveness of the policies and procedures governing information technology and network systems, including relating to data governance, incident response procedures and disaster recovery capabilities, and product security; technology senior management teams' priorities for its information technology and engineering security functions; • management of compliance risks and audits related to its information technology and network systems; • • • internal access controls and audits relating to cyber and information security; disclosures in SEC filings related to its information technology and network systems; and cyber insurance policies and coverage. The Cybersecurity Risk Management Committee is currently composed of three directors: Mr. Huffard, Ms. Keane and Mr. Tosheff. All members of the Cybersecurity Risk Management Committee are independent (as independence is currently defined in Rule 5605(a)(2) of the Nasdaq listing rules). The Cybersecurity Risk Management Committee met four times during 2023. The Board has adopted a written Cybersecurity Risk Management Committee charter that is available to stockholders on our website at www.investors.tenable.com. The Cybersecurity Risk Management Committee meets quarterly and with greater frequency if necessary. The Cybersecurity Risk Management Committee meets regularly in executive session. In addition to our Chief Executive Officer, our Chief Security Officer and our Chief Legal Counsel regularly attend meetings at the invitation of the Cybersecurity Risk Management Committee. The Cybersecurity Risk Management Committee also has direct access to our Chief Security Officer and evaluates his performance. From time to time, various members of management and other employees as well as outside advisors may be invited by the Cybersecurity Risk Management Committee to brief the committee members on the current threat landscape and cybersecurity efforts. Under its charter, the Cybersecurity Risk Management Committee is granted authority to retain independent advisors and investigate matters brought to its attention. Stockholder Communications with the Board of Directors All stockholders and other interested parties are welcome to communicate with our non- management directors through an established process for stockholder communication. For communication directed to our non-management directors, please contact our Corporate Secretary or Legal Department in writing at the address listed below. 30 Tenable Holdings, Inc. 6100 Merriweather Drive, 12th Floor Columbia, MD 21044 Attn: Corporate Secretary or Legal Department Our Corporate Secretary or Legal Department will review all incoming stockholder communications and determine whether the communication should be presented to the Board or the appropriate director or committee. The purpose of this screening is to allow the Board to avoid having to consider irrelevant or inappropriate communications, such as mass mailings, product complaints or inquiries, job inquiries, business solicitations and patently offensive or otherwise inappropriate material. The screening procedures have been approved by a majority of our independent directors. All communications directed to the Audit Committee in accordance with the Company’s whistleblower policy that relate to questionable accounting or auditing matters involving the Company will be promptly and directly forwarded to the Audit Committee. Code of Ethics We have adopted the Tenable Code of Business Conduct and Ethics that applies to all officers, directors, employees and independent contractors. The Code of Business Conduct and Ethics is available on our website at www.investors.tenable.com. If we make any substantive amendments to the Code of Business Conduct and Ethics or grant any waiver from a provision of the Code to any executive officer or director, we will promptly disclose the nature of the amendment or waiver on our website. Hedging Policy Our Insider Trading Policy prohibits our employees, including our executive officers, and the non- employee members of our Board of Directors from engaging in short sales, transactions in put or call options, hedging transactions, using margin accounts, pledges, or other inherently speculative transactions involving our equity securities. 31 PROPOSAL 2 RATIFICATION OF SELECTION OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM The Audit Committee of the Board of Directors has selected Ernst & Young LLP as the Company’s independent registered public accounting firm for the year ending December 31, 2024 and has further directed that management submit the selection of its independent registered public accounting firm for ratification by the stockholders at the Annual Meeting. Ernst & Young LLP has audited the Company’s financial statements since 2014. Representatives of Ernst & Young LLP are expected to be present online at the Annual Meeting. They will have an opportunity to make a statement if they so desire and will be available to respond to appropriate questions. Neither the Company’s Bylaws nor other governing documents or laws require stockholder ratification of the selection of Ernst & Young LLP as the Company’s independent registered public accounting firm. However, the Audit Committee of the Board is submitting the selection of Ernst & Young LLP to the stockholders for ratification as a matter of good corporate practice. If the stockholders fail to ratify the selection, the Audit Committee of the Board will reconsider whether or not to retain that firm. Even if the selection is ratified, the Audit Committee of the Board in its discretion may direct the appointment of a different independent registered public accounting firm at any time during the year if they determine that such a change would be in the best interests of the Company and its stockholders. The affirmative vote of the holders of a majority of the shares present online at the meeting or represented by proxy and entitled to vote on the matter at the Annual Meeting will be required to ratify the selection of Ernst & Young LLP. Fees and Services The following table represents aggregate fees billed to the Company by Ernst & Young LLP, the Company’s principal accountant. (in thousands) Audit Fees(1) Audit-Related Fees(2) Tax fees(3) All Other Fees(4) Total Fees Year Ended December 31, 2023 2022 $ $ 1,754 $ 338 6 73 2,171 $ 1,707 271 — — 1,978 Audit fees consisted of fees billed for professional services provided in connection with the _____________ (1) audits of our annual consolidated financial statements and our internal control over financial reporting, the review of our quarterly condensed consolidated financial statements, and related procedures and audit services that are normally provided by the independent registered public accounting firm in connection with regulatory filings. In 2022 and 2023, audit fees included fees related to business combinations. Audit-related fees consisted of professional services provided in connection with attestation (2) reports for service organizations. In 2023 audit-related fees also included fees associated with due diligence procedures performed in connection with the acquisition of Ermetic. (3) Tax fees included fees for permissible tax advisory services. 32 (4) as fees related to arisk assessment exercise performed in 2023. All other fees included fees for access to online accounting and tax research software as well All fees and services described above were pre-approved by the Audit Committee. Pre-Approval Policies and Procedures The Audit Committee has adopted a policy and procedures for the pre-approval of audit and non- audit services rendered by the Company’s independent registered public accounting firm, Ernst & Young LLP. The policy generally pre-approves specified services in the defined categories of audit services, audit-related services and tax services up to specified amounts. Pre-approval may also be given as part of the Audit Committee’s approval of the scope of the engagement of the independent registered public accounting firm or on an individual, explicit, case-by-case basis before the independent registered public accounting firm is engaged to provide each service. The Chair of the Audit Committee has been delegated authority to pre-approve certain audit and non-audit services, but the decision must be reported toth e full Audit Committee at its next scheduled meeting. The Audit Committee has determined that the non-audit services rendered by Ernst & Young LLP are compatible with maintaining the principal accountant’s independence. THE BOARD OF DIRECTORS RECOMMENDS A VOTE IN FAVOR OF PROPOSAL 2. 33 PROPOSAL 3 ADVISORY VOTE TO APPROVE THE NAMED EXECUTIVE OFFICER COMPENSATION The Dodd-Frank Wall Street Reform and Consumer Protection Act and Section 14A of the Exchange Act enable our stockholders to approve, on an advisory non-binding basis, the compensation of our Named Executive Officers as disclosed in this proxy statement. This proposal, commonly known as a"Say-on-Pa y" proposal, gives our stockholders the opportunity to express their views on our Named Executive Officers' compensation as awhole. The vote is not intended to address any specific item of compensation or any specific Named Executive Officer, but rather the overall compensation of all our Named Executive Officers and the philosophy, policies and practices described in this proxy statement. At the 2020 Annual Meeting of Stockholders, the stockholders indicated their preference that the Company solicit a Say-on-Pay vote every year. The Board has adopted a policy that is consistent with that preference. In accordance with that policy, this year, we are asking stockholders to approve, on an advisory basis, the compensation of our Named Executive Officers as disclosed in this proxy statement in accordance with SEC rules. The Say-on-Pay vote is advisory, and therefore is not binding on us, the Compensation Committee or the Board. The Say-on-Pay vote will, however, provide information to us regarding investor sentiment about our executive compensation philosophy, policies and practices, which the Compensation Committee will be able to consider when determining executive compensation for the remainder of the current year and beyond. The Board and our Compensation Committee value the opinions of our stockholders and to the extent there is any significant vote against the Named Executive Officer compensation as disclosed in this proxy statement, we will endeavor to communicate with stockholders to better understand the concerns that influenced the vote, consider our stockholders’ concerns and the Compensation Committee will evaluate whether any actions are necessary to address those concerns. The compensation of our Named Executive Officers subject to the vote is disclosed in the Compensation Discussion and Analysis section, the compensation tables and the related narrative disclosure contained in this proxy statement. As discussed in those disclosures, we believe that our compensation policies and decisions are aligned with our stockholders’ interests to support long-term value creation and enable us to attract and retain talented executives. Accordingly, the Board is asking the stockholders to indicate their support for the compensation of our Named Executive Officers as described in this proxy statement by casting a non-binding advisory vote “FOR” the following resolution: “RESOLVED, that the compensation paid to the Company’s Named Executive Officers, as disclosed pursuant to Item 402 of Regulation S-K, including the Compensation Discussion and Analysis, compensation tables and narrative discussion is hereby APPROVED.” Advisory approval of this proposal requires the vote of the holders of a majority of the shares present online or represented by proxy and entitled to vote on the matter at the annual meeting. Unless the Board decides to modify its policy regarding the frequency of soliciting Say-on-Pay votes, the next scheduled Say-on-Pay vote will be at the 2025 Annual Meeting. THE BOARD OF DIRECTORS RECOMMENDS A VOTE IN FAVOR OF PROPOSAL 3. 34 CORPORATE SOCIAL RESPONSIBILITY We believe good governance at all levels is necessary to drive corporate responsibility, which in turn promotes the long-term interests of our stockholders and strengthens Board and management accountability. We focus our efforts in the following key areas: • Governance; • • Environmental stewardship; and Social responsibility in: cybersecurity and data privacy, diversity, equity and inclusion, employee engagement, and community involvement. Governance Our Board sets high standards for the Company's employees, officers, and directors. Implicit in this philosophy is the importance of sound corporate governance. It is the duty of the Board to serve as a prudent fiduciary for stockholders and to oversee the management of the Company's business. The Board adheres to our corporate governance guidelines, which are designed to give directors and management a flexible framework for effectively pursuing the Company's objectives for the benefit of its stockholders. In the risk management process, risk oversight is one of the Board’s key functions. The Board does not have a standing risk management committee but rather administers this oversight function directly through the Board as a whole, as well as through various Board standing committees that address risks inherent in their respective areas of oversight. In particular, our Board is responsible for monitoring and assessing strategic risk exposure, including a determination of the nature and level of risk appropriate for the Company. The Nominating and Corporate Governance Committee is responsible for environmental, social, and governance oversight and is briefed at least twice a year on relevant matters. For additional details on the Committee's oversight responsibilities see "Nominating and Corporate Governance Committee" above. In addition to our governance best practices, we consider environmental and social issues in our operations. We believe that socially responsible operating practices go hand in hand with generating value for our stockholders, providing cybersecurity solutions for our clients, being good neighbors within our communities, and being a good employer to our employees. In our view, our corporate governance is more effective when we consider environmental and social issues as part of our oversight of corporate strategy, key risks, and our operations more generally. We are committed to the promotion of ethical business practices and the implementation of measures to reduce the risk of corruption. We believe strongly in human rights, including, but not limited to, supporting our diverse and inclusive workforce and promoting equality of opportunity and treatment in hiring, training, promotions and working conditions. As such, our Human Rights Policy and Supplier Code of Conduct articulate our commitments and values regarding such matters as ethical business practices, labor practices (including child labor and human trafficking), data privacy, diversity and non-discrimination, and whistleblower protections, and our related expectations regarding supplier, vendor, and contractor practices. 35 Environmental Stewardship Our Board and management team recognize that we have a role to play in environmental stewardship. Given that the Company is a software company, our energy consumption and usage within our data centers is an important component of the day-to-day operations of our business. We outsource our data center needs to Amazon Web Services (“AWS”). In addition to carefully choosing data center locations to mitigate environmental risks, AWS has a long-term commitment to using 100 percent renewable energy. Aside from data center needs, greenhouse gas emissions and water and energy usage are not material factors in the day-to-day operations of our business. However, we believe that we can still play a part through environmentally sound practices. Consequently, we have invested in software to manage our environmental impact factors, enabling us track and calculate our scope 1 and scope 2 footprint and have begun a process to identify and track scope 3 emissions. Our corporate headquarters is a LEED Certified Gold for Core Construction. In addition, we have taken the following actions to enable environmental stewardship: • • • • implemented recycling in our offices; offered biodegradable to-go boxes to reduce food waste; implemented a strict policy for disposing of hardware; and transitioned to a travel portal that provides detail on our carbon footprint. Tenable and our employees have donated time and money to important environmental causes such as healthy waterways and other clean-up efforts, recycling, carbon footprint mitigation and protection of threatened wildlife. At Tenable, we believe our employees are our most critical catalysts for change. Our Green Initiatives group continues to gain traction as away f or employees to share best practices for an environmentally conscious lifestyle, building global support within the Company, and lead campaigns such as trash clean-ups, sustainable lifestyle pledges, and tree-planting initiatives. Partnering within our Tenable CARES program - detailed later in this section -th e Green Initiatives group curates easy-to-implement actions and measures our collective impact. Our regional Green Initiatives leaders build engagement and momentum by hosting regular community check-ins and information sessions and building camaraderie among members. Through their shared passion for environmentalism, participants inspire one another to take action for a greener and cleaner tomorrow. Our 2024 theme, “Water!” is centered around the importance of water quality and conservation. The Green Initiatives group will spearhead trash clean ups and other activities that are focused on water conservation campaigns. Cybersecurity and Data Privacy We take great pride in assisting our customers with enhancing their security posture through the use of our services and products. We understand that customers must trust and have confidence in an organization to use its service offerings for managing their exposure data. As such, we take the overall security of our products and their supporting infrastructure very seriously. We align our information security and risk management program to the National Institute of Standards and Technology Cybersecurity Framework and have implemented an information security 36 management system to protect the confidentiality, integrity, and availability of assets against threats and vulnerabilities. We achieved ISO/IEC 27001:2013 certification, recognizing our proven commitment to the highest level of information security management. As a leader in cybersecurity, and with our focus on sound governance, we believe adding oversight at the board level is important, which is why we elevated the Cybersecurity Risk Management Committee from asubcommittee o f the Audit Committee to a separate fully functioning committee of the Board in November of 2022. The Cybersecurity Risk Management Committee assists the Board in fulfilling its oversight responsibility for managing risks related to the Company’s information technology use and protection, cybersecurity, and product security. For additional details on the Committee's oversight responsibilities see "Cybersecurity Risk Management Committee" above. Data privacy protection and cybersecurity require diligence and a community effort. We enable the community through our employees, customers, and products by bringing security awareness to everything we do. As an enterprise security company, we consistently look for ways to improve our security posture to maintain data privacy and protect sensitive information for our employees and customers. Thousands of customers, including financial services organizations, healthcare providers, retailers, educational institutions, and government agencies, trust Tenable with their exposure data, digital identities and exposure insights in our cloud platform. Security is core to our corporate ethos and we allocate significant investment to protect the confidentiality, integrity, and availability of all customer data. One of our top priorities is preventing any non-customers or bad actors from accessing, disclosing, or violating the privacy and protection of data stored in the Tenable cloud platform. Using acombinat ion of preventative and detective controls, environment segregation, automation, granular data access controls, modern identity and access management practices, and data localization, our products are built to protect data and help meet privacy obligations. We continuously assess and implement additional measures to help improve our security program and address the ever-changing threat landscape. Diversity and Inclusion We believe an inclusive culture drives employee engagement, sparks innovation and delivers exceptional business results. Tenable’s people strategy aspires to create a positive and rewarding experience for new, prospective and current employees across all aspects of employee connection — recruiting, onboarding, career growth, wellness and compensation. Our total rewards package — which includes abundant development options — recognizes employees for their contributions, gives them the opportunity for continued growth and provides resources to support well-being both inside and outside the workplace. At Tenable, we strive to be a career destination in which employees from all backgrounds are welcomed and empowered, treated with fairness and respect, presented with opportunities to make a difference and provided with resources to enable them to grow. We feel it is imperative to be transparent regarding our progress concerning Diversity and Inclusion ("D&I"). We undertake numerous efforts to increase representation in our workforce of historically excluded communities, cultivating a more inclusive culture and engaging in intentional and more impactful ways in the global communities that surround us. Our Diversity Council is made up of leaders from across our organization and is responsible for developing, enabling and promoting our 37 strategic D&I plans. They champion and prioritize all D&I initiatives, cultivate and strengthen a culture of inclusion and hold themselves and other leaders accountable for our D&I goals. Our D&I strategy at Tenable is aligned to three major objectives: • Workforce: increase the representation of women globally and people of color in the U.S.; • Workplace: cultivate an inclusive workplace where all employees feel they belong and are given the support they need to thrive; and • Community: increase our commitment to supporting the next generation of science technology, engineering and mathematics (STEM) talent in diverse communities. To support our initiatives, we build partnerships within our communities to support organizations and events that strive for greater representation of women and underrepresented minorities in cybersecurity; conduct inclusion, bias mitigation, and intercultural competency training; and offer targeted development opportunities to assist with career advancement. Our efforts have included the following: • • • • • • • implementing initiatives to drive diversity at the senior level which have enabled us to increase the percentage of new hires and internal promotions; using diversity-focused recruiting programs to help increase representation of women and people of color in cybersecurity. All of our open external positions are made available on diversity-focused job boards; using talent scout programs for mid-level diverse talent to network with senior leaders as well as directed recruitment marketing efforts to drive diverse candidates; establishing Employee Resource Groups to connect and support employees who identify with diverse communities and identities; working with external partners to host professional development events, including Pronoun Workshop for LGBTQ+ allies; launching workshops for teams to discuss inclusion-related topics, such as cultural competency; and enhancing our mentorship program, focusing on opportunities for women, Black, and Hispanic employees to establish greater professional connections and grow within our organization. Employee Engagement Our ability to fulfill core values depends on how well we listen to our employees. We constantly ask employees what they need to do their best work and we act on their input. We have several different methods of soliciting employee feedback to ensure we hear from all parts of the business. We also create regular opportunities for two-way communication with our executives to help our people better understand how decisions are made. Our methods include the following: • • • conducting an annual employee engagement survey combined with periodic division -or region-specific check-ins; soliciting employee feedback at various stages of their employment cycle, from onboarding to offboarding; holding frequent executive "coffee chat" sessions during which employees can engage with our senior leaders to exchange information, provide feedback and brainstorm ideas in small- group settings; 38 • • • • staging monthly company-wide All Hands meetings led by our CEO, with an open question- and-answer period; empowering departmental, regional or team leaders to host their own town halls for their direct reports; encouraging people managers to hold regular check-in meetings with their direct reports where they can focus on real-time feedback, recognition, coaching, and professional development; and ensuring executive sponsorship of each Employee Resource Group, providing each cohort with adirect path to communicate with senior leadership. We believe professional development is a continuous and iterative process and encourage employees to think of refining and redefining their development goals and plans as a path or direction, rather than pursuing aspecific job p osition or promotion. We promote and support employee development and organizational effectiveness by providing numerous high-quality learning and development options. Employees and their managers work together to create development plans for increasing business acumen and building on the skills and knowledge each employee needs to excel in their position and grow professionally. Our professional development offerings include mentor and mentee matching and informal networking opportunities, tuition reimbursement and professional development funds, access to industry-leading tools for learning and building skills, a management development program, career development and learning events, and an internship program. We expect our employees to respect and adhere to the highest standards of business conduct, including as set forth in our Code of Business Conduct and Ethics. All employees are expected to complete certain compliance training requirements annually. Topics include information security, data privacy, harassment prevention, anti-bribery and insider trading. Community Involvement We invest in social good in alignment with our company values. Tenable demonstrates that we care by striving to make a positive difference in everything that we do — in our work, with our customers and colleagues and in our communities. We are proud to contribute to charities, initiatives and programs that strengthen our industry and impact our employees and communities. Our people strive to create a better tomorrow by giving back to their communities globally through our internal giving and volunteerism program, Tenable CARES. Tenable CARES is designed to make it easier for our employees to support the charitable organizations that are important to them. The program offers employees one day of paid leave per year to participate in volunteer activities. In addition, we match employee donations up to $300 USD per person per year to their preferred organizations and give each employee an opportunity to nominate a cause that is important to them to be selected as Tenable's global cause of the year. In 2023, Tenable's global cause of the year was the International Federation of the Red Cross. Previous causes have included St. Jude Children's Research Hospital, the Multiple Sclerosis Foundation and the Make-A-Wish Foundation. Through Tenable CARES, we aim to unite our employees around our missions and use our programs and tools to help spread the word about their charitable passions and work. Just as volunteering in our communities is an important aspect of our corporate culture, we encourage our employees to express their voices in local, state, and national public policy. Employees are given a total of one day off per year to exercise their right to vote. We are also focused onadvocat ing for policies that impact Tenable and the cybersecurity industry as awhole. We 39 regularly engage with U.S. federal, state, and local government entities to provide expertise and thought leadership to policymakers as they shape policies and regulations that directly impact our customers and cybersecurity as a whole. But our efforts are not limited to the U.S. government. We engage governments, policymakers and partners around the world to advocate on important issues affecting our business, our customers, our partners, and the communities in which we operate. We also lend our expertise to promote cybersecurity resilience and help inform the development of cybersecurity standards. We participate in numerous public private partnerships such as the President's National Security Telecommunications Advisory Committee, the IT Sector Coordinating Council and the National Institute for Standards and Technology's National Cybersecurity Center of Excellence -to provide cybersecurity and technology insight to policymakers and government officials. These engagements have led to opportunities to provide official testimony at congressional hearings on topics ranging from securing critical infrastructure to creating the Office of the National Cybersecurity Director. Tenable participates in a range of conferences, events, and summits that collectively advance our public policy goals. In addition, we conduct lobbying activities aimed at supporting policies that enhance cybersecurity and digital resilience. These activities are reported publicly in accordance with the Lobbying Disclosure Act and all subsequent amendments to the law. Complementary to our policy advocacy, we are engaged in cyber threat intelligence information sharing and operational collaboration with multiple organizations, including the Cybersecurity and Infrastructure Security Agency's Joint Cyber Defense Collaborative. We are members of numerous associations, such as the Alliance for Digital Innovation, the Cybersecurity Coalition, the Computing Technology Industry Association, the Information Technology Industry Council, the International Society of Automation, the Operational Technology Cybersecurity Coalition, DigiAmericas Alliance, the National Association of Chief Information Officers, and the National Governors Association. In addition, our Political Action Committee ("PAC"), which allows eligible employees to pool their voluntary, personal contributions to help support and elect pro-technology and pro-cybersecurity lawmakers to Congress. Tenable's PAC does not advance aparti san or social agenda, but instead ensures public policies promote sound cybersecurity policies and growth for our business, our employees and our customers. You can find all disbursements for the Tenable PAC by visiting the Federal Election Commission website. EXECUTIVE OFFICERS Our executive officers, and their respective ages as of April 11, 2024, are as follows: Name Executive Officers Amit Yoran Stephen A. Vintz Mark Thurmond Age Position(s) 53 Chief Executive Officer and Chairman 55 Chief Financial Officer 54 Chief Operating Officer The biography of Mr. Yoran is set forth in “Proposal 1: Election of Directors” above. 40 Stephen A. Vintz Stephen A. Vintz has served as our Chief Financial Officer since October 2014. Mr. Vintz previously served as Executive Vice President and Chief Financial Officer of Vocus, Inc. Mr. Vintz received aB.B.A. in Accounting from Loyola University Maryland and is a Certified Public Accountant. Mark Thurmond Mark Thurmond has served as the Company’s Chief Operating Officer since February 2020. Prior to joining the Company, Mr. Thurmond served as the Chief Operating Officer of Turbonomic Inc. from September 2017 to February 2020 and as the Executive Vice President, Worldwide Sales and Services of QlikTech International AB from August 2015 to August 2017. Mr. Thurmond holds a B.S. in Psychology from Hofstra University. 41 SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT The following table sets forth certain information regarding the ownership of the Company’s common stock as of March 28, 2024 by: (i) each director and nominee for director; (ii) each of the executive officers named in the Summary Compensation Table; (iii) all executive officers and directors of the Company as a group; and (iv) all those known by the Company to be beneficial owners of more than five percent of its common stock. Beneficial Owner Beneficial Ownership(1) Number of Shares Percent of Total 5% or greater stockholders: FMR, LLC(2) The Vanguard Group(3) BlackRock, Inc.(4) Named executive officers and directors: Amit Yoran(5) Stephen A. Vintz(6) Mark Thurmond(7) Arthur W. Coviello, Jr.(8) John C. Huffard, Jr.(9) Linda Zecher Higgins(10) Niloofar Razi Howe(11) A. Brooke Seawell(12) Raymond Vicks, Jr.(13) George Alexander Tosheff(14) Margaret Keane 12,626,513 12,510,817 10,524,434 3,538,283 806,085 42,646 35,124 491,998 5,203 19,170 269,245 11,332 14,100 — 10.6% 10.5% 8.9% 2.9% * * * * * * * * * * All current executive officers and directors as agroup (11 persons)(15) _____________ * Represents beneficial ownership of less than 1%. 5,233,186 4.3% This table is based upon information supplied by officers, directors and principal stockholders (1) and Schedules 13D and 13G filed with the SEC. Unless otherwise indicated in the footnotes to this table and subject to community property laws where applicable, the Company believes that each of the stockholders named in this table has sole voting and investment power with respect to the shares indicated as beneficially owned. Applicable percentages are based on 118,743,082 shares outstanding on March 28, 2024, adjusted as required by rules promulgated by the SEC. (2) As reported in aSc hedule 13G/A filed with the Securities and Exchange Commission on February 8, 2024, which states that FMR LLC has sole dispositive power with respect to all of the shares and sole voting power with respect to 12,622,068 of the shares. Members of the Johnson family, including Abigail P. Johnson, are the predominant owners, directly or through trusts, of Series B voting common shares of FMR LLC, representing 49% of the voting power of FMR LLC. The Johnson family group and all other Series B shareholders have entered into a shareholders' voting agreement under which all Series B voting common shares will be voted in accordance with the majority vote of Series B voting common shares. Accordingly, through their ownership of voting 42 common shares and the execution of the shareholders' voting agreement, members of the Johnson family may be deemed, under the Investment Company Act of 1940, to form a controlling group with respect to FMR LLC. The principal business address of FMR LLC is 245 Summer Street, Boston, Massachusetts 02210. As reported in aSc hedule 13G/A filed with the Securities and Exchange Commission on (3) February 13, 2024, which states that The Vanguard Group, Inc. has sole dispositive power with respect to 12,177,020 of the shares, shared dispositive power with respect to 333,797 of the shares and shared voting power with respect to 210,551 of the shares. The Vanguard Group, Inc. is the parent holding company of Vanguard Asset Management, Limited, Vanguard Fiduciary Trust Company, Vanguard Global Advisors, LLC, Vanguard Group (Ireland) Limited, Vanguard Investments Australia Ltd, Vanguard Investments Canada Inc., Vanguard Investments Hong Kong Limited and Vanguard Investments UK, Limited, which act as investment advisers to registered investment companies and separate accounts that own the reported shares. The principal business address of The Vanguard Group, Inc. is 100 Vanguard Boulevard, Malvern, Pennsylvania 19355. As reported in aSc hedule 13G filed with the Securities and Exchange Commission on (4) January 25, 2024, which states that BlackRock, Inc. has sole dispositive power with respect to all of the shares and sole voting power with respect to 10,333,404 of the shares. BlackRock, Inc. is the parent holding company of BlackRock Life Limited, BlackRock Advisors, LLC, BlackRock (Netherlands) B.V., BlackRock Institutional Trust Company, National Association, BlackRock Asset Management Ireland Limited, BlackRock Financial Management, Inc., BlackRock Asset Management Schweiz AG, BlackRock Investment Management, LLC, BlackRock Investment Management (UK) Limited, BlackRock Asset Management Canada Limited, BlackRock Investment Management (Australia) Limited, BlackRock Fund Advisors and BlackRock Fund Managers Ltd, which act as investment advisers to registered investment companies and separate accounts that own the reported shares. The principal business address of BlackRock, Inc. is 55 East 52nd Street, New York, New York 10055. Consists of (a) 338,226 shares of common stock held by Mr. Yoran directly, (b) 245,947 (5) shares of common stock held by the Amit Yoran 2020 Family Trust, (c) 335,435 shares of common stock held by the Amit Yoran Grantor Retained Annuity Trust A, (d) 169,765 shares of common stock held by the Amit Yoran Grantor Retained Annuity Trust B, (e) 2,413,712 shares of common stock issuable upon the exercise of outstanding options exercisable within 60 days of March 28, 2024, and (f) 35,198 shares of common stock issuable upon the vesting and settlement of outstanding RSUs and PSUs within 60 days of March 28, 2024. Consists of (a) 257,924 shares of common stock, (b) 528,434 shares of common stock (6) issuable upon the exercise of outstanding options exercisable within 60 days of March 28, 2024, and (c) 19,727 shares of common stock issuable upon the vesting and settlement of outstanding RSUs and PSUs within 60 days of March 28, 2024. Consists of (a) 27,993 shares of common stock and (b) 14,653 shares of common stock (7) issuable upon the vesting and settlement of outstanding RSUs and PSUs within 60 days of March 28, 2024. (8) issuable upon the vesting and settlement of outstanding RSUs within 60 days of March 28, 2024. Consists of (a) 29,923 shares of common stock and (b) 5,201 shares of common stock Consists of (a) 11,179 shares of common stock held by Mr. Huffard directly, (b) 31,847 shares (9) of common stock held by Mr. Huffard’s spouse in the Mary Kathryn Braden Huffard Revocable Trust U/T/A dated March 2, 2012, (c) 390,183 shares of common stock held by Mary Kathryn Braden 43 Huffard and Jonathan M. Forster, as Trustees of The Three Suns 2019 Non-Exempt Irrevocable Trust U/T/A dated November 15, 2019, (d) 53,588 shares of common stock held by Mr. Huffard and Mary Kathryn Braden Huffard, as Trustees of The John Cloyd Huffard Jr Revocable Trust U/T/A dated March 2, 2012, and (e) 5,201 shares of common stock issuable upon the vesting and settlement of outstanding RSUs within 60 days of March 28, 2024. (10) upon the vesting and settlement of outstanding RSUs within 60 days of March 28, 2024. Consists of (a) 2shares of common stock and (b) 5,201 shares of common stock issuable (11) issuable upon the vesting and settlement of outstanding RSUs within 60 days of March 28, 2024. Consists of (a) 10,660 shares of common stock and (b) 8,510 shares of common stock Consists of (a) 34,044 shares of common stock, (b) 230,000 shares of common stock (12) issuable upon the exercise of outstanding options exercisable within 60 days of March 28, 2024, and (c) 5,201 shares of common stock issuable upon the vesting and settlement of outstanding RSUs within 60days o f March 28, 2024. Consists of (a) 4,631 shares of common stock, (b) 1,500 shares of common stock held in a (13) custodial account established pursuant to the Uniform Transfer to Minors Act for which Mr. Vicks serves as custodian, and (c) 5,201 shares of common stock issuable upon the vesting and settlement of outstanding RSUs within 60 days of March 28, 2024. (14) issuable upon the vesting and settlement of outstanding RSUs within 60 days of March 28, 2024. Consists of (a) 8,899 shares of common stock and (b) 5,201 shares of common stock Consists of (a) 1,951,746 shares of common stock, (b) 3,172,146 shares of common stock (15) issuable upon the exercise of outstanding options exercisable within 60 days of March 28, 2024, and (c) 109,294 shares of common stock issuable upon the vesting and settlement of outstanding RSUs and PSUs within 60 days of March 28, 2024. 44 EXECUTIVE COMPENSATION COMPENSATION DISCUSSION AND ANALYSIS This Compensation Discussion and Analysis reviews the material elements of our 2023 executive compensation, philosophy, policies and practices, and discusses compensation earned by our named executive officers. Our named executive officers for the year ended December 31, 2023, are our principal executive officer, our chief financial officer and our chief operating officer, as reflected below (our “Named Executive Officers”). We have no other executive officers who were serving as of December 31, 2023 or who served during 2023. Position Chief Executive Officer and Chairman of the Board of Directors Chief Financial Officer Chief Operating Officer Name Amit Yoran Stephen A. Vintz Mark Thurmond Executive Summary Who We Are We are a leading provider of exposure management solutions. Exposure management is an effective discipline for measuring, comparing and reducing cybersecurity risk in today's complex IT environments. 2023 Financial Highlights • • Revenue was $798.7 million, a 17% increase year-over-year. Calculated current billings was $873.3 million, a 12% increase year-over-year. • GAAP loss from operations was $52.2 million, compared to $67.8 million in 2022. • Non-GAAP income from operations was $121.0 million, compared to $67.7 million in 2022. • GAAP net loss was $78.3 million, compared to $92.2 million in 2022. • GAAP net loss per share was $0.68, compared to $0.83 in 2022. • • • • • • Non-GAAP net income was $97.2 million, compared to $44.3 million in 2022. Non-GAAP diluted earnings per share was $0.80, compared to $0.38 in 2022. Cash and cash equivalents and short-term investments were $474.0 million at December 31, 2023, compared to $567.4 million at December 31, 2022. Net cash provided by operating activities was $149.9 million, compared to $131.2 million in 2022. Unlevered free cash flow was $175.4 million, compared to $128.1 million in 2022. Repurchased 0.4 million shares of our common stock for $14.9 million. Refer to the Appendix for reconciliations of non-GAAP measures to comparable GAAP measures. Executive Compensation Highlights We seek to ensure that executive pay is tied to performance and long-term stockholder value creation. Based on our success in executing our strategic plan in a challenging environment, including progress by the executive leadership team on our diversity and inclusion and employee engagement and development initiatives, the Compensation Committee took the following key actions with respect to the compensation of our Named Executive Officers in 2023 and in early 2024: 45 • • • No Base Salary Increases -In light of the challenging macro environment, our Compensation Committee determined to keep the base salaries of our Named Executive Officers at the same levels as those set in 2022. In February 2024, the Compensation Committee approved increases to the base salaries of our Named Executive Officers to better position the salaries with the median levels for such positions at our peers. Cash Bonuses - Our cash bonus structure mirrored that of prior years and incorporated revenue, unlevered free cash flow and bookings goals. Our target cash bonuses are expressed as apercenta ge of base salary paid out based on quarterly and annual attainment, and remained comparable with 2022. Given our performance in these areas, cash bonuses were paid out in accordance with their plan formula below target at 97.1%. Long-Term Incentive Compensation -We continue to provide a large percentage of our Named Executive Officers’ target compensation opportunity through our long-term incentive compensation program. In 2023, our long-term incentive plan continued to include the grant of restricted stock units (“RSUs”) subject to service-based vesting and performance restricted stock units ("PSUs") subject to achievement of certain financial performance goals and followed by additional service-based vesting. The aggregate grant date fair value of Messrs. Yoran, Vintz, and Thurmond’s 2023 grants decreased relative to 2022 between 7 and 8%, which was $0.7 million, $0.4 million, and $0.3 million, respectively. In order to comply with SEC requirements, we adopted a new compensation recoupment policy to replace our existing policy, under which certain incentive compensation paid to or earned by our Named Executive Officers may be recovered in the event of financial restatements. In 2022, we began incorporating PSUs in our long-term incentive plan as aporti on of our long-term incentive grants in order to further tie pay to performance. For 2023, PSUs made up 25% of the total grant date fair value of the long-term incentive grants for our Named Executive Officers. In February 2024, the Compensation Committee increased the proportion of PSUs in the 2024 long-term incentive grant mix from 25% to 35%. In future years and over time, the Compensation Committee intends to continue to gradually shift the mix of equity awards granted to Named Executive Officers to include a higher proportion of performance- based incentives. • • 46 2023 Target Total Direct Compensation Overview For 2023, 95% of our CEO’s total reported compensation and an average of 91% of our other Named Executive Officers’ total reported compensation was at-risk through quarterly and annual bonuses earned and equity incentives awarded, as reported in the Summary Compensation Table. CEO Pay Mix Other Executives Pay Mix (1) Base Salary 5% Actual Bonus 5% Base Salary 9% Actual Bonus 7% Equity Awards 90% Equity Awards 84% Listening toOur S tockholders At our annual meeting of stockholders in 2023, we conducted our third advisory vote on executive compensation, or a say-on-pay vote. Approximately 90.5% of the votes cast on the say-on-pay proposal supported the proposal. Our Compensation Committee reviewed the final vote results for the proposal and given the level of support, concluded that our compensation program provided a competitive performance package that incentivizes our Named Executive Officers and encourages their retention over the long term. Accordingly, other than as described below, the Compensation Committee determined not to make any significant changes to our executive compensation policies or decisions as a result of the vote. Our Compensation Committee will continue to monitor and continually evaluate our compensation program going forward in light of our stockholders’ views and our transforming business needs. In addition to our annual advisory vote on executive compensation, we are committed to ongoing engagement with our stockholders on executive compensation and corporate governance issues. Executive Compensation Policies and Practices We endeavor to maintain appropriate pay-for-performance alignment and sound governance standards as we review and manage executive compensation policies and practices. The Compensation Committee evaluates our executive compensation program on a regular basis to ensure that it is consistent with our short-term and long-term goals given the dynamic nature of our business and the market in which we compete for executive talent. The following summarizes our key convictions with respect to executive compensation and related policies and practices: 47 What We Do What We Do Not Do P Maintain an independent Compensation Committee. P Retain an independent compensation advisor. O No guaranteed bonuses. O No tax “gross ups” on payments on future post-employment compensation arrangements. P Annual executive compensation O No hedging or pledging of our equity strategy review. securities. P Multi-year vesting requirements for O No mid-year adjustments or modifications of our cash or equity incentives in 2023. O No retirement and perquisite benefits to our executives that are not offered to employees generally. equity awards. P “Double-trigger” change-in-control arrangements. P Succession planning by full Board. P Annual Say-on-Pay voting. P Stock incentive plans and executive employment agreements that provide for forfeiture of equity awards and severance if an executive is terminated for cause, including due to misconduct that results in reputational harm to the Company. Executive Compensation Philosophy and Objectives Our executive compensation program is guided by our overarching philosophy of paying for demonstrable performance. To achieve these objectives, we believe that our executive compensation program should include short-term and long-term elements, including cash and equity compensation, and should reward consistent performance that meets or exceeds expectations. We evaluate both performance and compensation to make sure that the compensation provided to our executives remains competitive relative to compensation paid by companies of similar size operating in our industry, taking into account our relative performance, our strategic objectives, and the performance of the individual executive. Consistent with this philosophy, we have designed our executive compensation program to achieve the following primary objectives: • • • Provide market competitive compensation and benefit levels that will attract, motivate, reward, and retain a highly talented team of executives within the context of responsible cost management; Establish adirect link between our financial and operational results and strategic objectives and the compensation of our executives; Align the interests and objectives of our executives with those of our stockholders by linking our executives’ long-term incentive compensation opportunities to stockholder value creation and their cash incentives to our annual performance; and • Offer total compensation opportunities to our executives that, while competitive, are internally consistent. Executive Compensation Design; Pay for Performance The annual compensation arrangements for our Named Executive Officers consist of both fixed and "at risk" compensation elements which have been designed to align pay and performance. 48 Our fixed base salaries are designed to retain our executives by providing dependable and competitive annual income. In addition, we emphasize variable compensation through our short-term incentive cash bonus plan based on our Named Executive Officers attainment of pre-established short-term financial targets as determined from time to time by the Company and reviewed by our Board of Directors in connection with our annual operating plan, and "at-risk" compensation through our long-term equity incentive plan, which consists of service-vesting RSUs and PSUs. Historically, we believed that service-based RSU awards were an appropriate long-term incentive compensation vehicle in so far as they exposed our Named Executive Officers to fluctuations in our stock price, thereby aligning the interests of our Named Executive Officers and stockholders and incentivizing them to build sustainable long-term value for the benefit of our stockholders while satisfying our retention objectives. In 2022, we incorporated PSUs in our long-term incentive plan as a portion of our long-term incentive grants in order to further tie pay to performance. For 2023, PSUs made up 25% of the total grant date fair value of the long-term incentive grants for our Named Executive Officers. In February 2024, the Compensation Committee increased the proportion of PSUs in the 2024 long-term incentive grant mix from 25% to 35%. In future years and over time, the Compensation Committee intends to continue to gradually shift the mix of equity awards granted to Named Executive Officers to include a higher proportion of performance-based incentives. These at-risk pay elements ensure that a substantial portion of our Named Executive Officers’ target total direct compensation is contingent (rather than fixed) in nature, with the amounts ultimately payable commensurate with our actual performance. 49 Compensation Elements In 2023, the principal elements of our executive compensation program, and the objective and key features of each element, were as follows: Element Type and Form of Element Objective Base Salary Fixed/Cash Designed to attract and retain highly talented executives by providing financial stability and security for performing job responsibilities through a fixed amount that is market competitive and rewards performance Short-Term Incentive Variable/Cash Bonus Designed to motivate and reward executives with financial incentives for achieving or exceeding rigorous quarterly and annual financial objectives related to our key business imperatives Key Features • Established initially through arm’s-length negotiation at the time of hire and then reviewed annually at beginning of year. • Factors considered include: executive's position, qualifications, experience, pre- hire salary level, the base salaries of our other executives, company and individual performance, retention objectives, a competitive market analysis, and recommendations of the CEO (for Named Executive Officers other than the CEO) • Target bonus amounts generally are reviewed annually at the beginning of year and determined based on various factors, including company and individual performance, a competitive market analysis, and recommendations of the CEO (for Named Executive Officers other than the CEO) • Bonus payments earned are determined after each quarter and the full-year • Bonus payments are generally dependent upon achievement of pre-established corporate financial objectives selected by our Compensation Committee from our annual operating plan reviewed by our Board of Directors 50 Long-Term Incentive At risk/RSUs and Variable/PSUs Designed to motivate and reward executives for successful long-term performance, align interests of executives and stockholders by motivating them to create sustainable long-term stockholder value, and encourage continued employment of executives over the long-term Other Compensation Retirement and health and welfare benefits offered to all employees on the same terms Employee benefits that promote employee savings and health and welfare, which assists in attracting and retaining our executives and employees • Annual award opportunities are generally reviewed and determined annually at beginning of the year or as appropriate during year for new hires, promotions, or other special circumstances • Individual awards are determined based on various factors, including company and individual performance, retention value of outstanding equity holdings, competitive market analysis, and recommendations of the CEO (for Named Executive Officers other than the CEO) • Historically granted RSU awards or stock options with four-year vesting requirements, although the Compensation Committee has discretion to grant other equity vehicles and use different vesting requirements or performance conditions • In 2023, continued to grant PSUs as part of the long-term incentive program in order to more closely tie together Named Executive Officer compensation and Company performance Indirect compensation element consisting of programs such as medical, vision, dental, life and disability insurance, as well as the 401(k) Plan with a company matching contribution and an ESPP, and other plans and programs made available to all eligible employees Base Salary In February 2023, the Compensation Committee reviewed the base salaries of our Named Executive Officers, taking into consideration acompet itive market analysis prepared by its compensation consultant and the recommendations of our CEO (except with respect to the CEO's own compensation), as well as the other factors described in “Compensation-Setting Process" below. Following this review, in light of the challenging macro environment, the Compensation Committee determined to keep the base salaries of our Named Executive Officers at the same levels as those set in 2022. 51 The base salaries of our Named Executive Officers were as follows: Named Executive Officer Mr. Yoran Mr. Vintz Mr. Thurmond $ 2022 Base Salary 2023 Base Salary 487,000 $ 414,000 414,000 487,000 414,000 414,000 Percentage Adjustment — % — % — % The base salaries paid to our Named Executive Officers during 2023 are set forth in the Summary Compensation Table below. In February 2024, the Compensation Committee approved increases to the base salaries of our Named Executive Officers to better position the salaries with the median levels for such positions at our peers. Cash Bonuses Cash bonuses are based upon a specific percentage of each participant’s annual base salary and are paid, subject to goal attainment, in five equally weighted installments, following each quarter and a fifth payment following year-end. We believe that paying bonuses throughout the year is the most effective way to motivate achievement of our short-term financial goals because quarterly and annual payments align with the time periods for which we provide external guidance to the investment community. 2023 Cash Bonus Structure In February 2023, the Compensation Committee reviewed the target short-term cash incentive bonus opportunities of our Named Executive Officers in place for 2023, taking into consideration a competitive market analysis prepared by its compensation consultant and the recommendations of our CEO (except with respect to the CEO's own bonus opportunity), as well as the other factors described in “Compensation-Setting" below. Following this review, the Compensation Committee determined that the target short-term cash incentive bonus opportunities would remain unchanged as a percentage of their base salaries for our Named Executive Officers. Accordingly, the target short-term cash incentive bonus opportunities of our Named Executive Officers for 2023 were as follows: Named Executive Officer Mr. Yoran Mr. Vintz Mr. Thurmond 2023 Target Cash Bonus Opportunity 487,000 $ 362,250 362,250 Target Percentage of Base Salary 100.0 % 87.5 % 87.5 % Consistent with the prior year, for 2023, our Board of Directors established anticipated target goals for each performance metric used in our annual operating plan, with actual bonus payments at each periodic payment interval calculated by multiplying 20% of a participant’s target cash bonus opportunity by the weighted average percentage attainment level of the applicable goals for each applicable quarter or full year. No payments are made if attainment is below 75% and the maximum payment is capped at 200% of the target amount. Accordingly, for 2023, the target performance goals 52 for our Named Executive Officers were as follows, each of which exceeds prior year actual performance: Performance Metric Revenue + Unlevered Free Cash Flow (2) Bookings $ Target Performance Level (in thousands)(1) Weighting 995,744 (3) 66.67 % 33.33 % _____________ (1) The target performance level for each performance metric was adjusted to include the expected impact of Ermetic from October 2, 2023 (date of acquisition) through the end of the year as approved by our Board of Directors. (2) of non-GAAP measures to comparable GAAP measures. Unlevered Free Cash Flow is a non-GAAP measure. Refer to the Appendix for reconciliations We have chosen not to disclose the target performance level for our bookings performance (3) measure as such information is proprietary in nature, the disclosure of which could result in competitive harm to the Company. For 2023, the Board of Directors considered the target performance achievement levels for the bookings performance measure to be challenging, but achievable with significant effort requiring circumstances to align as projected. The bookings target goal reflected a 22.6% increase over our actual bookings results from 2022. For this purpose, each of the above metrics are defined as follows: • • • Revenue - to be calculated in accordance with GAAP and as set forth in our quarterly and annual financial statements. Unlevered Free Cash Flow – to be calculated as free cash flow, defined as GAAP net cash flows from operating activities reduced by purchases of property and equipment, plus cash paid for interest and other financing costs, excluding payments for acquisition-related expenses. Bookings - to be calculated as sales of new and renewal subscription licenses, perpetual licenses and related first-year maintenance, and services and training, which are closed in a period. Bookings is based on annual contract value (ACV), whereby we include only the first- year contract value as booked in cases where a multi-year deal is prepaid or billed upfront. Our Board of Directors believed that, for purposes of the short-term cash incentive bonus plan, these were the most appropriate corporate performance measures to use because, in its view, they would provide meaningful indicators of our successful execution of our annual operating plan and our ability to enhance long-term value creation. In particular, we believe our bookings levels are an effective measure of annual contract value, which management uses to measure the growth of our business. 2023 Cash Bonus Attainment Our actual performance against the aggregate target level for the various corporate performance measures for each quarter and for the full year, as applicable, as well as the amounts received by each Named Executive Officer, were reviewed by the Compensation Committee in February 2024. 53 The following table provides information regarding the full year cash bonus payout level achieved by the Named Executive Officers during 2023: Performance Metric Revenue + Unlevered Free Cash Flow $ Bookings Actual Performance Level (in thousands)(1) Percentage of Target 983,445 (2) 98.8 % 93.3 % _____________ (1) from October 2, 2023 (date of acquisition) through the end of the year. The actual performance level for each performance metric includes the impact of Ermetic We have chosen not to disclose the performance level for our bookings performance (2) measure as such information is proprietary in nature, the disclosure of which could result in competitive harm to the Company. For 2023, the Board of Directors considered the target performance achievement levels for the booking performance measure to be challenging but achievable with significant effort requiring circumstances to align as projected. The bookings performance attainment reflected a 14.4% increase over our actual bookings results from 2022. 54 The following table provides information regarding the actual quarterly and full year cash bonuses earned by the Named Executive Officers during 2023: Named Executive Officer Mr. Yoran Mr. Vintz Performance Period First Quarter Second Quarter Third Quarter Fourth Quarter Full Year Total 2023 First Quarter Second Quarter Third Quarter Fourth Quarter Full Year Total 2023 Mr. Thurmond First Quarter Second Quarter Third Quarter Fourth Quarter Full Year Target Quarterly/ Annual Bonus Aggregate Weighted Average Achievement/ Payment Percentage Actual Quarterly/ Annual Bonus $ $ $ $ $ 97,400 97,400 97,400 97,400 97,400 487,000 72,450 72,450 72,450 72,450 72,450 362,250 72,450 72,450 72,450 72,450 72,450 102.1 % $ 96.7 % 96.4 % 94.9 % 95.4 % 99,445 94,186 93,894 92,433 92,920 97.1 % $ 472,878 102.1 % $ 96.7 % 96.4 % 94.9 % 95.4 % 73,971 70,059 69,842 68,755 69,117 97.1 % $ 351,744 102.1 % $ 96.7 % 96.4 % 94.9 % 95.4 % 73,971 70,059 69,842 68,755 69,117 Total 2023 $ 362,250 97.1 % $ 351,744 The cash bonus payments made to our Named Executive Officers for 2023 are set forth in the Summary Compensation Table below. Long-Term Incentive Compensation We have historically granted equity compensation to our Named Executive Officers primarily in the form of RSU awards or stock options. The Compensation Committee introduced PSUs for our Named Executive Officers beginning in 2022. For 2023, as part of its annual compensation review the Compensation Committee determined to continue granting amix o f equity awards consisting of 75% RSUs and 25% PSUs (based on target grant date values). Each RSU and PSU granted represents a contingent right to receive one share of our common stock for each unit that ultimately vests. Based upon a review of competitive market practice and the incentive power of these awards, in February 2023, the Compensation Committee granted RSU and PSU awards to our Named Executive Officers in amounts that it considered to be consistent with our compensation philosophy and its desired market competitiveness as follows: 55 Named Executive Officer Mr. Yoran Mr. Vintz Mr. Thurmond Restricted Stock Unit Award (shares) 143,963 81,521 59,406 Restricted Stock Unit Award (grant date fair value) $ 6,224,960 3,524,968 2,568,715 Performance Stock Unit Award (target shares) 47,987 27,173 19,802 Performance Stock Unit Award (target grant date fair value) Total Grant Date Fair Value Total Year- over-Year Change $ 2,074,958 $ 8,299,918 4,699,929 3,424,954 1,174,961 856,239 (7.8)% (7.8)% (7.4)% 2023 RSU Awards RSU awards serve as an incentive that is aligned with the long-term interests of our stockholders because their value increases (or decreases) with any change in the value of the underlying shares. Further, RSUs serve our retention objectives because they are subject to a multi-year vesting requirement based on continued service. The RSU awards granted to our Named Executive Officers vest over a four-year period, with 25% of the total number of units subject to the award vesting on the first anniversary of February 22, 2023, the vesting commencement date, and 1/16th of the total number of units subject to the award vesting in quarterly installments over the following three years, contingent upon the Named Executive Officer’s continued employment by us through each applicable vesting date. 2023 PSU Awards For 2023, the Compensation Committee continued to grant PSUs, representing 25% of the equity award mix (based on target grant date values), to strengthen the Company's pay for performance philosophy and in light of stockholder and institutional investor feedback. Because PSUs are only earned upon achievement of key performance goals that drive our business and our stockholder value, the Compensation Committee believes that these awards increase the alignment between the interests of our executive officers and stockholders. In February 2024, the Compensation Committee increased the proportion of PSUs in the long-term incentive grant mix from 25% to 35% for 2024. In future years and over time, the Compensation Committee intends to continue to gradually shift the mix of equity awards granted to Named Executive Officers to include a higher proportion of performance-based incentives. The PSU awards were subject to the achievement of (i) pre-established target levels for global bookings (weighted 33.33%) and revenue + unlevered free cash flow (weighted 66.67%) during the one-year performance period beginning on January 1, 2023, and (ii) a service-based vesting requirement, with 25% of the total number of PSUs deemed to be earned based on performance by the Compensation Committee vesting on the first anniversary of February 22, 2023, and the remainder vesting quarterly over the following three years, subject to the Named Executive Officer's continuous service through each applicable vesting date. The vesting of the PSUs may accelerate upon certain change in control events. For purposes of the PSU awards, global bookings, revenue and unlevered free cash flow have the same definitions set forth above under “Cash Bonuses.” The Compensation Committee selected these performance measures based on its belief that they were the best indicators of our successful execution of our annual operating plan and our ability to enhance long-term value creation. The number of units (and, correspondingly, the number of shares) that could be earned under the PSU awards ranged from 0% to 200% of the target number of PSUs granted, subject to the service- 56 based vesting requirement described above. The levels of performance required to earn the target number of PSUs was approved by the Compensation Committee at the time of grant as follows: Global Bookings and Revenue + Unlevered Free Cash Flow Achievement Percentage Payout Percentage(1) Maximum Target Threshold

Continue reading text version or see original annual report in PDF format above