GitLab (GTLB) – Earnings Review
We’ve covered JFrog a lot within the world of software development and operation (DevOps), but not GitLab. I wanted to provide a brief GitLab 101 as I introduce this into the coverage network. So what does it do?
First and foremost, GitLab offers Git Repository Management. This is an aggregated destination to store source code and files. Within it, developers can review source code health and alterations while resolving conflicts in a secure environment. In the world of DevOps, this is furthest to the “left” (or earliest on) in a software package’s journey to runtime. It always starts with source code and this is GitLab’s bread and butter.
Beyond the git repository, GitLab also offers continuous integration (CI). This is what automates the testing of source code and apps as well as conversion of source code into binaries. Conversion creates what’s called an artifact. Artifacts are usually binaires which are a series of 0s & 1s that can be read by machines. This is where large players like JFrog Artifactory come into the fold. Machines can’t read dozens upon dozens of source code languages. They can read 0s and 1s.
GitLab is now trying to extend its end-to-end DevOps platform further “right” (or later on) in the process to post artifact conversion. This is being done via products like Continuous Deployments (CD) which, (as the name indicates) involves the binary or software package being deployed into runtime. Its Pipeline product allows for the conjoining of CI and CD into a single step (intuitively called CI/CD). Finally, it offers some observability and security tools to monitor the performance of apps being worked on or deployed. The other functions mentioned, when paired with this one, place GitLab firmly in a “DevSecOps” niche.
Within this quarter’s theme of software platforms distancing from point solutions, that’s what GitHub is trying to emulate in DevSecOps. Considering 75% of organizations will be on one DevSecOps platform by 2027 vs. 25% today, this approach is well placed. It wants to be the single platform to do it all.
Demand
GitLab beat revenue estimates by 6.2% & beat its guide by 6.5%. Its 49.7% 2-year revenue compounded annual growth rate (CAGR) compares to 55.0% as of last quarter and 59.5% 2 quarters ago. Note that dollar-based net revenue retention (DBNRR) of 128% is still very good. The 400 basis point (bps; 1 bps = 0.01%) sequential expansion is also comparatively good vs. its peers.
Source: Brad Freeman – SEC Filings, Company Presentations, and Company Press Releases
Source: Brad Freeman – SEC Filings, Company Presentations, and Company Press Releases
Margins
- Beat -$5.5 million EBIT estimate & beat its same guide by $10.1 million or nearly 200% each.
- Beat -$0.01 EPS estimate & beat its same guide by $0.10 each.
- Gross profit margin (GPM) was comfortably better than estimates. It doesn’t guide to GPM.
- As part of tax negotiations with global regulatory bodies, GitLab recorded a $254 million income tax adjustment which heavily hit GAAP net income for the quarter. It did this to optimize its tax position going forward.
Source: Brad Freeman – SEC Filings, Company Presentations, and Company Press Releases
Source: Brad Freeman – SEC Filings, Company Presentations, and Company Press Releases
Q4 Guidance
- Next quarter revenue guide is 5.4% ahead of estimates
- Next quarter EBIT guide of $5.5 million is $11.9 million ahead of estimates.
- Next quarter EPS guide of $0.08 is $0.09 ahead of estimates.
- Annual guidance was raised across the board as a result of Q3 results and Q4 guidance.
Leadership also reiterated its plans to reach free cash flow (FCF) breakeven next year. It continues to work on de-consolidating from its China Joint Venture called JiHu. Without the operating losses from this segment, non-GAAP EBIT for 2024 would be breakeven.
Balance Sheet
- $1 billion in cash & equivalents.
- Share count rose by 4.2% Y/Y. This needs to slow & likely will as it moves further away from IPO-related equity awards.
Call & Release Highlights
The Platform Play
Just like ServiceNow, Zscaler, Salesforce, CrowdStrike and other software platform plays, GitLab’s full DevSecOps platform approach is working. The depth and breadth of their offering, from code creation to package deployment, is a complete platform for better efficacy at lower cost. That’s why 50% of its total bookings for Q3 came from its full-product subscription tier called the Ultimate Tier. This is its fastest growing bundle. I continue to repeat this same overarching idea for good reason: There’s a clear pattern.
“Breadth and depth of the platform across the full software dev life cycle differentiate us from point solutions and our main competitor, GitHub.” – CEO Sid Sijbrandij
The value proposition led to some compelling customer wins this quarter. A global financial services platform migrated to GitLab after a failed attempt to integrate needed tools with GitHub. The manual stitching together of these products fostered friction, confusion, inefficiency, and higher cost. GitLab displaced Microsoft GitHub and provided all needed add-on products into its single-interface platform. The customer enjoyed reduced costs, 8x faster deployment speed and 4x faster feature delivery.
A large business networking firm saw a similar result when it migrated from GitHub to GitLab. This customer kept hitting usage limits when trying to run software packages through GitHub. As leadership stated on the call, it “was not efficient enough to support growth.” GitLab 7Xed its package running efficiency. It also provided the security and compliance tools needed to displace point solutions – which GitHub couldn’t match.
As an aside, these anecdotes remind me of CrowdStrike’s successful competitive journey against Microsoft Defender. More niche players focused on fewer missions are seemingly outperforming the product utility of Microsoft as it juggles dozens upon dozens of product priorities.
When 3rd party security solutions are used, it routinely means developers must pause work to wait for security team verification and scanner results. This lengthens time to source code vulnerability detection and remediation. GitLab has a new security findings workflow tool. This allows developers to access security scanning results from within their GitLab developer environment.
GitLab is working on bringing more project management functions within its holistic platform to consolidate more potential point solutions. This matters a lot. Why? Per the 9th annual Global DevSecOps report, 66% of enterprises want to consolidate vendors and 84% of them use 2-10 different tools for full DevSecOps capabilities. GitLab is in the right place at the right time with a compelling sales pitch.
Customer & Research Organization Case Studies
- Per a GitLab commission Forester study, it delivers a 427% return on investment for clients within 36 months. It also delivers an investment payback period of 6 months.
- Gartner ranked it #1 in ability to execute and #2 behind GitHub for completeness of vision in its latest research. Forrester ranks GitLab as the only leader in the space.
- Delivered a 114x in product release velocity for Airbus and 99% faster software release times (24 hours shrunk to 10 minutes).
- Shrunk T-Mobile’s software release cycle from 18 months to 3 months.
- Eliminated 90% of Lockheed Martin’s time spent on software maintenance.
AI Upgrades
GitLab infuses GenAI models and tools throughout its entire platform. Today, it offers 14 AI features with many more to come. It thinks that the entirety of these tools can 7x software cycle speed.
GitLab Duo is the overarching “suite of workflows” within GenAI to augment developer speed and work quality. Duo Vulnerability Summary generates reports of vulnerabilities and best course of action to resolve issues. Duo Code Suggestions, similarly to GitHub Copilot, is a GenAI code creation tool powering 50% efficiency gains for beta testing clients. It’ll be fully introduced this month. Considering how much potential there is to automate code creation with GenAI, success here will vastly bolster its cost cutting value proposition for clients. This could potentially allow software developers to pocket a full 25% of their total time spent on work. Imagine what they can do with that time. GenAI models and their vast data consumption needs also mean more demand for software packages, which is good for GitLab as well.
Furthermore, Duo Chat creates project status reports, explains code suggestions, troubleshoots CI/CD issues and allows for package testing without context switching (meaning moving in and out of a developer environment). It’s a “natural language AI assistant” like ChatGPT, but with more specific use cases.
Security & Governance Upgrades
GitLab Dedicated is a tool that provides proper compliance within data isolation and residency. That, in turn, means GitLab can offer its full platform (with all layers of automation) even in the most tightly regulated sectors.
GitLab, like many others, commits to never using a client’s code to train its own GenAI models. It sees this layer of separation and transparency as a key reason why “50%+ of the Fortune 100 trusts GitLab to secure their IP.”
Demand Trends & Macro
Per CFO Brian Robbins, the sales cycle did elongate sequentially. That was surprising to hear given the strong results. Buying behavior for its largest customers did stabilize, but that was not the case for smaller clients. Importantly, win rates continued to rise sequentially, pointing to GitLab being a clear market share taker. Those share gains will be rewarded with even more business as macro improves.
Similarly to Snowflake, most of GitLab’s revenue (about 75%), is usage based. This means it’s easier for clients to reduce their business with GitLab than with a pure SaaS model like Zscaler. Considering this, the resilient demand is impressive and points to just how mission-critical this platform is in our digital world.
Take
Note to self: Next time Google aggressively scoops up shares of a public company like GitLab, pay close attention. While the company struggled with execution and guiding expectations earlier in the year, those issues have seemingly vanished. Demand and margin trends are both very positive and should get even better as its smaller client cohorts struggle less with macro. Its ability to monetize GenAI tools and take advantage of this current wave is quite compelling and its secular tailwinds are raging. At 17x gross profit (more than double market averages) and 100x calendar year 2025 operating income, this is one of the most expensive names on markets. It will need to continue delivering fantastic quarters like this one to keep justifying what is a large, large premium. There is virtually no margin of safety here. They must be perfect. This quarter was perfect.
