UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

FORM 10-K

(Mark One)

x ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended December 31, 2022

OR

o TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the transition period from _____________ to _____________

Commission file number 000-52776

Appgate, Inc.

(Exact name of registrant as specified in its charter)

Delaware	20-3547231
(State or other jurisdiction of incorporation or organization)	(I.R.S. Employer Identification No.)
2 Alhambra Plaza, Suite PH-1-B
Coral Gables, FL	33134
(Address of principal executive offices)	(Zip Code)

(866) 524-4782

Registrant's telephone number, including area code

Securities registered pursuant to Section 12(b) of the Act:

Title of each class	Trading Symbol(s)	Name of each exchange on which registered
N/A	N/A	N/A

Securities registered pursuant to section 12(g) of the Act:

Common Stock, $0.001 par value

(Title of class)

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.

Yes o No x

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act.

Yes o No x

Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports); and (2) has been subject to such filing requirements for the past 90 days.    Yes x    No o 

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).                Yes x   No o 

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

Large accelerated filer	o	Accelerated filer	o
Non-accelerated filer	x	Smaller reporting company	x
		Emerging growth company	o

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.                                                o

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.                o

If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in the filing reflect the correction of an error to previously issued financial statements.    o

Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the registrant’s executive officers during the relevant recovery period pursuant to §240.10D-1(b).                                            o

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Act).     Yes ☐   No x

As of June 30, 2022, the last business day of the registrant’s most recently completed second quarter, the aggregate market value of the registrant’s common stock, par value $0.001 per share (“common stock”) held by non-affiliates of the registrant was approximately $40.1 million based on the closing price of $7.50 per share of the registrant’s common stock as quoted on the OTC Markets on that date. For purposes of determining this number, each executive officer, director, and holder (known to the registrant) of more than 10% of our common stock as of June 30, 2022 have been considered affiliates of the registrant. This number is provided solely for the purposes of this Annual Report on Form 10-K and does not represent an admission by either the registrant or any such person as to the affiliate status of such person.

As of March 24, 2023, the registrant had 131,793,660 shares of its common stock outstanding.

DOCUMENTS INCORPORATED BY REFERENCE

None.

Table of Contents

	Page
Frequently Used Terms
Cautionary Statement Regarding Forward-Looking Statements
Summary of Principal Risk Factors
PART I
Item 1. Business	1
Item 1A. Risk Factors	20
Item 1B. Unresolved Staff Comments	53
Item 2. Properties	53
Item 3. Legal Proceedings	53
Item 4. Mine Safety Disclosures	53
PART II
Item 5. Market for Our Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities	54
Item 6. [Reserved]	54
Item 7. Management's Discussion and Analysis of Financial Condition and Results of Operations	54
Item 7A. Quantitative and Qualitative Disclosures About Market Risk	71
Item 8. Financial Statements and Supplementary Data	73
Item 9. Changes in and Disagreements With Accountants on Accounting and Financial Disclosure	115
Item 9A. Controls and Procedures	115
Item 9B. Other Information	116
Item 9C. Disclosure Regarding Foreign Jurisdictions that Prevent Inspections	117
PART III
Item 10. Directors, Executive Officers and Corporate Governance	118
Item 11. Executive Compensation	122
Item 12. Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters	132
Item 13. Certain Relationships and Related Transactions, and Director Independence	134
Item 14. Principal Accountant Fees and Services	137
PART IV
Item 15. Exhibits, Financial Statement Schedules	139
Item 16. Form 10-K Summary	140
Signatures	141

Frequently Used Terms

Unless otherwise stated or unless the context otherwise requires, the terms “we,” “us,” “Appgate,” “our,” and the “Company” refer to Appgate, Inc., a Delaware corporation (f/k/a Newtown Lane Marketing, Incorporated), and its consolidated subsidiaries following the Closing (as defined below):

•“2021 Plan” means the Appgate, Inc. 2021 Incentive Compensation Plan.

•“A&R Bylaws” means our amended and restated bylaws, effective October 12, 2021.

•“A&R Charter” means our second amended and restated certificate of incorporation, dated October 12, 2021.

•“Additional Convertible Senior Notes” means the additional $25.0 million aggregate principal amount of Legacy Appgate’s 5.00% Convertible Senior Notes due 2024 issued on the Closing Date.

•“Board” or “Board of Directors” means the board of directors of the Company.

•“Closing” means the consummation of the Merger.

•“Closing Date” means the date of the Closing on October 12, 2021.

•“Code” means the Internal Revenue Code of 1986, as amended.

•“Convertible Senior Notes” means the Initial Convertible Senior Notes, Additional Convertible Senior Notes and PIK Notes, collectively, issued, or with respect to additional PIK Notes, if issued, by Legacy Appgate and guaranteed by the Company and certain of its subsidiaries, which Conversion Obligations and Change of Control Conversion Obligations (as such terms are defined in the Note Issuance Agreement) thereunder were assumed by the Company on the Closing Date.

•“Cyxtera” means Cyxtera Technologies, Inc., a Delaware corporation and Legacy Appgate’s former parent.

•“DGCL” means the General Corporation Law of the State of Delaware.

•“Exchange Act” means the Securities Exchange Act of 1934, as amended.

•“GAAP” means generally accepted accounting principles in the United States.

•“Initial Convertible Senior Notes” means the $50.0 million aggregate principal amount of Legacy Appgate’s 5.00% Convertible Senior Notes due 2024 issued on February 9, 2021.

•“Legacy Appgate” means Appgate Cybersecurity, Inc. (f/k/a Cyxtera Cybersecurity, Inc. d/b/a AppGate), a Delaware corporation.

•“Magnetar” means Magnetar Financial LLC.

•“Merger” means the merger of Merger Sub with and into Legacy Appgate, with Legacy Appgate surviving the Merger and becoming a wholly owned subsidiary of the Company pursuant to the terms of the Merger Agreement.

•“Merger Agreement” means that certain agreement and plan of reorganization, dated February 8, 2021 entered into by and among Newtown Lane, Merger Sub and Legacy Appgate.

•“Merger Sub” means Newtown Merger Sub. Corp., a Delaware corporation and wholly owned subsidiary of Newtown Lane.

•“Nasdaq” means the Nasdaq Stock Exchange.

•“Newtown Lane” means the Company, prior to the Merger, which then had the name Newtown Lane Marketing, Incorporated.

•“Noteholders” means the holders of the Company’s Convertible Senior Notes.

•“Note Issuance Agreement” means that certain note issuance agreement, dated as of February 8, 2021, as amended, governing the issuance and terms of the Convertible Senior Notes, among Legacy Appgate, Legacy Appgate’s wholly owned domestic subsidiaries and Magnetar Financial, LLC, as the representative of the Noteholders.

•“Note Purchase Agreement” means that certain note purchase agreement, dated as of February 8, 2021, as amended, by and among Legacy Appgate and the Noteholders, pursuant to which Legacy Appgate sold the Convertible Senior Notes to the Noteholders.

•“NYSE” means the New York Stock Exchange.

•“PIK Notes” means any of Legacy Appgate’s 5.00% Convertible Senior Notes due 2024 issued, or to be issued, as payment-in-kind with respect to interest payable under outstanding Convertible Senior Notes, including the additional approximately $2.1 million aggregate principal amount of Legacy Appgate’s 5.00% Convertible Senior Notes due 2024 issued on February 1, 2023.

•“Revolving Credit Facility” means that certain subordinated revolving credit facility, in an aggregate principal amount of $50.0 million, to be provided by SIS Holdings to Legacy Appgate pursuant to the Revolving Credit Agreement.

•“Revolving Credit Agreement” means that certain Revolving Credit Agreement entered into on April 26, 2022 by and among Legacy Appgate, the Company, certain subsidiaries of Legacy Appgate and SIS Holdings.

•“SIS Holdings” means SIS Holdings LP, a Delaware limited partnership.

•“SEC” means the U.S. Securities and Exchange Commission.

•“Securities Act” means the Securities Act of 1933, as amended.

Cautionary Statement Regarding Forward-Looking Statements

This Annual Report on Form 10-K (this “Annual Report”) contains forward-looking statements within the meaning of Section 21E of the Securities Exchange Act of 1934, as amended, and Section 27A of the Securities Act of 1933, as amended. Statements that do not relate strictly to historical or current facts are forward-looking and can be identified by the use of words such as “anticipate,” “estimate,” “could,” “would,” “should,” “will,” “may,” “forecast,” “approximate,” “expect,” “project,” “seek,” “predict,” “potential,” “intend,” “plan,” “believe,” and other words of similar meaning. Without limiting the generality of the foregoing, forward-looking statements contained in this Annual Report include statements regarding the Company and its industry relating to matters such as anticipated future financial and operational performance, business prospects, the percentage of the Company’s future revenue derived from subscription term-based licenses compared to revenue from services, expected future increases in revenue and sales, including increasing the Company’s customer base and customers with annual recurring revenue above $100,000, sales to existing customers, the U.S. federal government and governments around the world and through the Company’s channel partners and product partnerships, growth in international markets, revenue trends by geography, future gross profit, gross margin, operating losses and negative cash flows, expected increases in gross profit and gross margin, the Company’s expected future net loss position, planned investments in sales and marketing and related increases in operating and general and administrative expenses, expectations regarding our annual recurring revenue and other key business metrics, expected future decreases in sales and marketing and general and administrative expenses as a percentage of revenue over time, planned investments in research and development as a result of the Company’s expected growth, the expected future growth of the cybersecurity industry, including the growth in adoption of, and replacement of legacy perimeter-centric security solutions by, Zero Trust security solutions, the Company’s ability to innovate and add new functionality to existing products through research and development, the Company’s ability to compete with competitors who offer similar products or services, the Company’s ability to continue as a going concern absent access to sources of liquidity, the Company’s ability to remain in compliance with covenants under the Convertible Senior Notes and the Revolving Credit Facility, the impact of foreign currency

exchanges and inflation on the Company’s business, the Company’s ability to remain listed on a national stock exchange, strategy and plans and similar matters.

The forward-looking statements included in this Annual Report involve risks and uncertainties that could cause actual results to differ materially from projected results. Accordingly, investors should not place undue reliance on forward-looking statements as a prediction of actual results. The Company has based these forward-looking statements on current expectations and assumptions about future events, taking into account all information currently known by the Company. While the Company considers these expectations and assumptions to be reasonable, they are inherently subject to significant business, economic, competitive, regulatory and other risks and uncertainties, many of which are difficult to predict and beyond our control. These risks and uncertainties include, but are not limited to:

•    our future financial performance, including our expectations regarding our annual recurring revenue and other key business metrics, total revenue, cost of revenue, gross profit or gross margin, operating expenses, including changes in operating expenses and our ability to achieve and maintain future profitability;

• our ability to continue as a going concern absent access to sources of liquidity;

• the effects of increased competition in our markets and our ability to compete effectively;

• growth in the total addressable market for our products and services;

• market acceptance of Zero Trust solutions and technology generally;

• market acceptance of our products and services and our ability to increase adoption of our products;

• our ability to maintain the security and availability of our products;

• our ability to develop new products, or enhancements to our existing products, and bring them to market in a timely manner;

• our ability to maintain and expand our customer base, including by attracting new customers;

• our ability to maintain, protect and enhance our intellectual property rights;

• our ability to comply with laws and regulations that currently apply or become applicable to our business both in the United States and internationally;

• our ability to maintain an effective system of disclosure controls and internal control over financial reporting;

• SIS Holdings’ significant influence over our business and affairs;

• the future trading prices and liquidity of our common stock;

• our indebtedness, which may increase risk to our business; and

• other risks and uncertainties, including those described in “Item 1A—Risk Factors” of this Annual Report.

All forward-looking statements made by us in this Annual Report are expressly qualified in their entirety by the foregoing cautionary statements. All such statements speak only as of the date made, and we undertake no obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as may be required under applicable securities laws.

Summary of Principal Risk Factors

Our business is subject to a number of risks, including risks that may prevent us from achieving our business objectives or may adversely affect our business, financial condition, results of operations, cash flows and prospects. These risks are discussed more in Item 1A of this Annual Report, and include, but are not limited to, the following:

•we have a history of losses, may not be able to achieve or sustain profitability in the future and expect to incur significant losses for the foreseeable future;

•we face significant competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations;

•our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations;

•false positive or false negative detection of risk, application tampering, viruses, spyware, vulnerability exploits, data patterns, or URL categories could adversely affect our business;

•if our software does not interoperate with our customers’ network and security infrastructure or with third-party products, websites or services, our products may become less competitive and our results of operations may be harmed;

•if we fail to develop or introduce new enhancements to our products on a timely basis, our ability to attract and retain customers, remain competitive and grow our business could be impaired. Our current research and development efforts may not produce successful products that result in significant revenue, cost savings or other benefits in the near future, if at all;

•if organizations do not adopt a Zero Trust model for cybersecurity, our ability to grow our business and operating results may be adversely affected;

•if we are unable to attract new customers or if our existing customers do not renew their subscriptions for our services or add additional users and services to their subscriptions the future results of our operations could be harmed;

•if the delivery of our services to our customers is interrupted or delayed for any reason, our business could suffer;

•a network or data security incident against us, whether actual, alleged, or perceived, could harm our reputation, create liability, and regulatory exposure, and adversely impact our business, operating results, and financial condition;

•the actual or perceived failure of our technology solutions to prevent a security breach or address targeted security threats could harm our reputation and adversely impact our business, financial condition and results of operations;

•claims by others that we infringe their proprietary technology or other rights, or other lawsuits asserted against us, could result in significant costs and substantially harm our business, financial condition, results of operations and prospects;

•if we fail to maintain effective disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired;

•management has performed an analysis of our ability to continue as a going concern, and has determined that, based on our current financial position, there is a substantial doubt about our ability to continue as a going concern; in addition, our independent registered public accounting firm has raised substantial doubt as to our ability to continue as a going concern;

•SIS Holdings can control our business and affairs and may have conflicts of interest with us in the future;

•our common stock is currently thinly traded, liquidity is limited, and we may be unable to obtain listing of our common stock on a more liquid market; and

•we have indebtedness, which may increase risk to our business and your investment in us.

PART I

Item 1. Business

Mission Statement

Our mission is to empower and protect how people work and connect by enabling any user on any device to securely access any application, use any network or cloud and perform any transaction.

Overview

We believe we are defining a new category of Zero Trust access for enterprises and governments. Our Zero Trust platform is designed to protect against increasingly damaging breaches through innovative, identity-centric, context-aware solutions. Our pure-play focus on Zero Trust has enabled us to deliver the highest ranked current Zero Trust Network Access offering as determined by the Forrester New Wave™: Zero Trust Network Access, Q3 2021.

Legacy security platforms continue to fail. Secure access has always been essential to establishing trust between users and technologies. We believe that the Zero Trust framework secures all primary use cases including customer, employee, partner, cloud and Internet of Things (“IoT”). It is a framework for securing infrastructure and data for today’s modern digital environment. Legacy security models, such as virtual private network (“VPN”), give users unnecessarily wide, unrestricted and overprivileged network access. This enables attackers to move easily within organizations and cause tremendous damage. In contrast, Zero Trust is designed to transform security by granting users access to only those resources that are needed to do their job at a particular time and place. Zero Trust uniquely addresses the modern challenges of today’s business, including securing remote workers, controlling access to cloud environments, and defending against ransomware threats.

This new Zero Trust paradigm is needed today because enterprises are undergoing digital transformation as they seek to automate operations, generate new revenue streams, transition business models and deliver a seamless customer experience. Digital transformation, driven by growth in cloud computing, Software as a Service (“SaaS”), mobile devices, IoT, and similar technologies, as well as the increasing prevalence of remote work, has changed the nature of cybersecurity risks by proliferating the number of entry points to organizations’ networks. This is often referred to as “increasing the attack surface”. Simultaneously, the number and sophistication of cyberattacks have increased dramatically, as has their costs and frequency. This combination of more vulnerable networks and more malicious activity has created a cybersecurity crisis, changing the threat landscape organizations face. As a result, enterprises require security access solutions that proactively ensure the right user has authorized access to the right resources at the right time.

We have built a Zero Trust platform which, we believe, is a critical, central pillar of a modern cyber security architecture that will replace legacy perimeter-centric security solutions and is designed to address the current cybersecurity crisis. These legacy solutions are insufficient to secure organizations, their infrastructure and their data. By contrast, we believe that our Zero Trust solutions secure an enterprise’s exponentially increased attack surface, which occurs as a result of their digital transformation journey. We also offer digital threat protection and risk-based authentication tools to identify and eliminate attacks before they occur, across social media, phishing attacks, bogus websites, and malicious mobile apps.

Our solutions give our customers the ability to lower costs and increase efficiency, while improving compliance and providing security that is persistent, identity-centric and context-aware. Our platform enables enterprises to leverage existing investments in IT and security infrastructure. The subsequent cost savings and returns on investments include: leveraging existing network security controls to effectively apply policies, using a service desk business process to control network access and automating cloud security with a Zero Trust framework.

We are pioneering Zero Trust access across all environments, including public cloud, private cloud, multi-cloud, on-premises or permutations of all of the above and believe its rapid adoption signals the early stages of a long-term shift away from legacy perimeter-centric security solutions. We believe our purpose-built capabilities address the hybrid, cloud, and on-premises network security markets, which Gartner estimates was approximately a combined $39 billion market opportunity in 2021, expected to grow at a 14% compound annual growth rate (“CAGR”) to reach approximately $57 billion by 2024. Gartner has also stated that Zero Trust Network Access remains a dynamic space, with 2021 global market revenue exceeding 60% growth over 2020, and expected to almost triple from 2021 through 2025. We also believe a subset of our capabilities address the Fraud Detection and Prevention (“FDP”) market, which, according to Global Market Insights, was a $30 billion market in 2022 and is expected to grow at a 25% CAGR from 2023-2032.

1

Our leadership in Zero Trust has also been recognized by third party research firms. Forrester, the firm that originally coined the term “Zero Trust,” named us a leader in the Forrester New Wave™ for Zero Trust Network Access report (September 2021). The report highlighted our ability to address cloud, on-premises and hybrid IT models, noting that Appgate “Software Defined Perimeter”, or SDP, “is the best fit for companies that need high security and a self-hosted option. Appgate offers its Zero Trust Network Access (“ZTNA”) as a SaaS, but also as a self-hosted option for enterprises and agencies that need it.” Separately, Forrester also named us a leader in their initial Forrester Wave™ Zero Trust eXtended Ecosystem report (September 2020). The report noted that Appgate serves mega-enterprises and Department of Defense (“DoD”) customers, which we believe is a testament to our capabilities and positions us well to benefit from the rising demand for Zero Trust solutions.

We believe our solutions address the complex needs of global enterprises and governments. Our go-to-market strategy consists of both direct sales and indirect channel partners. As of December 31, 2022, we served approximately 650 organizations across approximately 70 countries, including domestic and international government agencies and Fortune 500 enterprises that include at least one of the largest companies by revenue in each of the defense contracting, telecommunications, systems integrator, and oil and gas sectors.

We sell our solutions primarily through a recurring revenue license model or subscription, and employ a ‘land and expand’ strategy to generate incremental revenue through the addition of new users and the sale of additional products. We believe the success of our strategy is validated by our strong dollar-based net retention rates. Our dollar based net retention rates were 96% and 114% at December 31, 2022 and 2021, respectively. Our annual recurring revenue (“ARR”) was $33.7 million and $31.1 million at December 31, 2022 and 2021, respectively. See “Item 7—Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Business Metrics” for additional information regarding ARR.

We achieved revenue of over $40.0 million in each of 2022 and 2021. We continue to invest in growing our business and, as a result, we incurred losses from continuing operations of $54.2 million for the year ended December 31, 2021 and $80.1 million for the year ended December 31, 2022.

Industry Background

Digital Transformation has Upended Traditional IT Architectures and Environments

Rapidly accelerating digitization has transformed traditional IT architectures, and organizations are confronting the need—indeed the requirement—to transform their business models and environments from legacy, standalone, static systems, and applications, to more dynamic, cloud-native, distributed solutions. For decades, IT environments were defined by company-owned devices operating on company-owned or controlled infrastructure and networks. However, the explosion of the internet, rise of cloud computing, and the proliferation of workloads and mobile devices has upended the legacy IT infrastructure model.

•Proliferation of the cloud and the rise of “as-a-service” solutions. Organizations have embraced cloud-based “as-a-service” delivery models to empower employees and customers and increase the speed of deployment. According to Gartner, more than 85% of organizations will embrace a cloud first principle by 2025 and will not be able to fully execute on their digital strategies without the use of cloud-native architectures and technologies. IDC forecasts the global public cloud services market to grow to approximately $809 billion in 2025 from $385 billion in 2021. These types of environments have massively increased the complexity of IT infrastructure and expanded the scope of the corporate network. This is especially true as enterprises increasingly adopt powerful but complex Infrastructure and Platform as a service (IaaS and PaaS) for the development and deployment of custom and mission-critical business applications.

•Work from anywhere and bring your own device (“BYOD”). Organizations now expect their workers to securely move from place-to-place and device-to-device without losing productivity. These same workers are also now encouraged, and often expected, to use their own devices for work-related activities. The work from anywhere, BYOD culture, with employees accessing corporate applications on their personal laptops, tablets, and smartphones, has accelerated over a number of years and now appears permanent. Businesses have been forced to adjust their IT environments in response to these trends and are faced with employee devices that lack the level of control and security of company-owned devices. As a result, the corporate network has been extended well beyond the secure boundaries of a corporate office, leaving it significantly more exposed to cyberthreats.

2

•Connected devices and the internet of things (“IoT”). From mobile devices to cameras and sensors, the number of devices on a corporate network has multiplied exponentially over the last few years and is expected to continue growing rapidly due to new technologies such as 5G and the business and technical benefits delivered by these new technologies and tools. According to IOT Analytics, the number of connected IoT devices is expected to reach 27 billion by 2025, up from 12.2 billion in 2021. This trend has served to significantly increase the attack surface.

Cybersecurity Threats and Impact Multiplying

The evolution of IT environments coupled with motivated and sophisticated hackers has increased the risk of cybersecurity attacks. Lateral network movement, ransomware, and insecure remote access are resulting in a higher number of attacks of worsening severity with a lengthened time to detection. According to Secureworks’ 2022 State of the Threat, ransomware remains the primary threat facing organizations.

•Expanded attack surfaces. As IT environments have evolved, the adoption of hybrid, multi-cloud, BYOD, and IoT, as well as the massive shift to remote work, has altered the nature of cybersecurity risks by growing exponentially the number of entry points to organizations’ networks. With each new user, connection, device, or online interaction, the attack surface, the scope of network vulnerabilities, and the likelihood of network infiltration all increase. The increased attack surface also serves as a source of increased complexity for enterprise defenders. To date, traditional security tools and strategies have not kept up with this increased complexity.

•Lateral movement. Once a hacker penetrates a network, their ability to move laterally allows them to travel extensively throughout the network, increasing the volume of data they are able to compromise, and increasing the risk that more sensitive data is exposed. The ability to move laterally and remain undetected for long periods of time in the network is one of the leading drivers behind the high costs of breaches. The 2020 “SolarWinds” attack, which affected as many as 425 of the Fortune 500 and all branches of the US military, highlights the ability of an attacker to leverage lateral movement after breaching an organization’s network. The original breach occurred sometime between March and June of 2020, when clients of SolarWinds downloaded a software update that was infected with malicious code. The perpetrators were then able to move laterally within the networks of these organizations, remaining undetected by traditional perimeter-based network security solutions until December of 2020, providing the hackers with ample time to gather sensitive data and install more malware. In addition to threats caused by external actors, insider threats, typically coming from employees or third-party contractors, also pose a growing security threat to organizations. According to the Ponemon Institute Cost of Insider Threats Global Report, insider incident average cost ranged from $485,000 to $805,000 per incident, with 56% of incidents due to negligence.

•Sophisticated adversaries. Today’s hackers are highly skilled, often backed by well-funded militaries, intelligence services, or criminal organizations and motivated by some combination of financial, criminal, and terrorist objectives. They can launch complex attacks, often executed over multiple steps, starting with an initial breach of the corporate network followed by lateral movement, slowly escalating their privileges to access increasingly critical and proprietary data.

The combination of more vulnerable networks and more malicious activity has created a cybersecurity crisis for organizations. Cybersecurity Ventures expects global cybercrime costs to grow by 15% per year, reaching $10.5 trillion annually by 2025. Cybersecurity breaches can also have a significant impact on society beyond the direct financial costs. This is illustrated by the Colonial Pipeline ransomware attack in 2021, which resulted in fuel shortages and spikes in gasoline prices across a number of U.S. states, and by the spike in cyberattacks on health care systems during the pandemic, impacting patient care.

Traditional Cybersecurity Tools are Limited in Protecting Against Today’s Threats

Traditional cybersecurity tools are failing to meet the challenge of modern IT environments due to inherent weaknesses in their structure and design philosophy.

•Implicit trust at the center of traditional perimeter-centric security model. Traditional cybersecurity tools are largely perimeter-centric, focused on securing the boundary between a private network and the public internet.

3

This model is built on the notion of implicit trust, which is the assumption that traffic originating from within a private network does not represent a risk. This critical characteristic allows for lateral movement, giving infiltrators the ability to remain undetected as they move across a network, causing widespread and costly damage. According to the IBM Cost of a Data Breach Report, in 2022 it took an average of 207 days to identify a breach, and another 70 days to contain, giving an attacker plenty of time to cause significant financial and reputational damage to an organization. While this perimeter-centric approach worked historically when enterprise networks had fewer points of entry, today’s IT environments and distributed workloads have softened the network perimeter, blunting the effectiveness of the perimeter-centric security model.

•Outdated tools are siloed and lack context awareness. Traditional security tools such as VPNs, firewall equipment, and network access control (“NAC”) equipment are outdated, siloed, have well-known and widely exploited vulnerabilities, and are unable to properly secure a modern IT environment. These tools employ an outdated model of a single network perimeter entry point and broad network access privileges. VPNs inherently have a “coarse-grained” access control model, granting or denying users access to broad sections of the network, and lack context-aware, fine-grained security permissions, resulting in increased severity of any breach.

•Cybersecurity defenses are overly complex. Organizations often deploy numerous cybersecurity tools from various vendors, reactively deploying new tools in response to emerging threats. This has left many organizations with a patchwork cybersecurity model consisting of a mix of tools from a range of vendors, typically with poor integration and communication among tools, lacking an integrated cybersecurity solution with a unified control point. The resulting complexity makes it challenging for IT professionals to manage the tools effectively and offers poor visibility into potential vulnerabilities and breaches. The need for a new paradigm and approach to cybersecurity is crucial to protect organizations from adversaries and to avoid costly network breaches.

Cybersecurity Defense is Shifting to a Context-Aware, Dynamic Security Model

Zero Trust represents a paradigm shift in cybersecurity. It moves from the legacy static, network-based, perimeter-centric security model to a dynamic, context-aware model based on users, identities, applications, and business processes. The foundation of the Zero Trust model is the idea that no person, device, or application should be implicitly trusted, and that the entire extended network represents an attack surface.

Why a Zero Trust Framework Works

•Eliminates the need for implicit trust. Zero Trust eliminates the need for the implicit trust that is often granted based on physical or network location, and instead requires that all access be identity-driven and earned via dynamic attributes and strong authentication.

•Context-aware and secure access privileges. The Zero Trust model grants users access only to specific and required resources unlike the traditional security model designed on the premise of implicit trust where users are given overprivileged access and can move laterally within a network. Users are continuously monitored, and if their context or device changes, network access can be revised accordingly or revoked entirely. This approach represents a paradigm shift in the cybersecurity posture, increasing organizational resiliency when facing attacks and better equipping them to isolate and limit the impact of any network breach.

Zero Trust framework has emerged as the clear answer to today’s cybersecurity threats. Following the “SolarWinds” attack, the National Institute of Standards and Technology (“NIST”), the National Security Agency (“NSA”) and the Cybersecurity and Infrastructure Security Agency (“CISA”) released guidance recommending a Zero Trust framework. Subsequently, in May 2021, President Joe Biden issued an Executive Order explicitly calling for the adoption of a Zero Trust Architecture by the federal government to improve the nation’s response to “persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.” The federal government continues to lead the industry in setting standards with ongoing work and publications by CISA, NIST, the U.S. Department of Defense, and others. These include a multi-vendor integration and architecture initiative led by NIST’s National Cybersecurity Center of Excellence, which Appgate was one of the participating vendors.

4

With an increasingly threatening landscape, to ensure security every organization and government in the world will need to update their traditional cybersecurity tools with a solution that is able to stand up to today’s threats. We believe that the Zero Trust framework has established itself as that solution and represents the next generation cybersecurity solution.

Our Solutions

We provide identity-centric and context-aware Zero Trust access solutions that ensure security and compliance across all environments, including on-premises, hybrid, and cloud-native. We also offer a digital threat protection and risk-based authentication and comprehensive risk management tool designed to identify and eliminate attacks before they occur, across social media, phishing attacks, bogus websites, and malicious mobile apps. The following combination of software and services are increasingly the central pillar of our customers’ cybersecurity architecture:

•Appgate Software-Defined Perimeter (“SDP”). Appgate SDP, leveraging unified access policies that are simple to understand and write, is designed to ensure trusted network access for users across all devices and IT environments, whether on-premises, hybrid or cloud-based. Unlike legacy solutions where users manually and constantly switch VPN tunnels to establish secure connections, SDP users connect once and gain access only to authorized applications across a heterogeneous and distributed IT landscape. SDP defends our customers’ networks from wrongful access and continuously monitors for changes in user behavior once a connection is made. In order to prevent lateral movement from unauthorized users, the network remains invisible, exposing no ports, until a user is authenticated and connected. Once authenticated and on the network, SDP employs the principles of “least-privileged access,” granting limited access, only to the extent required. Access is conditional and based on multiple factors, and if SDP detects changes during the online session, the user can be denied access in part or in full. The most common Appgate SDP use cases include VPN replacement for remote access, securing cloud access, supporting cloud migrations, securely providing third-party access, secure Development and Operations (“DevOps”), and integrating Merger & Acquisition (“M&A”) assets into a secure network environment. Appgate SDP supports customer choice of deployment models, including hosting it within Appgate’s cloud-native Zero Trust Platform, having customers deploy in a self-hosted model, or hybrid.

•Risk-Based Authentication (“RBA”). RBA offers an intelligent and contextually aware approach to authenticating users and approving transactions without friction. Legacy password-only solutions are a weak authentication measure that unintentionally creates friction for enterprise customers. By contrast, our RBA approach uses real-time behavioral risk assessments, context-based authentication and machine learning, all designed to protect individuals against targeted attacks. Transactions and user behavior are continuously monitored to qualify the risk on any channel. Should the RBA solution determine the person attempting to access their account is illegitimate, transactions can be blocked or challenged in real-time, preventing account takeover.

•Digital Threat Protection (“DTP”). Our DTP solution is designed to combat external threats targeting consumers across social, mobile and the dark web, including phishing links, malicious mobile apps, and fraudulent websites. DTP continuously monitors activity, provides early-stage warnings, orchestrates takedowns and can proactively stop attacks before damage is done, often before intended victims are aware.

•Threat Advisory Services. Our Threat Advisory Services are designed to proactively identify vulnerabilities and validate defenses using a combination of advanced penetration testing, adversary simulation and other customized services. We use highly sophisticated, bespoke processes based on the individual needs of our customers to simulate nation-state-level and other complex attacks. These engagements help organizations test and validate the security investments they’ve made and act as an opportunity to implement our software solutions based on remediation recommendations as we help our customers accelerate their Zero Trust journey. Threat Advisory Services are an important tool in our pursuit to future proof our customers’ defenses against malicious activity, as they allow us to gain real-time information from our services engagements to stay up to date on evolving cybersecurity threats. We leverage this data to inform our software technology roadmap, helping us effectively address our customers’ expanding security needs.

Key Benefits

Our platform based on Zero Trust principles is scalable, integrates with disparate security and non-security solutions and operates in any complex IT environment. Our platform empowers organizations to undertake their digital transformation

5

journey and enables development and operations teams to collaborate, quickly build and improve applications and drive business performance. Key benefits of our solutions include:

•Enhanced network security based on Zero Trust. As a pioneer, leader, and one of the earliest proponents of Zero Trust, we have built and honed a pure-play platform based on Zero Trust principles to facilitate secure interactions for organizations, users, and their devices. Our solutions use the principles of Zero Trust to strengthen network security, making it harder for adversaries to attack a network. Additionally, if a breach occurs, an attacker’s lateral movement is restricted so the attacker can be identified and swiftly contained, potentially limiting overall damage and exposure.

•Effective across all environments. Organizations require infrastructure to support on-premises, hybrid, cloud, IoT, BYOD, and other disparate platforms. Our identity-centric and context-aware solution dynamically adjusts to changes in user behavior across all interconnected environments. Many organizations have a patchwork of products that are often poorly integrated, creating additional complexity, security gaps, and administrative burden, creating an opportunity for our solutions. We believe we were among the first to identify the need for and deliver an enterprise class, software-based, unifying solution that dynamically works across all environments to become an organization’s executive team’s cyber-defense partner.

•Greater flexibility for customers and their users. Our solutions offer fast, secure, direct connections from any location, enabling increasingly popular remote workforce models. Unlike perimeter-based approaches, our SDP platform uses a dynamic identity-centric policy model to connect users from any device in any location. While remote workforce models typically expand security risk, our security architecture is designed to ensure that increased workforce mobility does not create incremental vulnerable access points. Appgate SDP can be deployed as-a-Service (hosted in the Appgate cloud environment) or deployed completely within customer environments.

•Strong integration capabilities. Our solutions can be deployed alongside existing security systems and across the entire IT environment. We utilize what we believe is the broadest set of APIs for Zero Trust in the industry to enable our products to coordinate and communicate with other IT systems and improve the interoperability with existing security infrastructure. Through integration with our Zero Trust security solution, customers have the potential to extend both the reach and value of their existing security and non-security tools. We believe this value proposition enables a faster purchasing decision and differs from “next generation” security solutions that require an overhaul of a customer’s existing security system architecture.

•Lower total cost of ownership. Adoption of our user-friendly software solutions frequently leads to improved operational efficiency for organizations. A survey of our customers by independent analyst firm Nemertes concluded that all respondents reported improvements in one or more key operational metrics, including average user provisioning time, average number of staff required for user provisioning, average login time, number of security incidents and trouble tickets and number of concurrent users, after adopting our solutions.

•Simplified and more effective security model. We allow system administrators to create a single set of access policies that can be used uniformly across multiple disparate environments, increasing ease of use, operational efficiency, and security. This is in sharp contrast to not only traditionally siloed products, such as VPNs and NACs, but also many other ZTNA providers, who utilize static versus dynamic security rules, or who cannot secure access for on-premises users.

•Seamless end user experience. We provide automatic, dynamic access without having to frequently engage with the end user or disrupt workflow processes. Users are authenticated the same way regardless of where they are located or what device they are using. This approach differs from, and can be a replacement for, inflexible tools like VPNs and static multi-factor authentication systems, which often require users to re-authenticate themselves routinely, frustrating users.

•Complex fraud prevention. We offer consumer-facing organizations a comprehensive set of solutions based on Zero Trust principles to prevent fraud. Powered by machine learning and behavioral analytics designed to identify and prevent fraudulent activities, we assess risk based on user behavior to authenticate connections. Our proprietary technology is focused on detecting and deactivating targeted external threats which utilize phishing links, malicious mobile apps, or fraudulent websites. We continuously analyze and monitor an array of digital channels to identify threats, and execute site take-downs, often before intended victims are aware. Finally, we

6

provide rich insights on potential victims, so organizations can be better prepared to stop future complex fraud campaigns.

Competitive Strengths

Our competitive strengths include:

•Pioneering Zero Trust solutions delivering next generation IT security. Our Zero Trust solutions are purpose-built to meet the needs of modern organizations, whose IT infrastructures are transforming with the adoption of containerized, cloud, SaaS, mobile, IoT, and remote work environments. Our solutions are designed from the ground up on Zero Trust principles to function and integrate across all IT environments, which has the potential to make them more effective at securing IT infrastructures as compared to repurposed legacy solutions. Our solutions allow system administrators to create a single set of policies that can be applied uniformly across multiple environments, reducing the risk of errors. We believe our primary focus on Zero Trust has enabled us to build an industry leading solution.

•Industry leading reputation. Our SDP product was named a “Leader” in the Forrester New Wave™ for Zero Trust Network Access (Q3 2021) and, as of March 10, 2023, received 4.6 out of 5 stars from customer reviews on Gartner Peer Insights. Appgate was also recognized by Forrester in their “New Tech: Zero Trust Network Access, 2021” report, as a mature or “Late-Stage” vendor, indicating significant company tenure, number of customers, employees, and funding level as compared to our peers. Our RBA solution was named a “Leader” in Quadrant Solutions’ SPARK Matrix™: Risk Based Authentication, 2022 report. We believe these high-profile recognitions received from trusted industry experts have elevated our reputation with existing and prospective customers.

•Highly scalable ‘land and expand’ go-to-market (“GTM”) strategy driving C-Suite engagement. We leverage a ‘land and expand’ GTM strategy that can scale rapidly as we demonstrate value to customers and achieve broader deployment across their infrastructure. We deploy an integrated technical sales approach complemented by channel partners, such as Lumen, Optiv, Presidio, Guidepoint Security, DXC, TechMatrix, SageNet, Q2, Alkami, Carahsoft, Ingram, GBM, CLM and Kite, which helps us meet the needs of our expanding customer base. This GTM approach is turbocharged by our battle-tested sales engineering team, which can help demonstrate the value of our solutions to stakeholders outside of the IT organization. We believe that cybersecurity has become a key business issue for executives, not just an area of concern for IT professionals; our ability to elevate conversations to a strategic level and secure buy-in from all stakeholders is a critical differentiator, unlocking broader deployment of our solutions.

•Strong customer focus. We are a trusted, long-term, strategic partner to our customers. In a Nemertes survey of our customers, 100% of respondents said Appgate accelerated their digital transformation, and of those implementing Appgate SDP, our importance to their strategy ranked 9.5 out of 10. These strong customer satisfaction metrics stem from our customer success team’s close collaboration with clients throughout their journey as a customer, communicating frequently with them through quarterly business reviews, supporting them as novel issues and use cases arise, and constantly seeking feedback to drive improvement in our solutions. We also continue to hold regular Customer Advisory Board meetings, which provide an open dialogue with customers to ensure that we prioritize, understand, and adapt to their changing needs. Our current customer base includes at least one of the largest companies by revenue in each of the defense contracting, telecommunications, systems integrator and oil and gas sectors, validating our customer-focused strategy.

•Seamless API-based integration. Our solutions offer feature-rich, easy-to-use APIs that allow for integration with existing solutions, which enables our customers to drive more value from their in-place solutions. Our APIs facilitate quick deployment alongside existing security solutions, from which threat data and context can be extracted, and are used to enrich our risk scoring and authentication decisions. We continue to partner with other cybersecurity vendors, such as Crowdstrike and others, to deepen the abilities of our API integrations. In addition, Appgate recently introduced new no-code integrations within our cloud-native security services, running in the Appgate Zero Trust Platform. This further improves our integration capabilities, and makes it easier for customers to benefit from it.

•Deep management strength with extensive cybersecurity experience. Our seasoned executives were among the earliest pioneers in Zero Trust security. Our senior management team has extensive expertise in the cybersecurity

7

industry with deep knowledge of the markets in which we operate. With an average of over 20 years of experience in the enterprise technology and cybersecurity space, our highly accomplished management team demonstrate a historical track record of success and are devoted to the continued growth and success of our business.

Our Opportunity

As organizations reshape their IT infrastructure around hybrid, multi-cloud, SaaS, mobility, IoT, BYOD, containerized workloads, and with remote working environments and cyber threats rising rapidly, the need for a new security model is increasingly mission-critical for many enterprises. Zero Trust security is emerging as the leading next generation security model and we believe we are a pioneer in this transforming industry and are well-positioned to capitalize on the market opportunity.

•Hybrid, multi-cloud, and on-premises network security. Gartner estimates this aggregate market was approximately $39 billion in 2021, expected to grow at a 14% CAGR to approximately $57 billion by 2024. According to Cisco’s May 2022 Global Hybrid Cloud Trends Report, 82% of IT leaders say that they have adopted the hybrid cloud. Our SDP platform is designed to ensure trusted access for all corporate users across all environments.

•VPN replacement. Gartner predicts that at least 70% of new remote access deployments will be served predominantly by ZTNA as opposed to VPN services by 2025, up from less than 10% at the end of 2021, and that 60% of enterprises will phase out their remote access VPN in favor of ZTNA by 2023. Our SDP platform offers secure VPN replacement across all environments including hybrid, multi-cloud, and on-premises.

•Secure Access Service Edge (“SASE”). SASE refers to integrated security and network solutions that secure IT environments. According to Gartner, the global SASE market is projected to grow at a CAGR of 36% reaching almost $15 billion by 2025. We believe that ZTNA is the most critical element of SASE given its role in regulating network access, and our SDP platform is a recognized leader in ZTNA.

•Fraud Detection and Prevention (“FDP”). Organizations and individuals face a growing set of active and targeted phishing campaigns, as well as increased use of malicious websites and mobile apps for criminal purposes. The growth in these threats is underpinned by continued expansion of online banking, e-commerce, and Peer-to-Peer (“P2P”) payment applications. According to Fortune Business Insights, the FDP market was estimated at approximately $25.7 billion in 2021 and is projected to reach approximately $129.2 billion by 2029, representing a 22.8% CAGR. Ensuring that their customers aren’t deceived by fraudulent websites, phishing campaigns, or mobile apps is critical to businesses’ reputations, and our RBA and DTP solutions are designed to address these threats and we believe are critical tools in the FDP ecosystem. Illustrating the imminent need for fraud prevention, the Federal Trade Commission reported that Americans lost over $5.8 billion to fraud in 2021, an increase of over 70% from 2020.

We believe we are well-positioned to capitalize on the market opportunity to displace legacy network security solutions, which are ill-equipped to effectively secure cloud or hybrid IT environments, and the use of which increases entry points for adversaries and the risk of network breaches.

Growth Strategies

Key elements of our growth strategy include:

•Continue to grow customer base. We believe our solutions are well positioned to serve not only large, security-conscious organizations with complex, hybrid IT environments, but also medium and small sized customers. We believe scaling our sales team and increasing our investment in channels and strategic partners will fuel our customer base growth.

•Increase adoption within our existing customers. We utilize a ‘land and expand’ strategy through which we expand existing customer accounts by adding new use cases or more users, including third-party users and contractors. We expect many of our existing SDP customers to use our network of other software and services, driving growth.

8

•Continue to innovate and enhance our offerings. We plan to continue to expand our Zero Trust platform and capabilities to develop new products and add new modules in existing offerings to address additional use cases. As a pioneer in Zero Trust access solutions and cybersecurity defense, we are continuing to invest in the platform, and have launched new services, such as our cloud-native Zero Trust platform, announced in November 2022. We invested approximately 31% of our revenue in research and development during the year ended December 31, 2022 and maintain a robust product and technology roadmap. Our roadmap incorporates customer feedback which gives us confidence that we will be able to monetize our development efforts as we seek to offer highly scalable, flexible, and user-friendly products to address a variety of high-impact use cases.

•Grow our global footprint. As of December 31, 2022, we had customers in approximately 70 countries, reflecting the importance of our global footprint and our success building an international presence. For the year ended December 31, 2022, international sales represented approximately 49% of our revenue. We believe global demand for our offerings will continue to increase as international organizations further embrace Zero Trust access solutions in response to evolving cybersecurity threats and sophisticated adversaries. While we expect our international markets to continue to grow, we anticipate the growth in North America to outpace that of international markets.

•Expand our channel and product partnerships. Our Zero Trust solutions are highly complementary to a number of other cybersecurity products, and as such, we have built a number of highly strategic product and go-to-market partnerships. Our products are easy to deploy and can be distributed by value-added resellers and service providers. We have strong channel partnerships with Lumen, Optiv, Presidio, Guidepoint Security, DXC, TechMatrix, SageNet, Q2, Alkami, Carahsoft, Ingram, GBM, CLM, and Kite, among others and work closely with federal systems integrators such as Raytheon, Northrop Grumman, and ManTech, each of whom are building out solutions around our products for wider distribution. We also continue to work with technology alliance partners to offer integrated solutions to our customers. For example, Appgate has a partnership with CrowdStrike, integrating our Appgate SDP solution, with the CrowdStrike Falcon Zero Trust Assessment (ZTA) capability of CrowdStrike Falcon Insight EDR. This flexible, scalable integration provides a frictionless path for accelerating enterprise Zero Trust journeys. It will help organizations achieve intelligence-aware and dynamic secure access policy enforcement — reducing their attack surface and mitigating lateral movement on their networks. CrowdStrike Falcon ZTA expands Zero Trust beyond authentication to enable Appgate’s detection, alerting and enforcement of risk-based access policies driven by device health and compliance checks. The solution monitors many endpoint settings to deliver partners a device security posture assessment, allowing them to build powerful and granular security policies.

•Expand our presence with U.S. federal governments and governments around the world. With NIST, the White House, and other agencies endorsing the adoption of Zero Trust, we expect to have ample opportunities to leverage our early and continued success with the Department of Defense and Department of Homeland Security and to build trust with other government agencies and departments. Our SDP solution was the first SDP product to be Common Criteria Certified, which is the international “gold standard” for Information Technology security. Common Criteria is recognized by approximately 30 nations and was developed by the United States, United Kingdom, Canada, France, Germany, and the Netherlands. Appgate has government customers across the world.

Our Technology and Architecture

Appgate’s cybersecurity solutions empower and protect how people work and connect. Our solutions are designed to enhance security, limit the ability of attackers to succeed, and minimize damage in the event of a breach. We recognize that IT, business, and security infrastructures are complex and can act as impediments to innovation, security, efficiency, and effectiveness. Organizations need security solutions that can be easily and effectively deployed and integrated into their existing environments.

Our solutions are designed with customer integration and customer success in mind, and this philosophy has influenced our technology architecture. We believe that customers should retain the choice of where and how to deploy their security infrastructure, enforce access, and route traffic. As such, we have designed and built our solutions to support secure access to the cloud and on-premises.

9

Appgate SDP

Our flagship Zero Trust Network Access solution, Appgate SDP, is designed to secure enterprise environments by applying the core principles of Zero Trust. Using Appgate SDP, our customers have successfully achieved enterprise Zero Trust security, at scale and with speed, integrated into their IT and security teams, business processes, and technologies. With Appgate SDP, enterprises can eliminate weak and ineffective components of their security architecture (such as VPNs), while integrating with and obtaining more value from the remaining components (such as Identity Management and IT Service Management).

Appgate SDP is designed to provide enterprise-class ZTNA capabilities, providing a highly resilient system with no single point of failure, and near wire speed throughput. Its distributed architecture makes SDP easy to scale and deploy across any network infrastructure, including hardware, software, virtual, and cloud. It enables complete customer control over deployment topologies and location of policy enforcement points and can be deployed in a customer-hosted, or Appgate-hosted SaaS model. Its secure multi-tunnel approach is designed with users at the center, dynamically creating a session-based micro-perimeter dedicated to each user — what we term a “segment of one”. This allows for an efficient, secure, and resilient connection to the permitted set of enterprise resources. This compares favorably to traditional security and remote access solutions, which often force user traffic to traverse a vendor cloud or enterprise WAN, resulting in poor performance, limited scalability, and the perpetuation of a weak security model. In addition to controlling access to enterprise resources through Zero Trust policy enforcement points, the Appgate SDP system itself is cloaked and invisible to unauthorized users, utilizing a cryptographic mechanism termed Single-Packet Authorization (SPA). SPA is designed to ensure that legitimate users can securely access resources from any location, without exposing any attack surface to malicious actors.

The Appgate SDP architecture is fully aligned with the NIST Zero Trust model, which contains the following fundamental principles:

•No implicit trust. There is no inherent trust or access granted to assets or user accounts based solely on their physical or network location — the model instead assumes a network has already been breached.

•Authentication and authorization required before access is granted. Authentication and authorization are discrete functions performed before any access to an enterprise resource is permitted. This applies to users, servers and devices.

•Minimal attack surface (principle of least privilege). All users, devices, and networks only permit access to the minimal set of resources, and only for authenticated and authorized users. This applies to all users (remote and on-premises), all devices (enterprise-issued and BYOD), and all resource types (on-premises, cloud-based, physical, or virtual). The system, and all enterprise resources, are cloaked and invisible to all unauthorized actors.

•Dynamic, identity-centric policies. The focus is on protecting specific resources (assets, services, workflows, network accounts, etc.), not broad network segments. Access policies dynamically evaluate user, device, network, and resource attributes to make decisions about whether access should be permitted at any given point in time.

Deployment Architecture

The Appgate SDP deployment architecture is comprised of the following five elements.

A.Client. The user of a resource (described below). In the typical Appgate SDP use case, the client is an organization’s employee seeking to access an application from a PC or mobile device.

B.Controller. Effectively the brain of the system, the controller houses the enterprise policy model (the rules used to determine which users should have access to which resources), aggregates the information required to enforce the enterprise policy model, and then makes an authentication and authorization decision.

C.Gateway. Policy enforcement points that restrict access to resources until a client is authorized.

10

D.Enterprise Systems. Sources of information about a user and context used to make authentication and authorization decisions.

E.Resource. Any application, server, network, IoT device, containerized workload, etc. that can be located in any cloud or on-premises environment.

A conceptional depiction and description of the Appgate SDP deployment architecture are as follows:

1.The Client first connects to the Controller.

2.The Controller begins by authenticating the user with the enterprise identity provided. It then aggregates all relevant data from the Enterprise Systems, including information about both (a) the user’s identity, location, and device security posture and (b) contextual information from the organization’s network, security, and business process systems. The Controller then uses this information to determine which resources the user should have access to at that particular time and place.

3.The Controller generates and sends a live entitlement token to the user. An entitlement token is an electronic credential that indicates which resources a user should have access to. The entitlement token is “live” because it can change based on changes in context.

4.The Client creates an encrypted tunnel to a Gateway and sends the live entitlement token to the Gateway for validation.

5.The Gateway creates a logical “segment of one” to connect the Client to the specific resource(s) to which the Client has been granted access.

6.The system continuously evaluates context and changes entitlements based on changes to context. For example, if a user disconnects their laptop from a docking station, the system will detect the change from a hard-wired network connection to a public Wi-Fi connection. Or, if an enterprise Endpoint Detection and Response (EDR) system detects anomalous activity from a user’s device, it can inform Appgate SDP. In both cases, Appgate SDP will re-evaluate user access based on this changed context.

11

The components of the Appgate SDP platform itself, the Controllers and Gateways, utilize a cryptographic mechanism to cloak themselves from unauthorized users. This mechanism is designed to ensure that these components can be accessed by legitimate users located anywhere, while remaining resilient and inaccessible to unauthorized use or malicious actors.

In addition, Appgate SDP’s architecture is designed to ensure that customers retain the ability to choose how and where their network traffic is routed (some customers use Appgate SDP as an SD-WAN replacement as a result), and how and where to deploy Gateways. Gateways are distributed across their organizations’ environments, protecting both on-premises and cloud-based environments. Similarly, the distributed nature of the Appgate SDP system provides a unified access control model for all users (both remote and on-premises) for all resources, using a single policy model and a single platform. As a result, customers benefit by being able to decommission ineffective siloed and legacy security technologies (such as VPNs and NACs), replacing them with a modern Zero Trust platform.

Deployment Options

Appgate SDP supports a wide variety of deployment models and access methods designed to provide for ongoing customer satisfaction. Customers may choose to deploy entirely in a self-hosted and self-managed model, or they may utilize the Appgate-hosted and managed as-a-Service model, using Appgate’s cloud-native Zero Trust platform, to take advantage of its simpler deployment and management.

These options are shown in the following diagram which depicts Hosted and Connected options for customer deployments of Appgate SDP. For those enterprises that require such a model, Appgate SDP may also be deployed in a model that is disconnected from the Appgate cloud environment.

In addition to the many types of resources that need securing, organizations also have a wide variety of end-user populations and types, and the Appgate SDP platform provides an industry-leading set of access methods. Users can access Appgate SDP-protected resources via installed client software, through a clientless web portal, or through a network-based connector service. Likewise, Appgate SDP adeptly meets complex enterprise and government agency networking needs, including dynamic and policy-based control of network segmentation, routing, and name resolution. Appgate SDP is designed to deliver superior security while also improving the end user experience and reducing administrative burdens.

Digital Threat Protection

Our Digital Threat Protection (“DTP”) solution offers visibility and comprehensive fraud risk management to identify and eliminate attacks before they occur. DTP is designed to evaluate fraud risk across social media, phishing attacks, bogus websites, and malicious mobile apps. Its curated threat intelligence and continuous threat monitoring provides protection throughout the fraud risk lifecycle. Additionally, DTP provides business leaders with valuable proactive detection, mitigation, and reporting functionality for their end-users.

12

DTP combats external threats by detecting fraud risk lurking online, continuously monitoring brand-centric activity, and taking swift action to halt attacks before significant damage occurs, often before the intended victims are even aware of the attack.

•Phishing. Our DTP solution monitors customer websites as well as newly registered domains, DNS entries, and links posted on social media sites, looking for similar domains or clones of legitimate sites that may be phishing sites. This monitoring extends to mobile app stores, where DTP can detect rogue mobile apps designed to deceive users. We also offer Victim Insights, a unique and differentiated feature which utilizes an encrypted key to identify users and compromised credentials, enabling rapid and precise responses.

•Dark web monitoring. Our DTP solution protects against attacks originating from the dark web by identifying employee credentials that have been breached and are circulating on the dark web and mitigating the effects of targeted threats by reporting risk exposure to ensure quick action against exposed data.

•Sophisticated attacks. Our DTP solution is designed to identify and immobilize sophisticated threats, such as web injections and credential grabbing on transactional websites, without requiring software installation on user devices. It provides detection of unauthorized changes executed against the content of a company’s website and features built-in analytical systems, which evaluate users’ sessions to identify indicia of fraud that indicate potential breach of users accounts by cybercriminals.

Our DTP solution is deployed in our cloud-hosted environment, ensuring that customers have a high degree of confidence in its availability and scalability. It is monitored and operated by our 24x7 Security Operations Center (“SOC”) team, who detect and respond to fraud risk events in near real-time. By combining automated analysis of detected fraud attempts with skilled SOC operators, DTP customers benefit from automated monitoring and manual follow-up, including threat analysis and verification, and initiation of malicious site takedowns with relevant parties, including ISPs, registrars, and mobile app operators.

These services are facilitated through our web-application online portal, which allows customers to see the results of our efforts in real-time. This portal includes ticketing functionality, providing customers with details of identified threats including employee credentials harvested and IP address and domain details exposed; the portal also allows customers to request support from the SOC agents. Threat tracking maps and social media feeds are also available to customers if they want to examine DTP’s raw data feeds.

13

Risk-Based Authentication

Our Risk-Based Authentication (“RBA”) solution combines advanced authentication techniques, such as multi-factor authentication, and behavioral analytics based on machine learning and AI algorithms. This helps customers model and monitor risk with dynamic and flexible rules and to authorize transactions and prevent fraud for institutions. For example, RBA enables financial institutions to detect and take action on risky transactions more accurately, while reducing friction facing end users. RBA enables authentication through push technologies, SMS text, One-Time-Passwords, email verification two-step responses, and QR code enrollment, allowing end user customization based on individual preferences.

Our RBA solution offers our customers flexible deployment options. It can be deployed wholly into customer environments for local integration or into an Appgate-managed cloud environment for simpler deployment and management, as illustrated in the below diagram. RBA also features a risk orchestration tool running on the back end to enable simplified integration of multiple solutions and to map conditional workflows, enabling authentication challenges through device identification when fraud risk is determined by our transaction anomaly detection solution. Our behavioral biometrics and device analytics also provide a level of authentication and can tie into step-up authentication methods as required.

Our Customers

As of December 31, 2022, we served approximately 650 customers globally including Fortune 500 enterprises and governments entities such as the U.S. Departments of Defense and Homeland Security. Although our solutions can deliver value to organizations across industries, we see particular strong interest from companies in the following sectors: financial services, manufacturing, energy, media & entertainment, technology, telecommunications, consumer goods and services, and the public sector. We serve at least one of the largest companies by revenue in each of the defense contracting, telecommunications, systems integrator and oil and gas sectors. As of March 10, 2023, our customers independently ranked us 4.6/5.0 stars on Gartner Peer Insights, a peer-driven ratings and reviews platform for enterprise IT solutions and services covering over 300+ technology markets and 3,000+ vendors.

14

Our Customer Advisory Board further strengthens our customer relationships. As of February 22, 2023, it was comprised of 15 of our most strategic customers and provides quarterly feedback on our solutions. This feedback, received primarily from technologists involved in the purchase, implementation, and ongoing management of our solutions, helps guide our product innovation and provides validation of our strategies. Our Customer Advisory Board members are also among our strongest advocates and frequently provide referrals to prospective customers.

No customer (including, for the avoidance of doubt, resellers and managed service providers) contributed more than 10% of our revenue for the years ended December 31, 2021 or 2022.

Customer Case Studies

The customer examples below illustrate how customers from different industries benefit from our solutions and how our solutions can be utilized to solve various problems. As described above in “—Our Customers,” none of the below customers contributed more than 10% of our revenue for the years ended December 31, 2021 or 2022.

Bancolombia

Situation: Grupo Bancolombia is the largest financial bank in Colombia with subsidiaries across Central and South America. They need to protect their more than 15 million customers from fraud.

Solution: Bancolombia uses Appgate’s DetectTA and DetectID authentication framework as a key component of its fraud prevention strategy. DetectID provides the bank with strong authentication capabilities for its customers across multiple transaction channels. On average, Appgate supports more than 90 million authentication requests a month. Bancolombia also uses Appgate’s DetectTA transaction monitoring capability which detects transaction anomalies based on user behavior and automatically reacts to changing fraud patterns, and Detect Safe Browsing to block online and mobile threats in real time and take action before an attack occurs.

Chewy

Situation: Chewy’s mission is to be the most trusted and convenient online destination for pet parents (and partners) everywhere. The company believes that it is the preeminent online source for pet products, supplies, and prescriptions as a result of its broad selection of high-quality products, which it offers at competitive prices and delivers with an exceptional level of care and a personal touch. Chewy continually develops innovative ways for its customers to engage with it, and partners with approximately 2,500 of the best and most trusted brands in the pet industry, to bring a high-bar, customer-centric experience to its customers.

Solution: Chewy selected us as its preferred partner due to both our high-quality software, as well as our agility and ability to scale with its rapidly growing business. During the onset of the COVID-19 pandemic, Chewy worked with us to rapidly implement our SDP solution to authenticate and authorize Chewy’s team members prior to allowing access to any resources from remote locations. After a successful initial deployment, Chewy chose our SDP solution for its Zero Trust solution to enable secure and seamless work-from-anywhere in a post-COVID world.

DXC

Situation: DXC is a leading end-to-end IT services company, with, as of March 31, 2022, over $16 billion in annual revenue and over 130,000 employees across approximately 70 countries. DXC needed to provide its employees and customers with seamless remote access to DXC’s corporate network and applications, including provisioning of access to different resources based on each user’s entitlement rules and device compliance status. It was critical for network traffic to be routed on the most efficient path to individual applications and network endpoints, with multiple concurrent connections when necessary. Additionally, DXC had sold significant IP address space to Microsoft and Amazon Web Services (“AWS”), resulting in significant IP conflicts that needed to be resolved.

Solution: DXC selected our SDP solution to replace its traditional VPNs from multiple vendors. This allowed the company to move all of its users off of its corporate network, retiring multiprotocol label switching (“MPLS”) and private networking resources and transitioning to ZTNA-based network infrastructure. This provided not only a higher level of network security, but also the ability to retire traditional network resources, leading to significant cost savings. DXC is also heavily leveraging Appgate SDP’s DNS forwarding capability, addressing the massive IP overlap that DXC faced due to significant M&A activity.

15

Fifth Third Bank

Situation: Fifth Third Bank, National Association is an indirect subsidiary of Fifth Third Bancorp and one of the largest banks in the United States, with approximately 19,000 employees and, as of December 31, 2022, operating 1,087 banking centers and approximately 2,000 automated teller machines across 11 states. Under its Technology Leadership initiative, Fifth Third recognized the opportunity to enhance its IT infrastructure and embarked on a strategic Zero Trust initiative and investment in cloud solutions.

Solution: Fifth Third Bank selected Appgate as its partner and purchased 3,000 SDP licenses in the second quarter of 2020. Once recognizing the value of our solution, Fifth Third purchased additional licenses furthering its goal of having our SDP solution deployed on every device remotely accessing its network. Fifth Third plans to direct its focus to on-premises users. We believe Fifth Third’s adoption of our solution demonstrates our successful ‘land and expand’ approach, and our proven success around linear scalability, programmability and extensibility.

Financial Industry Regulatory Authority (FINRA)

Situation: The Financial Industry Regulatory Authority (FINRA) is a government-authorized not-for-profit organization that oversees U.S. broker-dealers to protect investors and ensure market integrity. They regulate all equity and option trades in U.S. markets and process peak volumes of 600 billion transactions daily.

Solution: FINRA selected Appgate because it enables them to use dynamic resolvers to retrieve per-user workload information. With approximately 1,000 users, they were able to enforce identity-centric access with strong, context-sensitive authentication.

Sales

We sell our security solutions and services through a combination of our direct sales team and channel partners. The direct sales team is responsible for identifying prospective and existing customers’ business problems. The direct sales team is supported by sales engineering and customer success specialists, who gather detailed customer specifications to develop a bespoke solution that surpasses customer requirements. Sales engineering team members collaborate closely with the regional sales representatives to demonstrate the strength and value of our solutions, while customer success team members ensure that clients realize the full value from our solutions once implemented. Overall, the direct sales team is responsible for managing the lifecycle of the customer relationship, from onboarding and implementation to ongoing advocacy. The team conducts formal business reviews with each customer to identity and solve new use cases, supporting our “land and expand” growth model.

Our Zero Trust solutions are highly complementary to other security solutions, and as such, we have built strategic, integral GTM partnerships with channel partners, including agents and resellers, service providers, systems integrators, cloud consulting partners, and original equipment manufacturers (“OEMs”). We offer our channel partners a robust training and certification program to help position them as Zero Trust specialists, advance their technical skills, and help them capitalize on the market opportunity. We expect our channel partner ecosystem to contribute heavily to future growth as we continue to invest resources in developing a robust, partner-led GTM strategy. However, we do not rely on any individual channel partner and no channel partner contributed more than 10% of our revenue for the years ended December 31, 2022 and 2021. For example, we have strong relationships with Alkami, CLM, DXC, GBM, Guidepoint Security, Kite, Lumen, Carahsoft, Ingram, Optiv, Presidio, Q2, SageNet, and TechMatrix, among others, and work closely with federal systems integrators such as ManTech, Northrop Grumman, and Raytheon, which are building solutions around our products for wider distribution. We also work with technology alliance partners, such as CrowdStrike and McAfee to devise industry leading solutions.

Marketing

Our marketing strategy is designed to build brand awareness and reputation, establish ourselves as thought leaders and trusted advisors in Zero Trust security, drive customer demand globally by increasing prospect consideration and conversion, and provide our customers with meaningful ways to engage with us. We have a holistic approach that includes digital and non-digital methods, such as paid digital media, search engine optimization, social media, website marketing, events and sponsorships, live demos, media and analyst relations, speaker’s bureau, and account-based marketing programs. We produce original content in the form of blogs, ebooks, infographics, videos, case studies, surveys, and white papers to help educate our target customers about top-of-mind, mission-critical security concerns. To see the value of our

16

solutions in-action, prospective customers can attend regularly scheduled, expert-led live demos or enroll in our Test Drive program for a hands-on experience. We also work with channel and technology alliance partners on GTM activities highlighting the value of our joint solutions. We believe an educated prospective customer makes the best decisions for their network security and we strive to help them in their journey.

Operations

We primarily utilize Microsoft and AWS cloud environments for our computing and storage needs required to deliver our products and services. In connection with our use of Microsoft and AWS cloud environments, we have entered into their standard terms and conditions in the ordinary course of our business. See “Item 1A—Risk Factors—Risks Related to our Business and Industry— We rely on third-party hosting and cloud computing providers, like Amazon Web Services (AWS) and Microsoft Azure, to operate certain aspects of our business. A significant portion of our product traffic is hosted by a limited number of vendors, and any failure, disruption or significant interruption in our network or hosting and cloud services could adversely impact our operations and harm our business.”

In order to meet the evolving security needs of organizations, our infrastructure is designed to be highly resilient, have multiple levels of redundancy and provide failover across cloud infrastructures. Our software technology and operational approach, combined with the use of Microsoft and AWS resources, provide us with a distributed and scalable architecture on a global scale.

Professional Services

We provide professional services as part of our Threat Advisory Services. We also offer support installation and training related to our software solutions:

•We offer Threat Advisory Services to help customers proactively identify and defend against exploitable cybersecurity vulnerabilities. Our Threat Advisory Services engage a dedicated, highly pedigreed team of cybersecurity experts who use offensive tactics to simulate the behavior of real-world adversaries. Our team uses highly sophisticated penetration testing methodologies, based on the customer’s individual needs, to simulate nation-state-level and other complex attacks targeting their networks, applications, and third-party solution providers. These services help our customers validate their current security solutions as well as preemptively identifying others that may be needed. We utilize the learnings of these engagements to inform our software product roadmap and future innovation, helping us more rapidly address our customers’ evolving security needs.

•As a part of our commitment to our customers’ success, we routinely offer professional services to help facilitate a smooth initial software deployment, in-line with industry standards.

•We also offer training services to teach customers best practices while using our software solutions.

Research and Development

Our research and development organization is responsible for the design, development, quality, and testing of our new and existing software and service offerings. In addition, it is responsible for improving our features, functionality, and scalability, while ensuring our platform is designed to be available, reliable, and stable.

Security is at the heart of our business, and our teams of network engineers, software developers, data scientists, security architects, and anti-fraud specialists are passionate about helping customers protect their environments. We work to continually improve and innovate, striving to offer high-quality, market-leading solutions. We work closely with our customers and partners, and by understanding their approaches and challenges, we gain insight into desired new capabilities and offerings that we can build to deliver value to the broader market. We also leverage key insights and capabilities from our products and services to inform and enhance other products and services in our portfolio.

We invest in and prioritize the quality of our offerings, utilizing both automated and manual testing and verification to ensure our products are functional, scalable, and secure. We regularly utilize both third-party and internal penetration testing experts to ensure our solutions are resilient to potential attacks, and work to continually improve them. We maintain a regular release cadence to deliver updates to our products, and our customer success team works to ensure that customers stay up to date on the latest versions.

17

Our research and development expenses were equal to approximately 31% of our revenue for the year ended December 31, 2022. Our research and development teams are primarily located in the United States, Sweden, and Colombia, as well as remotely distributed. We plan to continue to dedicate significant and increasing resources to research and development.

Competition

The market for our solutions is competitive and characterized by evolving IT environments, customer requirements, industry standards, and frequent new product and service offerings and improvements. We compete with an array of established and emerging security solution vendors. Our competitors include the following by general category:

•Large networking and security vendors such as Cisco Systems, Inc. and Palo Alto Networks, Inc. which offer security appliances and cloud services.

•Independent security vendors and providers such as Zscaler, Inc. and Netskope, Inc., who provide cloud-based security services.

•Cloud providers who include Zero Trust security offerings within their platforms, specifically Microsoft Corporation and Google LLC.

•Anti-Fraud and risk-based authentication providers such as Outseer (RSA Security LLC), Broadcom Inc. (which acquired CA Technologies), Guardian Analytics, Inc., and BioCatch Ltd. who provide advanced, actionable intelligence that allows organizations to secure their customers.

•Digital Threat protection providers such as RSA Security LLC, PhishLabs, Inc., and ZeroFox, Inc., who provide brand protection against digital attacks across multiple verticals.

The principal competitive factors in the markets in which we operate include:

•ability to detect security threats and prevent security breaches;

•platform features, effectiveness and extensibility across the enterprise;

•ability to secure any combination of public clouds, private clouds, on-premises, and hybrid environments;

•ability to operate in dynamic environments;

•ability to automate threat prevention and remediation with limited human intervention;

•ease of deployment, implementation, management and maintenance of our offerings;

•rapid development and delivery of new capabilities and service;

•strength of sales, marketing and channel partner relationships;

•quality of customer support, incident response, and proactive services;

•breadth of offerings and ability to integrate with other participants in the security and network ecosystem;

•brand recognition, and reputation; and

•time to value, price, and total cost of ownership.

Although certain of our competitors enjoy greater brand awareness and resources, deeper customer relationships, and larger existing customer bases, we believe that we compete favorably with respect to the factors listed above and that we are well positioned as a leading provider of security solutions.

18

Intellectual Property

Our success depends in part upon our ability to protect and use our core technology and intellectual property rights. We rely on a combination of patents, copyrights, trademarks, trade secrets, license agreements, intellectual property assignment agreements, contractual provisions, confidentiality procedures, non-disclosure agreements, and employee non-disclosure and invention assignment agreements to establish and protect our intellectual property rights. As of March 15, 2023, we and our wholly-owned subsidiaries had over 73 total issued and pending patents, including in excess of 69 issued patents, in the United States and other countries. Our issued patents expire between 2033 and 2041 and cover various aspects of our solutions. In addition, we have registered “Appgate” as a trademark in the United States and certain foreign jurisdictions, and we or our wholly-owned subsidiaries have filed trademark registration applications in the United States and/or other jurisdictions for other ancillary marks that we use. We are also the registrant of a domestic domain names that include “Appgate” and variations. In addition to the protection provided by our intellectual property rights, we enter into confidentiality and invention assignment or similar agreements with our employees, consultants, and contractors. We further control the use of our proprietary technology and intellectual property rights through provisions in our subscription and license agreements. Despite our efforts to protect our trade secrets and other intellectual property rights, confidentiality agreements and contractual restrictions in other agreements, unauthorized parties might still copy or otherwise obtain and use our software and technology. Further, our patents and other intellectual property rights may not prevent other providers of cybersecurity services from introducing or offering products that compete with or are alternatives to our Zero Trust solutions. In addition to our internally developed technology, we also license software, including open source software, from third parties that we integrate into or bundle with our solutions.

Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation based on allegations of patent infringement or other violations of intellectual property rights. We believe that competitors might try to develop products that are similar to ours and that may infringe our intellectual property rights. Our competitors or other third-parties may also claim that our security platform and other solutions infringe their intellectual property rights. In particular, some companies in our industry have extensive patent portfolios. From time to time, third parties, including certain of these companies and non-practicing entities, have in the past and may in the future assert claims of infringement, misappropriation and other violations of intellectual property rights against us or our customers or channel partners whom we may be obligated to indemnify against such claims in accordance with terms in our license or other agreements. Successful claims of infringement by a third-party could prevent us from offering certain services or features, require us to develop alternate, non-infringing technology, which could require significant time and during which we could be unable to continue to offer our affected subscriptions or services, require us to obtain a license, which may not be available on reasonable terms or at all, or force us to pay substantial damages, royalties or other fees. We cannot assure you that we do not currently infringe, or that we will not in the future infringe, upon any third-party patents or other proprietary rights. For additional information, see the section titled “Risk Factors — Risks Related to Our Business — It may be difficult to enforce our intellectual property rights, which could enable others to copy or use aspects of our solutions without compensating us.”

Properties

Our corporate headquarters are located in Coral Gables, Florida, where we currently lease approximately 6,000 square feet of space under a lease agreement that expires at the end of February 2027. We also have additional offices in multiple other locations in the United States, as well as locations internationally, including in Colombia, Sweden, and Argentina. We do not own any real estate. We believe our current facilities are adequate to meet our needs for the immediate future and that, should it be needed, suitable additional space will be available to accommodate expansion of our operations.

Human Capital Resources

We had 415 full-time employees worldwide as of December 31, 2022. We also engage temporary employees and contractors as needed to support our operations. To our knowledge, as of December 31, 2022, 18 employees located in our Sweden office, representing approximately 4% of our total full-time employees worldwide as of such date, were represented by various labor unions. Otherwise, to our knowledge, none of our employees were, as of such date, represented by a labor organization or a party to any collective bargaining arrangement. We have not experienced any work stoppages and we consider our relations with our employees to be good.

19

Corporate Information and History

Appgate is a Delaware corporation and was incorporated on September 26, 2005, originally under the name Newtown Lane Marketing, Incorporated. On October 12, 2021, in connection with the Merger (as described below), we changed our name to Appgate, Inc. Appgate’s principal executive offices are located at 2 Alhambra Plaza, Suite PH-1-B, Coral Gables, FL 33134 and our phone number is (866) 524-4782.

Beginning in 2007, Newtown Lane had been a corporation with limited operations and no revenues, often referred to as a “shell” company, with the sole purpose of serving as a vehicle to acquire an operating business. Prior to the Merger, the operating business of Appgate was operated by Legacy Appgate. Since May 2017, Legacy Appgate was a wholly-owned subsidiary of and operated as a business segment of its former parent, Cyxtera. On December 31, 2019, Cyxtera spun out Legacy Appgate.

The Merger

On October 12, 2021, we consummated the Merger, which resulted in Legacy Appgate becoming a wholly owned subsidiary of the Company. In connection with the Merger, we changed our name from Newtown Lane Marketing, Incorporated to Appgate, Inc., and our business comprises the operations of Legacy Appgate.

The Merger effected a change of control of the Company, as:

•SIS Holdings, the sole stockholder of Legacy Appgate immediately prior to the Merger, became our controlling stockholder, owning approximately 89% of our issued and outstanding common stock immediately following consummation of the Merger; and

•we increased the size of the Board and reconstituted our executive team.

We have accounted for the Merger as a recapitalization with Legacy Appgate as the acquirer for accounting purposes; therefore, the financial information, including the operating and financial results and audited financial statements included in this Annual Report are those of: (1) except for the equity, which was retroactively restated following applicable accounting guidance, Legacy Appgate with respect to all periods prior to consummation of the Merger, and (2) those of us, inclusive of Newtown Lane for the period subsequent to the Merger.

Available Information

Our website address is www.appgate.com, and our investor relations website is http://ir.appgate.com/. We promptly make available on our investor relations website, free of charge, the reports that we file or furnish with the SEC, corporate governance information (including our Code of Business Conduct and Ethics) and select press releases. We file annual reports on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K, proxy and information statements and amendments to reports filed or furnished pursuant to the Exchange Act. The SEC maintains a website at www.sec.gov that contains reports, proxy and information statements and other information regarding Appgate and other issuers that file electronically with the SEC.

Item 1A. Risk Factors

Risks Related to Our Business and Industry

We have a history of losses, may not be able to achieve or sustain profitability in the future and expect to incur significant losses for the foreseeable future.

We have incurred net losses in all periods since our inception, and we expect we will continue to incur net losses for the foreseeable future. We had an accumulated deficit of $546.1 million as of December 31, 2022 and experienced losses from continuing operations of $80.1 million and $54.2 million for the years ended December 31, 2022 and 2021, respectively. Because the market for our products and services is rapidly evolving, it is difficult for us to predict the future results of our operations. Our growth efforts may prove more expensive than we currently anticipate, and we may not succeed in increasing our revenues sufficiently, or at all, to offset expenses. In addition to the expected costs to grow our business, we also expect to continue to incur significant legal, accounting and other expenses as a public company. Revenue growth may slow or revenue may decline for a number of possible reasons, including slowing demand for our products or services,

20

increasing competition, a decrease in the growth of, or a demand shift in, our overall market, or a failure to capitalize on growth opportunities. Any failure to increase our revenue as we grow our business could prevent us from achieving or maintaining profitability or maintaining or increasing cash flow on a consistent basis. If we fail to increase our revenue to offset our operating expenses, we may not achieve or sustain profitability in the future.

Our failure to become and remain profitable may depress the market price of our common stock and could impair our ability to raise capital, expand our business, diversify our product offerings or continue our operations. If we continue to suffer losses as we have in the past, investors may not receive any return on their investment and may lose their entire investment.

We believe our long-term value as a company will be greater if we focus on growth, which may negatively impact our losses in the near term.

Part of our business strategy is to primarily focus on our long-term growth. As a result, our losses may be greater in the near term than it would be if our strategy were to maximize short-term profitability. Significant expenditures on sales and marketing efforts, and expenditures on growing our Zero Trust solutions and expanding our research and development, each of which we intend to continue to invest in, may not ultimately grow our business or cause long-term profitability. If we are ultimately unable to achieve profitability at the level anticipated by industry or financial analysts and our stockholders, our stock price may decline.

We face significant competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations.

The market for cybersecurity solutions is competitive and characterized by rapid changes in technology, customer requirements, industry standards and frequent introductions of new and improvements of existing products and services. Our business model of delivering security products through the Zero Trust model has not yet gained widespread market traction as the Zero Trust model is still an emerging solution. Moreover, we compete with many established network and cybersecurity vendors, as well as new entrants. As customer requirements evolve, and as new products, services and technologies are introduced, if we are unable to anticipate or effectively react to these competitive challenges, our competitive position could weaken, and we could experience a decline in revenue or our growth rate that could materially and adversely affect our business and results of operations.

Our competitors and potential competitors include:

•independent security vendors and providers, such as Zscaler, Inc. and Netskope, Inc.;

•large networking and security vendors, such as Cisco Systems, Inc. and Palo Alto Networks, Inc.;

•cloud providers who include similar security offerings within their platforms, such as Microsoft Corporation and Google LLC;

•anti-fraud and risk-based authentication providers, such as Outseer (RSA Security LLC), Broadcom Inc. (which acquired CA Technologies), Guardian Analytics, Inc. and BioCatch Ltd.;

•digital threat protection providers such as Outseer (RSA Security LLC), PhishLabs, Inc. and ZeroFox, Inc.; and

•other providers of cybersecurity services that offer, or may leverage related technologies to introduce, products that compete with or are alternatives to our Zero Trust solutions.

Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:

•greater name recognition, longer operating histories and larger customer bases;

•larger sales and marketing budgets and resources;

•broader distribution and established relationships with channel partners and customers;

•greater customer support resources;

•greater resources to make acquisitions and enter into strategic partnerships;

•lower labor and research and development costs;

•larger and more mature intellectual property rights portfolios; and

•substantially greater financial, technical and other resources.

In addition, our competitors may develop technology solutions with architectures similar to our products. Our larger competitors have substantially broader and more diverse product and services offerings, which may allow them to leverage

21

their relationships based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products or services, including through selling at zero or negative margins, offering concessions, bundling products or maintaining closed technology platforms. Many competitors that specialize in providing protection from a single type of security threat may be able to deliver these targeted security products to the market more quickly than we can or to convince organizations that these limited products meet their needs.

Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering or acquisitions by our competitors or continuing market consolidation. Start-up companies that innovate and large competitors that are making significant investments in research and development may invent similar or superior products, services and technologies that compete with our Zero Trust and other solutions. Some of our current or potential competitors have made or could make acquisitions of businesses or establish cooperative relationships that may allow them to offer more directly competitive and comprehensive solutions than were previously offered and adapt more quickly to new technologies and customer needs. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, increased net losses and loss of market share. Any failure to meet and address these factors could materially harm our business and operating results.

Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations.

Our operating results may fluctuate from quarter to quarter as a result of a number of factors, many of which are outside of our control and may be difficult to predict. Some of the factors that may cause our results of operations to fluctuate from quarter to quarter include:

•broad market acceptance and the level of demand for our products and services;

•our ability to attract new customers, particularly large enterprises;

•our ability to retain customers and expand their usage of our Zero Trust solutions, particularly our largest customers;

•our ability to successfully expand internationally and penetrate key markets;

•the effectiveness of our sales and marketing programs;

•the length of our sales cycle, including the timing of renewals;

•technological changes and the timing and success of new service introductions by us or our competitors or any other change in the competitive landscape of our market;

•increases in and timing of operating expenses that we may incur to grow and expand our operations and to remain competitive;

•pricing pressure as a result of competition or otherwise;

•the quality and level of our execution of our business strategy and operating plan;

•adverse litigation judgments, settlements or other litigation-related costs;

•a possible downturn in cybersecurity spending due to a macroeconomic downturn;

•changes in the legislative or regulatory environment; and

•general economic conditions in either domestic or international markets, including geopolitical uncertainty and instability and global health crises and pandemics, such as COVID-19, and governmental responses thereto.

In addition, we generally experience seasonality in terms of when we enter into agreements with customers. We typically enter into a higher percentage of agreements with new customers, as well as renewal agreements with existing customers, in the first and fourth quarters of our fiscal year. This seasonality is reflected to a much lesser extent, and sometimes is not immediately apparent, in revenue, due to the fact that we generally recognize subscription revenue with respect to term-based and perpetual licenses up-front, which is generally one to three years. We expect that seasonality will continue to affect our operating results in the future and may reduce our ability to predict cash flow and optimize the timing of our operating expenses.

Any one or more of the factors above may result in significant fluctuations in our results of operations. As a result, our historical operating results are not a reliable indicator of future performance.

Additionally, the variability and unpredictability of our quarterly results of operations or other operating metrics could result in our failure to meet our expectations or those of industry or financial analysts. If we fail to meet or exceed such expectations for these or any other reasons, the market price of our common stock could fall substantially.

22

Future acquisitions, strategic investments, partnerships or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our operating results, financial condition and prospects.

Our business strategy may, from time to time, include acquiring other complementary solutions, technologies or businesses. We have in the past acquired, and may in the future acquire, businesses that we believe will complement or augment our existing business. In order to expand our security offerings and features, we also may enter into relationships with other businesses, which could involve preferred or exclusive licenses, additional channels of distribution or investments in other companies. Negotiating these transactions can be time-consuming, difficult and costly, and our ability to close these transactions may be subject to third-party approvals, such as government regulatory approvals, which are beyond our control. Consequently, we cannot assure you that these transactions, once undertaken and announced, will close.

These kinds of acquisitions or investments may result in unforeseen operating difficulties and expenditures. In particular, we may encounter difficulties assimilating or integrating the businesses, technologies, products and services, personnel or operations of companies that we may acquire, particularly if the key personnel of an acquired business choose not to work for us. We may have difficulty retaining the customers of any acquired business or using or continuing the development of the acquired technologies. Acquisitions may also disrupt our ongoing business, divert our resources and require significant management attention that would otherwise be available for development of our business. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. Any acquisition or investment could expose us to unknown liabilities. Moreover, we cannot assure you that the anticipated benefits of any acquisition or investment would be realized or that we would not be exposed to unknown liabilities. In connection with these types of transactions, we may:

•issue additional equity securities that would dilute our stockholders;

•use cash that we may need in the future to operate our business;

•incur debt on terms unfavorable to us or that we are unable to repay;

•incur large charges or substantial liabilities;

•encounter difficulties integrating diverse business cultures;

•incur impairments; and

•become subject to adverse tax consequences, substantial depreciation or deferred compensation charges.

These challenges related to acquisitions or investments could adversely affect our business, operating results, financial condition and prospects.

False positive or false negative detection of risk, application tampering, viruses, spyware, vulnerability exploits, data patterns, or URL categories could adversely affect our business.

Our risk level determinations of application integrity, web-injections, potential vulnerability exploits, data leaks, or phishing and pharming URL categories may falsely report and alert on fraud risk threats that do not actually exist or fail to detect legitimate threats. Appgate determines risk threats using classifiers, analyzers, and machine learning model features in our products, which attempt to identify indicators of fraud risk and other threats both based on known indicators and characteristics or unknown anomalies which indicate that a particular item may be a threat. Due to customer configurable risk and threat tolerance thresholds, our customers may perceive false positive detections or false negative missed detections as system unreliability, thereby adversely impacting market acceptance of our products. If our products are used by customers to restrict consumer access to applications based on falsely determining fraud risk, this could adversely affect end-customers’ user experience and result in damage to our reputation, negative publicity and decreased sales.

If our software does not interoperate with our customers’ network and security infrastructure or with third-party products, websites or services, our products may become less competitive and our results of operations may be harmed.

Our products and services must interoperate with our customers’ existing network and security infrastructure. These complex systems are developed, delivered and maintained by the customer and a myriad of vendors and service providers. As a result, the components of our customers’ infrastructure have different specifications, rapidly evolve, utilize multiple protocol standards, include multiple versions and generations of products and may be highly customized. We must be able to interoperate and provide our security products and services to customers with highly complex and customized networks, which requires careful planning and execution between our customers, our customer support teams and our channel partners. Further, when new or updated elements of our customers’ infrastructure or new industry standards or protocols

23

are introduced, we may have to update or enhance our software to allow us to continue to provide service to customers. Any changes in such technologies that degrade the functionality of our products or give preferential treatment to competitive services could adversely affect adoption and usage of our products and services. Our competitors or other vendors may refuse to work with us to allow their products to interoperate with our solutions, which could make it difficult for our software to function properly in customer networks that include these third-party products.

We may not deliver or maintain interoperability quickly or cost-effectively, or at all. These efforts require capital investment and engineering resources. If we fail to maintain compatibility of our products and services with our customers’ network and security infrastructures, our customers may not be able to fully utilize our solutions, and we may, among other consequences, lose or fail to increase our market share and experience reduced demand for our services, which would materially harm our business, operating results and financial condition.

If we fail to develop or introduce new enhancements to our products on a timely basis, our ability to attract and retain customers, remain competitive and grow our business could be impaired. Our current research and development efforts may not produce successful products that result in significant revenue, cost savings or other benefits in the near future, if at all.

The industry in which we compete is characterized by rapid technological change, frequent introductions of new products and services, evolving industry standards and changing regulations, as well as changing customer security needs, technology requirements and preferences. Our ability to attract new customers and increase revenue from existing customers will depend in significant part on our ability to anticipate and respond effectively to these changes on a timely basis and continue to introduce enhancements to our products and services.

The success of our products depends on our continued investment in our research and development organization to increase the functionality, reliability, availability and scalability of our existing solutions. Our investments in research and development may not result in significant design improvements, marketable products, subscriptions, or features, or may result in products or services that are more expensive than anticipated. Additionally, we may not achieve the cost savings or the anticipated performance improvements we expect, and we may take longer to generate revenue, or generate less revenue, than we anticipate. Our future plans include significant investments in research and development and related product and service opportunities. We believe that we must continue to dedicate a significant amount of resources to our research and development efforts to maintain our competitive position. However, we may not receive significant revenue from these investments in the near future, if at all, or these investments may not yield the expected benefits, either of which could adversely affect our business and operating results.

The success of any enhancement depends on several factors, including the timely completion and market acceptance of the enhancement. Any new product or service that we develop might not be introduced in a timely or cost-effective manner and might not achieve the broad market acceptance necessary to generate significant revenue. If new technologies emerge that deliver competitive products and services at lower prices, more efficiently, more conveniently or more securely, these technologies could adversely impact our ability to compete effectively. Any delay or failure in the introduction of enhancements could materially harm our business, results of operations and financial condition.

We rely on third-party hosting and cloud computing providers, like Amazon Web Services (AWS) and Microsoft Azure, to operate certain aspects of our business. A significant portion of our product traffic is hosted by a limited number of vendors, and any failure, disruption or significant interruption in our network or hosting and cloud services could adversely impact our operations and harm our business.

Our technology infrastructure is critical to the performance of our products and to user satisfaction, as well as our corporate functions. Our products and company systems run on a complex distributed system, or what is commonly known as cloud computing. We own, operate and maintain elements of this system, but significant elements of this system are operated by third-parties that we do not control and which would require significant time and expense to replace. We expect this dependence on third-parties to continue. We have suffered interruptions in service in the past, including when releasing new software versions or bug fixes, and if any such interruption were significant and/or prolonged it could adversely affect our business, financial condition, results of operations or reputation.

In particular, a significant portion, if not almost all, of our product traffic, data storage, data processing and other computing services and systems is hosted by AWS and Microsoft Azure. AWS and Azure provide us with computing and storage capacity pursuant to agreements that continue until terminated by either party. The agreements require AWS and

24

Azure to provide us their standard computing and storage capacity and related support in exchange for timely payment by us. We have experienced, and may in the future experience, disruptions, outages and other performance problems due to a variety of factors, including infrastructure changes, human or software errors and capacity constraints. If a particular application is unavailable when users attempt to access it or navigation through a product is slower than they expect, users may stop using the application and may be less likely to return to the application as often, if at all.

Any failure, disruption or interference with our use of hosted cloud computing services and systems provided by third-parties, like AWS or Azure, could adversely impact our business, financial condition or results of operations. In addition, since many of the technical specialists responsible for managing disruptions to our technology infrastructure are working from home, the time required to remedy any interruption may increase. To the extent we do not effectively respond to any such interruptions, upgrade our systems as needed and continually develop our technology and network architecture to accommodate traffic, our business, financial condition or results of operations could be adversely affected. Furthermore, our disaster recovery systems and those of third-parties with which we do business may not function as intended or may fail to adequately protect our critical business information in the event of a significant business interruption, which may cause interruption in service of our products, security breaches or the loss of data or functionality, leading to a negative effect on our business, financial condition or results of operations.

In addition, we depend on the ability of our users to access the internet. Currently, this access is provided by companies that have significant market power in the broadband and internet access marketplace, including incumbent telephone companies, cable companies, mobile communications companies, government-owned service providers, device manufacturers and operating system providers, any of whom could take actions that degrade, disrupt or increase the cost of user access to our products or services, which would, in turn, negatively impact our business. The adoption or repeal of any laws or regulations that adversely affect the growth, popularity or use of the internet, including laws or practices limiting internet neutrality, could decrease the demand for, or the usage of, our products and services, increase our cost of doing business and adversely affect our results of operations.

If we are not able to maintain and enhance our brand, our business and results of operations may be adversely affected.

We believe that maintaining and enhancing our reputation as a provider of high-quality cybersecurity solutions is critical to our relationship with our existing customers and channel partners and our ability to attract new customers and channel partners. Furthermore, we believe that the importance of brand recognition will increase as competition in our market increases. The successful promotion of our brand will depend on several factors, including our marketing efforts, our ability to continue to develop high-quality features and enhancements for our technology solutions and our ability to successfully differentiate our solutions from competitive products and services. Our brand promotion activities may not be successful or yield increased revenue. In addition, independent industry or financial analysts often provide reviews of our products and services, as well as products and services of our competitors, and perception of our Zero Trust solutions in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive as compared to those of our competitors’ products and services, our brand may be adversely affected. In addition, we have been named as a “Leader” in the Forrester New Wave™ for Zero Trust Network Access (Q3 2021) report. Our failure to maintain our “Leader” status in the future may also adversely affect our brand. Additionally, the performance of our channel partners may affect our brand and reputation if customers do not have a positive experience with our channel partners’ services. The promotion of our brand requires us to make substantial expenditures, and we anticipate that the expenditures will increase as our market becomes more competitive, we expand into new markets and more sales are generated through our channel partners. To the extent that these activities yield increased revenue, this revenue may not offset the expenses we incur. If we do not successfully maintain and enhance our brand, our business may not grow, we may have reduced pricing power relative to competitors and we could lose customers or fail to attract potential customers, all of which would materially and adversely affect our business, results of operations and financial condition.

Our business and growth partially depend on the success of our relationships with our existing channel partners and adding new channel partners over time.

We currently derive a portion of our revenue from sales through our channel partner network, and we expect future revenue growth will also be driven through this network. Not only does our joint sales approach require additional investment to grow and train our sales force, but we believe that continued growth in our business is dependent upon identifying, developing and maintaining strategic relationships with our existing and potential channel partners, including global systems integrators and managed service providers that will in turn drive substantial revenue and provide additional value-added services to our customers. Our agreements with our channel partners are generally non-exclusive, meaning our channel partners may offer customers the products of several different companies, including products that compete with

25

our technology solutions. In general, our channel partners may also cease marketing or reselling our products and services with limited or no notice and without penalty. If our channel partners do not effectively market and sell subscriptions to our products and services, choose to promote our competitors’ products or fail to meet the needs of our customers, our ability to grow our business and sell subscriptions to our products and services may be adversely affected. In addition, our channel partner structure could subject us to lawsuits or reputational harm if, for example, a channel partner misrepresents the functionality of our products and services to customers or violates applicable laws or our corporate policies. Further, in circumstances where we do not enter into a direct agreement with end customers, we cannot be sure that on every occasion each channel partner has required end customers to agree to our standard terms which are protective of our solutions and technology, nor that the channel partners will enforce each failure by an end customer to comply with such terms. Our ability to achieve revenue growth in the future will depend in large part on our success in maintaining successful relationships with our channel partners, identifying additional channel partners and training our channel partners to independently sell and deploy our products and services. If we are unable to maintain our relationships with our existing channel partners or develop successful relationships with new channel partners or if our channel partners fail to perform, our business, financial position and results of operations could be materially and adversely affected.

Our business depends, in part, on sales to government organizations, and significant changes in the contracting or fiscal policies of such government organizations could have an adverse effect on our business and operating results.

Our future growth depends, in part, on increasing sales to government organizations. Demand from government organizations is often unpredictable, subject to budgetary uncertainty and typically involves long sales cycles. We have made significant investments to address the government sector, but we cannot assure you that these investments will be successful, or that we will be able to maintain or grow our revenue from the government sector. Although we anticipate that they may increase in the future, sales to governmental organizations have not accounted for, and may never account for, a significant portion of our revenue. Sales to governmental organizations are subject to a number of challenges and risks that may adversely impact our business. Sales to such government entities include the following risks:

•selling to governmental agencies can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale;

•government certification requirements applicable to our solutions may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the revised certification;

•government demand and payment for our solutions may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our solutions;

•governments routinely investigate and audit government contractors’ administrative processes and compliance with contractual obligations, and any unfavorable audit or investigation, or adverse finding following a claim from a whistleblower, could result in the government refusing to continue buying our solutions, which would adversely impact our revenue and operating results, and/or fines or civil or criminal liability if the audit or investigation were to uncover improper or illegal activities; and

•governments may require certain products to be manufactured, produced, hosted or accessed solely in their country or in other relatively high-cost locations, and we may not produce or host all products in locations that meet these requirements, affecting our ability to sell these products to governmental agencies.

The occurrence of any of the foregoing could cause governmental organizations to delay or refrain from purchasing our solutions in the future or otherwise have an adverse effect on our business, operating results and financial condition.

Our international operations expose us to risks, and failure to manage those risks could materially and adversely impact our business.

Historically, we have derived a significant portion of our revenue from outside the United States. For the years ended December 31, 2022 and 2021, we derived approximately 49% and 52%, respectively, of our revenue from our international customers. As of December 31, 2022, approximately 71% of our full-time employees were located outside of the United States. We are continuing to adapt to and develop strategies to address international markets and our growth strategy includes expansion into target geographies, such as the Middle East, Africa, Japan and the Asia-Pacific regions, but there is no guarantee that such efforts will be successful. We expect that our international activities will continue to grow in the future, as we continue to pursue opportunities in international markets. These international operations will require significant management attention and financial resources and are subject to substantial risks, including:

•political, economic and social uncertainty;

26

•unexpected costs for the localization of our services, including translation into foreign languages and adaptation for local practices and regulatory requirements;

•greater difficulty in enforcing contracts and accounts receivable collection, and longer collection periods;

•reduced or uncertain protection for intellectual property rights in some countries;

•greater risk of unexpected changes in regulatory practices, tariffs and tax laws and treaties;

•greater risk of a failure of foreign employees, partners, distributors and resellers to comply with both U.S. and foreign laws, including antitrust regulations, anti-bribery laws, export and import control laws, and any applicable trade regulations ensuring fair trade practices;

•requirements to comply with foreign privacy, data protection and information security laws and regulations and the risks and costs of noncompliance;

•increased expenses incurred in establishing and maintaining office space and equipment for our international operations;

•greater difficulty in identifying, attracting and retaining local qualified personnel, and the costs and expenses associated with such activities;

•differing employment practices and labor relations issues;

•difficulties in managing and staffing international offices and increased travel, infrastructure and legal compliance costs associated with multiple international locations; and

•fluctuations in exchange rates between the U.S. dollar and foreign currencies in markets where we do business, including but not limited to, the British Pound and Euro, and related impact on sales cycles.

As we continue to develop and grow our business globally, our success will depend, in part, on our ability to anticipate and effectively manage these risks. The expansion of our existing international operations and entry into additional international markets will require management attention and financial resources. Our failure to successfully manage our international operations and the associated risks could limit the future growth of our business.

We have grown rapidly in recent periods. If we fail to effectively manage our growth, our business, financial condition and results of operations would be harmed.

Our growth may place a significant strain on our management and our administrative, operational and financial infrastructure. Our organizational structure is becoming more complex as we improve our administrative, operational and financial infrastructure as well as our reporting systems and procedures. Our success will depend in part on our ability to manage this growth effectively, which will require that we continue to improve our administrative, operational, financial and management systems and controls by, among other things:

•effectively attracting, training and integrating, including collaborating with, employees;

•further improving our key business applications, processes and security and IT infrastructure to support our business needs;

•enhancing our information and communication systems to ensure that our employees and offices around the world are well coordinated and can effectively communicate with each other and our growing base of channel partners, customers and users; and

•appropriately documenting and testing our security and IT systems and business processes.

These and other improvements in our systems and controls may require significant capital expenditures and the allocation of management and employee resources. If we fail to implement these improvements effectively, our ability to manage our expected growth, ensure uninterrupted operation of our software and key business systems and comply with the rules and regulations applicable to public companies could be impaired, the quality of our products and services could suffer and we may not be able to adequately address competitive challenges. Failure to manage any future growth effectively could result in increased costs, disrupt our existing customer relationships, reduce demand for or limit us to smaller deployments of our products and services, or harm our business performance and operating results.

In addition, as we expand our business, it is important that we continue to maintain a high level of customer service and satisfaction. As our customer base continues to grow, we will need to expand our account management, customer service and other personnel to provide personalized account management and customer service. If we are not able to continue to provide high levels of customer service, our reputation, as well as our business, results of operations and financial condition, could be harmed.

In addition, we believe that our corporate culture has been a contributor to our success, which we believe fosters innovation, teamwork and an emphasis on customer-focused results. We also believe that our culture creates an

27

environment that drives and perpetuates our strategy and cost-effective distribution approach. As we grow and develop the infrastructure of a public company, we may find it difficult to maintain our corporate culture. Any failure to preserve our culture could harm our future success, including our ability to retain and recruit personnel, innovate and operate effectively and execute on our business strategy. If we experience any of these effects in connection with future growth, it could materially impair our ability to attract new customers, retain existing customers and expand their use of our Zero Trust solutions, all of which would materially and adversely affect our business, financial condition and results of operations.

Our sales cycles can be long and unpredictable, and our sales efforts can require considerable time and expense.

The timing of our sales and related revenue recognition is difficult to predict because of the length and unpredictability of the sales cycle for our products and services, particularly with respect to large organizations. Our sales efforts typically involve educating our prospective customers about the uses, benefits and the value proposition of our products and services, and often include a detailed Proof of Concept (POC) deployment in the prospect’s environment. Customers often view the subscription to our products as a significant decision as part of a strategic transformation initiative and, as a result, frequently require considerable time to evaluate, test and qualify our Zero Trust solutions prior to entering into or expanding a relationship with us. Large enterprises and government entities in particular often undertake a significant evaluation process that further lengthens the sales cycle.

Our sales force develops relationships directly with our customers, and together with our channel account teams, works with our channel partners on account penetration, account coordination, sales and overall market development. We spend substantial time and resources on our sales efforts, especially with larger customers, without any assurance that our efforts will produce a sale. Product purchases are frequently subject to budget constraints, multiple approvals and unanticipated administrative, processing and other delays. As a result, it is difficult to predict whether and when a sale will be completed and when revenue from a sale will be recognized.

The failure of our efforts to secure sales after investing resources in a lengthy sales process could materially and adversely affect our business and operating results.

The sales prices of our solutions may decrease, or the mix of our sales may change, which may increase our losses and adversely impact our financial results.

We have limited experience with respect to determining the optimal prices for our solutions. As the market for our solutions matures, or as new competitors introduce new products or services that are similar to or compete with ours, we may be unable to attract new customers at the same price or based on the same pricing model as we have used historically. Further, competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product and service offerings may reduce the price of products or services that compete with ours or may bundle them with other products and services. This could lead customers to demand greater price concessions or additional functionality at the same price levels. As a result, in the future we may be required to reduce our prices or provide more features without corresponding increases in price, which would adversely affect our business, operating results, and financial condition.

We provide service level commitments under some of our customer contracts. If we fail to meet these contractual commitments, we could be obligated to provide credits for future service and our business could suffer.

Certain of our customer agreements contain service level commitments, which contain specifications regarding the availability and performance of our products and services. Any failure of or disruption to our infrastructure could impact the performance of our products and the availability of services to customers. If we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our products, we may be contractually obligated to provide affected customers with service credits for future subscriptions, and, in certain cases, refunds. To date, there has not been a material failure to meet our service level commitments, and we do not currently have any material liabilities accrued on our balance sheet for such commitments. Our revenue, other results of operations and financial condition could be harmed if we suffer performance issues or downtime that exceeds the service level commitments under our agreements with our customers.

28

Our business is subject to the risks of warranty claims, product returns and product defects from real or perceived defects in our solutions or their misuse by our customers or third parties and indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement and other losses.

We may be subject to liability claims for damages related to errors or defects in our solutions. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of our solutions will harm our business and operating results. Although we generally have limitation of liability provisions in our terms and conditions of sale, they may not fully or effectively protect us from claims as a result of federal, state or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. The sale and support of our solutions also entails the risk of product liability claims.

Additionally, we typically provide indemnification to customers for certain losses suffered or expenses incurred as a result of third-party claims arising from our infringement of a third party’s intellectual property. We also provide unlimited liability for certain breaches of confidentiality, as defined in our terms of service. We also provide limited liability in the event of certain breaches of our terms of service. Certain of these contractual provisions survive termination or expiration of the applicable agreement.

If our customers or other third parties we do business with make intellectual property rights or other indemnification claims against us, we will incur significant legal expenses and may have to pay damages, license fees and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology. Such license may not be available on reasonable terms, if at all, and may significantly increase our operating expenses or may require us to restrict our business activities and limit our ability to deliver certain solutions or features. We may also be required to develop alternative non-infringing technology, which could require significant effort and expense and/or cause us to alter our solutions, which could harm our business. Large indemnity obligations, whether for intellectual property or in certain limited circumstances, other claims, would harm our business, operating results and financial condition.

Additionally, our solutions may be used by our customers and other third parties who obtain access to our solutions for purposes other than for which our solutions were intended.

Under certain circumstances our employees may have access to our customers’ solutions. An employee may take advantage of such access to conduct malicious activities. Any such misuse of our solutions could result in negative press coverage and negatively affect our reputation, which could result in harm to our business, reputation and operating results.

We maintain insurance to protect against certain claims associated with the use of our solutions, but our insurance coverage may not adequately cover any claim asserted against us. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation, divert management’s time and other resources, and harm our business and reputation.

If organizations do not adopt a Zero Trust model for cybersecurity, our ability to grow our business and operating results may be adversely affected.

Cybersecurity technologies are still evolving, and it is difficult to precisely predict customer demand and adoption rates for our services generally. We believe that our Zero Trust model for cybersecurity offers superior protection to our customers, who are becoming increasingly aware of the importance of implementing cybersecurity measures beyond a perimeter-centric model to secure access to their network. Following the 2020 SolarWinds attack, guidance was released by the National Institute of Standards and Technology, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency recommending a Zero Trust framework. Subsequently, in May 2021, President Joe Biden issued an Executive Order explicitly calling for the adoption of a Zero Trust Architecture by the federal government to improve the nation’s response to “persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.” The federal government continues to lead the industry in setting standards with the September 2021 release of a Zero Trust maturity model and Zero Trust strategy documents. We also believe that our products and services represent a major shift from perimeter-centric cybersecurity models.

However, traditional perimeter-centric cybersecurity models are entrenched in the infrastructure of many of our potential customers, particularly large enterprises, because of their prior investment in and the familiarity of their IT personnel with such cybersecurity solutions. As a result, our sales process often involves extensive efforts to educate our customers on the benefits and capabilities of Zero Trust solutions, particularly as we continue to pursue customer relationships with large

29

organizations. Even with these efforts, we cannot predict market acceptance of our products and services, or the development of competing products or services based on other technologies. If we fail to achieve market acceptance of our products and services or are unable to keep pace with industry changes, our ability to grow our business and our operating results will be materially and adversely affected.

If we are unable to attract new customers or if our existing customers do not renew their subscriptions for our services or add additional users and services to their subscriptions the future results of our operations could be harmed.

Our growth is substantially dependent on adding new customers and expanding our relationships with existing customers. Potential clients that use legacy products and services may believe that these products and services are sufficient to meet their security needs or that our offerings only serve the needs of a portion of the enterprise security market. Accordingly, these organizations may continue allocating their information technology budgets for legacy products and services and may not adopt our security offerings. Further, many organizations have invested substantial personnel and financial resources to design and operate their networks and have established deep relationships with other providers of networking and security products. As a result, these organizations may prefer to purchase from their existing suppliers rather than add or switch to a new supplier such as us regardless of product performance, features, or greater services offerings. They may also be more willing to incrementally add solutions to their existing security infrastructure from existing suppliers rather than to replace some or all of their existing security infrastructure with our solutions. In addition, numerous other factors, many of which are out of our control, may now or in the future impact our ability to add new customers, including our failure to expand, retain and motivate our sales and marketing personnel, our failure to develop or expand relationships with our channel partners or to attract new channel partners, failure by us to help our customers to successfully deploy our software and expertise, negative media or industry or financial analyst commentary regarding us or our solutions, litigation and deteriorating general economic conditions. Our success in attracting new customers also depends on our ability to develop innovative, high-quality, and appealing new products, including alternatives to products introduced by our competitors, and to effectively communicate and market the benefits of such new products. Our ability to attract new customers also depends on the effectiveness of our sales and marketing efforts. We plan to dedicate significant resources to sales and marketing programs and to expand our sales and marketing capabilities to target additional potential customers, but there is no guarantee that we will be successful in attracting and maintaining additional customers. Furthermore, our ability to achieve growth will partially depend on our success in hiring, integrating, training and retaining a sufficient number of sales personnel to support our growth. If we are unable to find efficient ways to deploy our sales and marketing programs, are unable to hire and train a sufficient number of effective sales personnel, or our efforts to attract new customers are not successful, our revenue and rate of revenue growth may decline, we may not achieve profitability and the future results of our operations could be materially harmed.

Our growth is also partially dependent on our customers renewing their subscriptions for our products when existing contract terms expire and expanding our commercial relationships with our existing customers. Our customers have no obligation to renew their subscriptions for our services after the expiration of their contractual subscription period, which is typically one to three years, and in the normal course of business, some customers have elected not to renew. In addition, in certain cases, customers may cancel their subscriptions without cause either at any time or upon advance written notice (typically ranging from 30 days to 60 days), typically subject to an early termination penalty for unused services. In addition, our customers may renew for fewer users, renew for shorter contract lengths or switch to a lower-cost suite. If our customers do not renew their subscription services, if our revenues decline or if we fail to grow our business, we could incur impairment losses on our assets. Our customer retention and expansion may decline or fluctuate as a result of a number of factors, including our customers’ satisfaction with our services, our customers’ ability to adopt our solutions correctly, our prices and pricing plans, our customers’ spending levels, decreases in the number of users to which our customers deploy our solutions, mergers and acquisitions involving our customers, competition and deteriorating general economic conditions.

Our future success also depends in part on the rate at which our current customers add additional users to their subscriptions or expand to utilize additional products, which is driven by a number of factors, including customer satisfaction with our services, customer security and networking issues and requirements, including demand for our products and services, general economic conditions and customer reaction to the price per additional user or of additional services. If our efforts to expand our relationship with our existing customers are not successful, our business may materially suffer.

30

Our business is subject to the risks of hurricanes, earthquakes, fire, floods and other natural catastrophic events, and to interruption by man-made problems such as power disruptions, computer viruses, data security breaches or terrorism affecting our operations or the operations of our third-party cloud service providers.

Our success depends, in part, on our ability to maintain the integrity of our systems and infrastructure, including website, information and related systems. We also currently host some of our products and serve our customers from third-party cloud service providers. While we have electronic access to the components and infrastructure of our software that are hosted by these third parties, we do not control the operation of these environments. Consequently, we may be subject to service disruptions as well as failures to provide adequate support for reasons that are outside of our direct control. Our corporate headquarters are located in Coral Gables, FL, a region known for hurricane activity. A significant natural disaster, such as a hurricane, fire, flood or public health emergency, such as COVID-19, or a significant man-made problem, such as acts of terrorism and other geopolitical unrest, occurring at our headquarters, at one of our other facilities or where a key channel partner, data center or third-party cloud service provider, component supplier or other third-party provider is located, could adversely affect our business, results of operations and financial condition. Although we maintain incident management and disaster response plans, disaster recovery planning by its nature cannot be sufficient for all eventualities. Though it is difficult to determine what, if any, harm may directly result from any specific interruption or attack, any failure to maintain performance, reliability, security and availability of our products and services to the satisfaction of our users may materially harm our reputation and our ability to retain existing customers and attract new customers.

If the delivery of our services to our customers is interrupted or delayed for any reason, our business could suffer.

Any interruption or delay in the delivery of our services may negatively impact our customers. Certain of our products are deployed via the internet, and our customers’ access to network resources is dependent on the continuous availability of the internet and our services to utilize such products. If an interruption in our services were to occur, our customers’ users could lose access to network resources (including private on-premises resources, public cloud IaaS-deployed resources, or public cloud SaaS resources, depending on customer configuration) until such disruption is resolved or customers deploy disaster recovery options that allow them to remediate the problem. The adverse effects of any service interruptions on our reputation and financial condition may be disproportionately heightened due to the nature of our business and the fact that our customers expect continuous and uninterrupted access to resources and may have a low tolerance for interruptions of any duration. While we do not consider them to have been material, we have experienced, and may in the future experience, service disruptions and other performance problems due to a variety of factors.

The following factors, many of which are beyond our control, can affect the delivery and availability of our services and the performance of our products:

•the development and maintenance of the infrastructure of the internet;

•the performance and availability of cloud service providers or third-party telecommunications services with the necessary speed, data capacity and security for providing reliable internet access and services;

•decisions by the owners and operators of the cloud infrastructures or data centers where our infrastructure is deployed to terminate our contracts, discontinue services to us, shut down operations or facilities, increase prices, change service levels, limit bandwidth, declare bankruptcy or prioritize the traffic of other parties;

•the occurrence of earthquakes, floods, fires, pandemics, power loss, system failures, physical or electronic break-ins, acts of war or terrorism, human error or interference (including by disgruntled employees, former employees or contractors) and other catastrophic events;

•cyberattacks, including ransomware, denial of service attacks, targeted at us, our cloud service providers, data centers or the infrastructure of the internet;

•failure by us to maintain and update our infrastructure to meet customer requirements;

•errors, defects or performance problems in our software, including third-party software incorporated in our software, which we use to operate our products;

•improper classification of websites or known-bad phishing domains by our vendors who provide us with lists of malicious sites;

•improper deployment or configuration of our services;

•the failure of our redundancy systems, in the event of a service disruption at one of our cloud service providers, to provide failover to other regions in our cloud service provider environment network; and

•the failure of our disaster recovery and business continuity arrangements.

31

The occurrence of any of these factors, or if we are unable to efficiently and cost-effectively fix such errors or other problems that may be identified, could damage our reputation, negatively impact our relationship with our customers or otherwise materially harm our business, results of operations and financial condition.

A network or data security incident against us, whether actual, alleged, or perceived, could harm our reputation, create liability, and regulatory exposure, and adversely impact our business, operating results, and financial condition.

Increasingly, companies are subject to a wide variety of attacks on their networks on an ongoing basis, including traditional computer hackers, malicious code (such as viruses and worms), distributed denial-of-service attacks, sophisticated attacks conducted or sponsored by nation-states, advanced persistent threat intrusions, ransomware, software supply chain attacks, and theft or misuse of intellectual property or business or personal data, including by disgruntled employees, former employees or contractors. Cybersecurity companies face particularly intense attack efforts, and we have faced and will continue to face cyber threats and attacks from a variety of sources. Although we have implemented security measures to prevent such attacks, our networks and systems may be breached due to the actions of outside parties, employee error, malfeasance, a combination of these, or otherwise, and as a result, an unauthorized party may obtain access to our systems, networks, or data. We may face difficulties or delays in identifying or otherwise responding to any attacks or actual or potential security breaches or threats. A breach in our data security or an attack against our platform could impact our networks or the networks of our customers that are secured by our platform, creating system disruptions or slowdowns and providing access to malicious parties to information stored on our networks or the networks of our customers, resulting in data being publicly disclosed, altered, lost, or stolen, which could subject us to liability and adversely impact our financial condition.

In addition, any actual, alleged or perceived security breach in our systems or networks, or any other actual, alleged or perceived data security incident we suffer, could result in damage to our reputation, negative publicity, loss of customers and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise respond to any incident, regulatory investigations and enforcement actions, costly litigation, and other liability. We would also be exposed to a risk of loss or litigation and potential liability under laws, regulations and contracts that protect the privacy and security of personal information.

In addition, we may incur significant financial and operational costs to investigate, remediate, eliminate and put in place additional tools and devices designed to prevent actual or perceived security breaches and other security incidents, as well as costs to comply with any notification obligations resulting from any security incidents. Any of these negative outcomes could adversely impact the market perception of our platform and customer and investor confidence in our company, and would adversely impact our business, operating results, and financial condition.

The actual or perceived failure of our technology solutions to prevent a security breach or address targeted security threats could harm our reputation and adversely impact our business, financial condition and results of operations.

Our Zero Trust solutions may fail to prevent security breaches for any number of reasons. Our products are complex and may be misconfigured by customers or contain performance or functional issues that are not detected until after deployment. We also provide frequent solution updates and enhancements, which increase the possibility of errors, and our reporting, tracking, monitoring and quality assurance procedures may not be sufficient to ensure we detect any such defects in a timely manner. The performance of our products can be negatively impacted by our failure to enhance, expand or update our products, errors or defects in our software, improper deployment or configuration of our services and many other factors.

In addition, because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, there is a risk that a cyber threat could emerge that our services are unable to detect or prevent until after some of our customers are impacted. Moreover, as our services are adopted by an increasing number of enterprises, it is possible that the individuals and organizations behind cyber threats will focus on finding ways to defeat our services. If this happens, our products could be targeted by attacks specifically designed to disrupt our Zero Trust model and create the perception that our technology is not capable of providing superior cybersecurity, which, in turn, could have a serious impact on our reputation as a provider of cybersecurity solutions. Further, if a high-profile security breach occurs with respect to another similar cybersecurity services provider, our customers and potential customers may lose trust in cybersecurity solutions generally, and with respect to Zero Trust security in particular, which could materially and adversely impact our ability to retain existing customers or attract new customers.

32

No security solution, including our Zero Trust solutions, can address all possible security threats or block all methods of penetrating a network or otherwise perpetrating a security incident. Our customers must rely on complex network and security infrastructures, which include products and services from multiple vendors, to secure their networks. If any of our customers becomes infected with malware or experiences a security breach, they could be disappointed with our services or products, regardless of whether our services or products are intended to block the attack or would have blocked the attack if the customer had properly configured our product or engaged our services in time. Additionally, if any enterprises that are publicly known to use our services or products are the subject of a cyberattack that becomes publicized, our current or potential customers may look to our competitors for alternatives to our services.

From time to time, industry or financial analysts and research firms evaluate our solutions against other security products. Our services may fail to prevent threats in any particular test for a number of reasons, including misconfiguration. To the extent potential customers, industry or financial analysts or testing firms believe that the occurrence of a failure to prevent any particular threat is a flaw or indicates that our services do not provide significant value, our reputation and business could be materially harmed.

Any real or perceived flaws in our products or services, any real or perceived security breaches or other security incidents of our customers or loss of compliance attestations required by customer contracts, could result in:

•a loss of existing or potential customers or channel partners;

•delayed or lost sales and harm to our financial condition and results of operations;

•a delay in attaining, or the failure to attain, market acceptance;

•the expenditure of significant financial resources in efforts to analyze, correct, eliminate, remediate or work around errors or defects, to address and eliminate vulnerabilities and to address any applicable legal or contractual obligations relating to any actual or perceived security breach;

•negative publicity and damage to our reputation and brand; and

•legal claims and demands (including for stolen assets or information, repair of system damages, and compensation to customers and business partners), litigation, regulatory inquiries or investigations and other liability.

Any of the above results could materially and adversely affect our business, financial condition and results of operations.

Additionally, with product effectiveness a critical competitive factor in our industry, we make public statements, including on our website, in marketing materials and elsewhere, describing the effectiveness of our products and the performance of our solutions. As a result, we may face claims, including claims of unfair or deceptive trade practices, brought by the U.S. Federal Trade Commission, state, local, or foreign regulators, and private litigants.

Risks Related to Our People

We rely on our key technical, sales and management personnel to grow our business, and the loss of one or more key employees or the inability to attract and retain qualified personnel could harm our business.

Our future success is substantially dependent on our ability to attract, retain and motivate the members of our management team and other key employees throughout our organization. We rely on our leadership team in the areas of operations, security, marketing, sales, support, research and development and general and administrative functions. Although we have entered into employment agreements and other arrangements with certain of our key personnel, our employees, including our executive officers, may terminate their employment with us at any time. We do not maintain key person life insurance policies on any of our employees. The loss of one or more of our executive officers or key employees could seriously harm our business.

To execute our growth plan, we must attract and retain highly qualified personnel. Competition for these personnel is intense, especially for experienced sales professionals and for engineers experienced in designing and developing cybersecurity applications and security software. We have from time to time experienced, and we expect to continue to experience, difficulty in hiring and retaining employees with appropriate qualifications. For example, in recent years, recruiting, hiring and retaining employees with expertise in the cybersecurity industry has become increasingly difficult as the demand for cybersecurity professionals has increased as a result of the recent cybersecurity attacks on global corporations and governments. Many of the companies with which we compete for experienced personnel have greater resources than we have, which provides those companies an advantage in, among other things, recruiting and retaining foreign employees on Visas for work in the U.S. In addition, job candidates and existing employees often consider the value of the equity awards they receive in connection with their employment. Volatility or lack of performance in our stock

33

price may also affect our ability to attract and retain our key employees. Any failure to successfully attract, integrate or retain qualified personnel to fulfill our current or future needs could materially and adversely affect our business, operating results and financial condition.

Our ability to maintain customer satisfaction depends in part on the quality of our customer support, including the quality of the support provided on our behalf by certain channel partners. Failure to maintain high-quality customer support could have an adverse effect on our business, financial condition and results of operations.

If we do not provide adequate support to our customers, our ability to renew subscriptions, increase the number of users and sell additional services to customers will be adversely affected. We believe that successfully delivering our Zero Trust solutions often require a high level of customer support and engagement. We or our channel partners must successfully assist our customers in deploying our Zero Trust solutions, resolving performance issues, and addressing interoperability challenges with a customer’s existing network and security infrastructure. Many enterprises, particularly large organizations, have very complex networks and require high levels of focused support, including premium support offerings, to fully realize the benefits of our products and services. We believe our service is of high quality and a key competitive advantage. Any failure by us to maintain the expected level of support could reduce customer satisfaction and hurt our customer retention, particularly with respect to our large enterprise customers. Additionally, if our channel partners do not provide support to the satisfaction of our customers, we may be required to provide this level of support to those customers, which would require us to hire additional personnel and to invest in additional resources. We may not be able to hire such resources fast enough to keep up with demand, particularly if the sales of our products and services exceed our internal forecasts. To the extent that we or our channel partners are unsuccessful in hiring, training and retaining adequate support resources, our ability and the ability of our channel partners to provide adequate and timely support to our customers will be negatively impacted, and our customers’ satisfaction with our products or services could be adversely affected. Furthermore, as we sell our solutions internationally, our support organization faces additional challenges, including those associated with delivering support, training and documentation in languages other than English. Any failure to maintain high-quality customer support, or a market perception that we do not maintain high-quality support, could materially harm our reputation, adversely affect our ability to sell our solutions to existing and prospective customers and could harm our business, financial condition and results of operations.

Risks Related to Our Intellectual Property

It may be difficult to enforce our intellectual property rights, which could enable others to copy or use aspects of our solutions without compensating us.

We believe our intellectual property is a key competitive advantage. We rely on a combination of patent, copyright, trademark and trade secret laws, as well as confidentiality procedures and contractual provisions, to establish and protect our intellectual property rights, all of which provide only limited protection. The efforts we have taken to protect our intellectual property rights may not be sufficient or effective, and our patents, trademarks and copyrights may be held invalid or unenforceable. Moreover, we cannot assure you that any patents will be issued with respect to our currently pending patent applications in a manner that gives us adequate defensive protection or competitive advantages, or that any patents issued to us will not be challenged, invalidated or circumvented. We have filed for patents in the United States and in certain non-U.S. jurisdictions, but such protections may not be available in all countries in which we operate or in which we seek to enforce our intellectual property rights or may be difficult to enforce in practice. For example, many foreign countries have compulsory licensing laws under which a patent owner must grant licenses to third parties. In addition, many countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. Moreover, we may need to expend additional resources to defend our intellectual property rights in these countries, and our inability to do so could impair our business or adversely affect our international expansion. Our currently issued patents and any patents that may be issued in the future with respect to pending or future patent applications may not provide sufficiently broad protection, or they may not prove to be enforceable in actions against alleged infringers. Additionally, the U.S. Patent and Trademark Office and various foreign governmental patent agencies require compliance with a number of procedural, documentary, fee payment and other similar provisions during the patent application process and to maintain issued patents. There are situations in which noncompliance can result in abandonment or lapse of the patent or patent application, resulting in partial or complete loss of patent rights in the relevant jurisdiction. If this occurs, it could materially harm our business, operating results, financial condition and prospects. Likewise, we have applied for trademark registrations in the U.S. and certain non-U.S. jurisdictions, but have not applied to register our trademarks in every country in which we currently conduct business or may expand in the future. Third parties may register our marks in those countries and prevent us from doing so.

34

We may not be effective in policing unauthorized use of our intellectual property rights, as we do not take active measures to monitor for infringement of our patents or trademarks, and even if we do detect violations, litigation may be necessary to enforce our intellectual property rights. In addition, our intellectual property may be stolen, including by cybercrimes, and we may not be able to identify the perpetrators or prevent the exploitation of our intellectual property by our competitors or others. Protecting against the unauthorized use of our intellectual property rights, technology and other proprietary rights is expensive and difficult, particularly outside of the United States. Any enforcement efforts we undertake, including litigation, could be time-consuming and expensive and could divert management’s attention, either of which could harm our business, operating results and financial condition. Further, attempts to enforce our rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us, or result in a holding that invalidates or narrows the scope of our rights, in whole or in part. The inability to adequately protect and enforce our intellectual property and other proprietary rights could seriously harm our business, operating results, financial condition and prospects. Even if we are able to secure our intellectual property rights, we cannot assure you that such rights will provide us with competitive advantages or distinguish our services from those of our competitors or that our competitors will not independently develop similar technology, duplicate any of our technology, or design around our patents.

We incorporate technology from third parties into our products, and our inability to obtain or maintain rights to the technology could harm our business.

We license software and other technology from third parties that we incorporate into or integrate with, our products. We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our services. In addition, many licenses are non-exclusive, and therefore our competitors may have access to the same technology licensed to us. Some of our agreements with our licensors may be terminated for convenience by them, or otherwise provide for a limited term. If we are unable to continue to license any of this technology for any reason, our ability to develop and sell our services containing such technology could be harmed. Similarly, if we are unable to license necessary technology from third parties now or in the future, we may be forced to acquire or develop alternative technology, which we may be unable to do in a commercially feasible manner or at all, and we may be required to use alternative technology of lower quality or performance standards. This could limit and delay our ability to offer new or competitive products and services. As a result, our business and results of operations could be significantly harmed.

Some of our technology incorporates “open source” software, and we license some of our software through open source projects, which could negatively affect our ability to sell our products and subject us to possible litigation.

Some of our solutions incorporate software licensed by third parties under open source licenses, including open source software embedded in software we receive from third-party commercial software vendors. Use of open source software may entail greater risks than use of third-party commercial software, as open source licensors generally do not provide support, updates or warranties or other contractual protections regarding infringement claims or the quality of the code. In addition, the wide availability of open source software used in our solutions could expose us to security vulnerabilities. Furthermore, the terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market or commercialize our solutions. As a result, we could be subject to lawsuits by parties claiming ownership of what we believe to be open source software. Litigation could be costly for us to defend, have a negative effect on our results of operations and financial condition or require us to devote additional research and development resources to change our solutions. In addition, by the terms of some open source licenses, under certain conditions we could be required to release the source code of our proprietary software, and to make our proprietary software available under open source licenses, including authorizing further modification and redistribution. In the event that portions of our proprietary software are determined to be subject to such requirements by an open source license, we could be required to publicly release the affected portions of our source code, re-engineer all or a portion of our products or services or otherwise be limited in the licensing of our services, each of which provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in our solutions and could reduce or eliminate the value of our services. Further, if we are held to have breached or otherwise failed to comply with the terms of an open source software license, we could be required to release certain of our proprietary source code under open source licenses, pay monetary damages, seek licenses from third parties to continue offering our services on terms that are not economically feasible or be subject to injunctions that could require us to discontinue the sale of our services if re-engineering could not be accomplished on a timely basis. Many of the risks associated with use of open source software cannot be eliminated and could negatively affect our business. Moreover, we cannot assure you that our processes for controlling our use of open source software in our products will be effective. Responding to any infringement or noncompliance claim by an open source vendor, regardless of its validity, or

35

discovering open source software code in our software could harm our business, operating results and financial condition by, among other things:

•resulting in time-consuming and costly litigation;

•diverting management’s time and attention from developing our business;

•requiring us to pay monetary damages or enter into royalty and licensing agreements that we would not normally find acceptable;

•causing delays in the deployment of our products or service offerings to our customers;

•requiring us to stop offering certain services on or features of our products;

•requiring us to redesign certain components of our software using alternative non-infringing or non-open source technology, which could require significant effort and expense;

•requiring us to disclose our software source code and the detailed program commands for our software; and

•requiring us to satisfy indemnification obligations to our customers.

Claims by others that we infringe their proprietary technology or other rights, or other lawsuits asserted against us, could result in significant costs and substantially harm our business, financial condition, results of operations and prospects.

A number of companies in our industry hold a large number of patents and also protect their copyright, trade secret and other intellectual property rights, and companies in the networking and security industry frequently enter into litigation based on allegations of patent infringement or other violations of intellectual property rights. In addition, patent holding companies seek to monetize patents they previously developed, have purchased or otherwise obtained. Many companies, including our competitors, may now, and in the future, have significantly larger and more mature patent, copyright, trademark and trade secret portfolios than we have, which they may use to assert claims of infringement, misappropriation and other violations of intellectual property rights against us. In addition, future litigation may involve non-practicing entities or other patent owners who have no relevant product offerings or revenue and against whom our own patents may therefore provide little or no deterrence or protection. As we face increasing competition and gain an increasingly higher profile, including as a result of becoming a public company, the possibility of intellectual property rights claims against us grows. Third parties have asserted in the past and may in the future assert claims of infringement of intellectual property rights against us and these claims, even without merit, could harm our business, including by increasing our costs, reducing our revenue, creating customer concerns that result in delayed or reduced sales, distracting our management from the running of our business and requiring us to cease use of important intellectual property. In addition, because patent applications can take years to issue and are often afforded confidentiality for some period of time, there may currently be pending applications, unknown to us, that later result in issued patents that could cover one or more of our services. Moreover, in a patent infringement claim against us, we may assert, as a defense, that we do not infringe the relevant patent claims, that the patent is invalid or both. The strength of our defenses will depend on the patents asserted, the interpretation of these patents, and our ability to invalidate the asserted patents. However, we could be unsuccessful in advancing non-infringement and/or invalidity arguments in our defense. In the United States, issued patents enjoy a presumption of validity, and the party challenging the validity of a patent claim must present clear and convincing evidence of invalidity, which is a high burden of proof. Conversely, the patent owner need only prove infringement by a preponderance of the evidence, which is a lower burden of proof. Furthermore, because of the substantial amount of discovery required in connection with patent and other intellectual property rights litigation, there is a risk that some of our confidential information could be compromised by the discovery process.

As the number of products and competitors in our market increases and overlaps occur, claims of infringement, misappropriation and other violations of intellectual property rights may increase. Our insurance may not cover intellectual property rights infringement claims. Third parties may in the future also assert infringement claims against our customers or channel partners, with whom our agreements may obligate us to indemnify against these claims. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that such employees have divulged proprietary or other confidential information to us.

36

From time to time, the U.S. Supreme Court, other U.S. federal courts and the U.S. Patent and Trademark Appeals Board, and their foreign counterparts, have made and may continue to make changes to the interpretation of patent laws in their respective jurisdictions. We cannot predict future changes to the interpretation of existing patent laws or whether U.S. or foreign legislative bodies will amend such laws in the future. Any changes may lead to uncertainties or increased costs and risks surrounding the outcome of third-party infringement claims brought against us and the actual or enhanced damages, including treble damages, that may be awarded in connection with any such current or future claims and could have a material adverse effect on our business and financial condition.

We are unable to predict the likelihood of success in defending against future infringement claims. In the event that we fail to successfully defend ourselves against an infringement claim, a successful claimant could secure a judgment or otherwise require payment of legal fees, settlement payments, ongoing royalties or other costs or damages; or we may agree to a settlement that prevents us from offering certain services or features; or we may be required to obtain a license, which may not be available on reasonable terms, or at all, to use the relevant technology. If we are prevented from using certain technology or intellectual property, we may be required to develop alternative, non-infringing technology, which could require significant time, during which we could be unable to continue to offer our affected services or features, effort and expense and may ultimately not be successful. Any of these outcomes could result in a material adverse effect on our business. Even if we were to prevail, third-party infringement lawsuits could be costly and time-consuming, divert the attention of our management and key personnel from our business operations, deter channel partners from selling or licensing our services and dissuade potential customers from purchasing our services, which would also materially harm our business. In addition, any public announcements of the results of any proceedings in third-party infringement lawsuits could be negatively perceived by industry or financial analysts and investors and could cause our stock price to experience volatility or decline. Further, the expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our results of operations. Any of these events could materially and adversely harm our business, financial condition and results of operations.

Risks Related to Legal and Regulatory Matters

Failure to comply with laws and regulations applicable to our business could subject us to fines and penalties and could also cause us to lose customers in the public sector or negatively impact our ability to contract with the public sector.

Our business is subject to regulation by various federal, state, local and foreign governmental agencies, including agencies responsible for monitoring and enforcing privacy and data protection laws and regulations, government contract laws, employment and labor laws, workplace safety, anti-bribery laws, import and export controls, federal securities laws and tax laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than in the United States. These laws and regulations impose added costs on our business. Noncompliance with applicable regulations or requirements could subject us to:

•investigations, enforcement actions and sanctions;

•mandatory changes to our Zero Trust solutions;

•disgorgement of profits, fines and damages;

•civil and criminal penalties or injunctions;

•claims for damages by our customers or channel partners;

•termination of contracts;

•loss of intellectual property rights; and

•temporary or permanent debarment from sales to government organizations.

If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, operating results and financial condition could be adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could materially harm our business, operating results and financial condition.

We endeavor to properly classify employees as exempt versus non-exempt, as well as employee versus independent contractor, under applicable law. Although there are no pending or threatened material claims or investigations against us asserting that some employees or independent contractors are improperly classified, the possibility exists that some of our current or former employees or independent contractors could have been incorrectly classified.

In addition, we must comply with laws and regulations relating to the formation, administration and performance of contracts with the public sector, including U.S. federal, state and local governmental organizations, which affect how we

37

and our channel partners do business with governmental agencies. Selling our solutions to the U.S. government, whether directly or through channel partners, also subjects us to certain regulatory and contractual requirements. Failure to comply with these requirements by either us or our channel partners could subject us to investigations, fines and other penalties, which could have an adverse effect on our business, operating results, financial condition and prospects. As an example, the U.S. Department of Justice, or DOJ, and the General Services Administration, or GSA, have in the past pursued claims against and financial settlements with IT vendors under the False Claims Act and other statutes related to pricing and discount practices and compliance with certain provisions of GSA contracts for sales to the federal government. The DOJ and GSA continue to actively pursue such claims. Violations of certain regulatory and contractual requirements could also result in us being suspended or debarred from future government contracting. Any of these outcomes could have a material adverse effect on our revenue, operating results, financial condition and prospects.

We are also subject to the U.S. Foreign Corrupt Practices Act of 1977, the U.K. Bribery Act 2010 and other anti-corruption, anti-bribery, anti-money laundering and similar laws in the United States and other countries in which we conduct activities. Anti-corruption and anti-bribery laws, which have been enforced aggressively and are interpreted broadly, prohibit companies and their employees and agents from promising, authorizing, making or offering improper payments or other benefits to government officials and others in the private sector. We leverage third parties, including channel partners, to sell subscriptions to our products and conduct our business abroad. We and these third-party intermediaries may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and we may be held liable for the corrupt or other illegal activities of these third-party business partners and intermediaries, our employees, representatives, contractors, channel partners and agents, even if we do not explicitly authorize such activities. While we have policies and procedures to address compliance with such laws, we cannot assure you that all of our employees and agents will not take actions in violation of our policies and applicable law, for which we may be ultimately held responsible. As we increase our international sales and business, our risks under these laws may increase. Noncompliance with these laws could subject us to investigations, severe criminal or civil sanctions, settlements, prosecution, loss of export privileges, suspension or debarment from U.S. government contracts, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, whistleblower complaints, adverse media coverage and other consequences. Any investigations, actions or sanctions could materially harm our reputation, business, results of operations and financial condition.

These laws and regulations impose added costs on our business, and failure to comply with these or other applicable regulations and requirements could lead to claims for damages from our channel partners or customers, penalties, termination of contracts, loss of exclusive rights in our intellectual property and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could have a material adverse effect on our business and operating results.

We and our directors, officers and affiliates have in the past and may in the future become involved in litigation and other proceedings that may adversely affect us.

From time to time, we and our directors, officers and affiliates have been subject to claims, suits and other proceedings. Regardless of the outcome, legal proceedings can have an adverse impact on us because of legal costs and diversion of management attention and resources, and could cause us to incur significant expenses or liability, adversely affect our brand recognition or require us to change our business practices. The expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our business, operating results and financial condition. It is possible that a resolution of one or more such proceedings could result in substantial damages, settlement costs, fines and penalties that would adversely affect our business, financial condition, operating results or cash flows in a particular period. These proceedings could also result in reputational harm, sanctions, consent decrees or orders requiring a change in our business practices. Additionally, our directors, officers and affiliates, or their respective affiliated entities, are currently and may in the future be the subject of claims, suits, litigation and government investigation in their individual capacities or in connection with other business ventures, which could adversely impact our reputation or public perception of our company, irrespective of the merits of any such proceeding. Because of the potential risks, expenses and uncertainties of litigation, we may, from time to time, settle disputes, even where we have meritorious claims or defenses, by agreeing to settlement agreements. Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, financial condition, operating results and prospects. Any of these consequences could adversely affect our business, operating results and financial condition.

We could be subject to securities class action litigation. In the past, securities class action litigation has often been instituted against companies following periods of volatility in the market price of a company’s securities.

38

This type of litigation, if instituted, could result in substantial costs and a diversion of management’s attention and resources, which could adversely affect our business, operating results, or financial condition. Additionally, the dramatic increase in the cost of directors’ and officers’ liability insurance may cause us to opt for lower overall policy limits or to forgo insurance that we may otherwise rely on to cover significant defense costs, settlements, and damages awarded to plaintiffs.

If we were not able to satisfy data protection, security, privacy and other government- and industry-specific requirements or regulations, our business, results of operations and financial condition could be harmed.

Personal privacy, data protection and information security are significant issues in the United States, Europe and in other jurisdictions where we offer our cybersecurity solutions. The regulatory framework for privacy, data protection, and cybersecurity matters is rapidly evolving and is likely to remain uncertain for the foreseeable future. Our handling of data is subject to a variety of laws and regulations, including regulation by various government agencies. Evolving and changing definitions of personal data and personal information, within the E.U., the United States, and elsewhere, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing or uses of personal data and personal information, and may require significant expenditures and efforts in order to comply.

The U.S. federal government, and various state and foreign governments, have adopted or proposed limitations on the collection, distribution, use and storage of information relating to individuals. Such laws and regulations may require companies to implement privacy and security policies, permit customers to access, correct and delete information stored or maintained by such companies, inform individuals of security breaches that affect their information, and, in some cases, obtain individuals’ consent to use information for certain purposes. Laws and regulations outside the United States, and particularly in Europe, often are more restrictive than those in the United States. In addition, some foreign governments require that certain information collected in a country be retained within that country. We also may find it necessary or desirable to join industry or other self-regulatory bodies or other information security or data protection-related organizations that require compliance with their rules pertaining to information security and data protection. We also may be bound by additional, more stringent contractual obligations relating to our collection, use and disclosure of personal, financial and other data.

We also expect that there will continue to be new proposed laws, regulations and industry standards concerning privacy, data protection and information security in the United States, the European Union and other jurisdictions in which we operate or may operate, and we cannot yet determine the impact such future laws, regulations and standards may have on our business. For example, the European Union implemented the General Data Protection Regulation in May 2018, which imposes stringent data protection requirements and provides for significant penalties for noncompliance. In addition, data protection laws in Europe impose requirements with respect to the cross-border transfer of certain personal data. We historically relied upon data transfer mechanisms such as the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield frameworks, and the use of certain standard contractual clauses approved by the European Commission, to address these requirements. In July 2020, the CJEU, Europe’s highest court, held that the EU-U.S. Privacy Shield was invalid, and imposed additional obligations in connection with the use of contractual clauses governing cross-border transfers of personal data. As a result, we may need to implement different or additional measures to establish or maintain legitimate means for the transfer and receipt of personal data from the European Union to the U.S. In addition, due to the UK’s departure from the European Union, we are subject to requirements for personal data transfers to and from the UK, which continue to evolve following Brexit. If the measures we implement are later determined to be insufficient, we may face enforcement actions by data protection authorities.

In addition, California adopted the California Consumer Privacy Act in 2018, which took effect in January 2020 and seeks to provide California consumers with increased privacy rights and protections for their personal information. The 2018 Act was further modified by the California Privacy Rights Act, which became effective January 1, 2023. Similar laws in Virginia took effect on January 1, 2023, in Colorado and Connecticut take effect on July 1, 2023 and in Utah take effect on December 31, 2023. We expect that existing laws, regulations and standards may be interpreted in new manners in the future. Future laws, regulations, standards and other obligations, and changes in the interpretation of existing laws, regulations, standards and other obligations could require us to modify our solutions, restrict our business operations, increase our costs and impair our ability to maintain and grow our customer base and increase our revenue.

Although we work to comply with applicable laws and regulations, industry standards, contractual obligations and other legal obligations, those laws, regulations, standards and obligations are evolving and may be modified, interpreted and applied in an inconsistent manner from one jurisdiction to another, and may conflict with one another. In addition, they may conflict with other requirements or legal obligations that apply to our business or the security features and services

39

that our customers expect from our solutions and may require us to make changes to our solutions or other practices in an effort to comply with them. As such, we cannot assure ongoing compliance with all such laws, regulations, standards and obligations. Any failure or perceived failure by us to comply with applicable laws, regulations, standards or obligations, or any actual or suspected security breach or other security incident, whether or not resulting in unauthorized access to, or acquisition, release or transfer of information relating to individuals or other data, may result in governmental investigations, enforcement actions and other proceedings, private litigation, fines and penalties or adverse publicity, and could cause our customers to lose trust in us, which could have an adverse effect on our reputation and business. Any inability to adequately address privacy and security concerns, even if unfounded, or comply with applicable laws, regulations, standards and obligations, could result in additional cost and liability to us, damage our reputation, inhibit sales, and materially and adversely affect our business and operating results.

Claims for indemnification by our directors and officers may reduce our available funds to satisfy successful third-party claims against us and may reduce the amount of money available to us.

Our A&R Charter and A&R Bylaws provide that we will indemnify our directors and officers, in each case, to the fullest extent permitted by Delaware law. Our A&R Charter also allows our Board to indemnify other employees. This indemnification will extend to the payment of judgments in actions against officers and directors and to reimbursement of amounts paid in settlement of such claims or actions and may apply to judgments in favor of the Company or amounts paid in settlement to the Company. This indemnification will also extend to the payment of attorneys’ fees and expenses of officers and directors in suits against them where the officer or director acted in good faith and in a manner he or she reasonably believed to be in, or not opposed to, the best interests of the Company, and, with respect to any criminal action or proceeding, he or she had no reasonable cause to believe his or her conduct was unlawful. This right of indemnification is not exclusive of any right to which the officer or director may be entitled as a matter of law and shall extend and apply to the estates of deceased officers and directors.

Risks Related to Financial, Tax and Accounting Matters

Management has performed an analysis of our ability to continue as a going concern, and has determined that, based on our current financial position, there is a substantial doubt about our ability to continue as a going concern. In addition, our independent registered public accounting firm has raised substantial doubt as to our ability to continue as a going concern.

Based on its assessment, management has raised substantial doubt about our ability to continue as a going concern. The Company had cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility of $11.5 million and $3.5 million, respectively, at December 31, 2022, a loss from continuing operations of $80.1 million for the year ended December 31, 2022, and an accumulated deficit of $546.1 million at December 31, 2022. Current economic and market conditions have put pressure on our growth plans. The Company’s ability to continue as a going concern is dependent on its ability to obtain additional capital. The Company believes that its current level of cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility are not sufficient to continue investing in growth, while at the same time meeting its obligations as they become due. These conditions raise substantial doubt regarding our ability to continue as a going concern. In an effort to alleviate these conditions, management is currently evaluating various cost reduction and other alternatives and may seek to raise additional funds through the issuance of equity, mezzanine or debt securities, through arrangements with strategic partners, through obtaining credit from financial institutions or otherwise.

Our independent registered public accounting firm has included in its audit report for the year ended December 31, 2022, an explanatory paragraph expressing substantial doubt as to our ability to continue as a going concern. A going concern opinion in the report of our independent registered public accounting firm could impair our ability to finance our operations through public or private equity offerings or debt financings, or a combination of one or more of these funding sources. Any additional equity or equity-linked debt financing could be extremely dilutive to our current stockholders. Additional capital may not be available on reasonable terms, or at all, and we may be required to terminate or significantly curtail our operations, or enter into arrangements with collaborative partners or others that may require us to relinquish rights to certain aspects of our product candidates, or potential markets that we would not otherwise relinquish. If we are unable to obtain capital, our business would be jeopardized, and we may not be able to continue operations.

40

If we fail to maintain effective disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.

As a public company, we are subject to the reporting requirements of the Exchange Act and the Sarbanes-Oxley Act of 2002 (the “Sarbanes-Oxley Act”). We expect that the requirements of these rules and regulations will continue to increase our legal, accounting, and financial compliance costs, make some activities more difficult, time-consuming, and costly, and place significant strain on our personnel, systems, and resources.

The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. We are continuing to develop and refine our disclosure controls and other procedures that are designed to ensure that information required to be disclosed by us in the reports that we will file with the SEC is recorded, processed, summarized, and reported within the time periods specified in SEC rules and forms and that information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers and Board of Directors.

We are required to comply with Section 404 of the Sarbanes-Oxley Act, which requires annual management assessments of the effectiveness of our internal control over financial reporting as of year-end. In particular, we are required to perform system and process evaluation and testing of our internal controls over financial reporting to allow management to report on the effectiveness of our internal controls over financial reporting, as required by Section 404(a) of the Sarbanes-Oxley Act (the “404 Assessment”). We cannot assure you that we will at all times in the future be able to report that our internal controls are effective.

Our current controls and any new controls that we develop may become ineffective because of changes in conditions in our business. Further, weaknesses in our disclosure controls and internal control over financial reporting may be identified in the future. Any failure to develop or maintain effective controls or any challenges encountered in their implementation or improvement could harm our results of operations or cause us to not meet our reporting obligations and may result in a restatement of our financial statements for prior periods. Any failure to implement and maintain effective internal control over financial reporting also could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we may be required to include in our future periodic reports filed with the SEC. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financials and other information, which may have a negative effect on the trading price of our common stock. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on any national securities exchange on which our common stock may be listed in the future.

Our independent registered public accounting firm is not required to attest to the effectiveness of our internal control over financial reporting until after we are no longer a smaller reporting company as defined under Regulation S-K promulgated by the SEC. At such time, our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our internal control over financial reporting is documented, designed, or operating. Any failure to maintain effective disclosure controls and internal control over financial reporting could have an adverse effect on our business and results of operations and could cause an adverse effect on the trading price of our securities.

We have previously identified material weaknesses in our internal control over financial reporting. These material weaknesses could continue to adversely affect our ability to report our results of operations and financial condition accurately and in a timely manner.

On November 8, 2022, our Board of Directors, after meeting with management to consider the relevant facts and circumstances, determined that the Company’s financial statements as of and for the years ended December 31, 2021 and 2020, the interim periods within those years, and the Company’s financial statements for the interim periods ended March 31, 2022 and June 30, 2022 should no longer be relied upon because of errors in such financial statements.

Although our management had not yet conducted a 404 Assessment as of December 31, 2021, as part of the restatement process in connection with our financials as of and for the year ended December 31, 2021, we identified material weaknesses in our internal control over financial reporting. Our management identified (i) errors in our accounting relating to our controls over the estimation of the relationship between the term license and the support and maintenance for establishing their respective stand-alone sales prices in multi-year contracts related to revenue for our sales of software through multi-year term-based license agreements, (ii) errors in our accounting relating to our controls related to recognition of commission expense and (iii) inadequate management review controls over our financial statement

41

disclosures with respect certain calculations (collectively, the “10-K Material Weaknesses”). Furthermore, in connection with the preparation of the restatement of our quarterly financials for the three months ended March 31, 2022, our management identified an additional material weakness in internal control over financial reporting, as we did not design and maintain effective controls related to the evaluation of awards under our 2021 Plan (the “10-Q Material Weakness”).

In addition, in connection with the preparation of Legacy Appgate’s consolidated financial statements as of and for the year ended December 31, 2020, Legacy Appgate’s management and its independent registered public accounting firm identified material weaknesses in internal control over financial reporting with respect to the design of our information technology general controls related to user access and change management as well as certain financial reporting transaction level controls including account reconciliations, related party transactions and journal entries (the “Legacy Appgate Material Weaknesses”).

A material weakness is a deficiency, or a combination of control deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of the company’s annual or interim financial statements will not be prevented or detected on a timely basis. For further detail of the 10-K Material Weaknesses, the 10-Q Material Weakness and the Legacy Appgate Material Weaknesses and the Company’s plans for their remediation, see Part II, Item 9A of this Annual Report.

There can be no assurance that other material weaknesses will not arise in the future. Any material weaknesses in our internal control over financial reporting could cause us to fail to meet our future reporting obligations or could result in material misstatements in our financial statements, which in turn could have an adverse effect on our reputation, financial condition and our ability to timely and properly comply with our reporting obligations under the Exchange Act. Any material weakness could also adversely affect the results of the periodic management evaluations and, to the extent we are no longer a smaller reporting company, the annual auditor attestation reports regarding the effectiveness of our internal control over financial reporting that will be required under Section 404 of the Sarbanes-Oxley Act. Internal control deficiencies could also cause investors to lose confidence in our reported financial information which could have an adverse effect on the trading price of our securities.

Being a public company requires that we incur significant costs, diverts our resources and management’s attention and may affect our ability to attract and retain executive management and qualified Board members.

As a public company, we are subject to the reporting and corporate governance requirements of the Exchange Act, and other applicable securities rules and regulations, including the Sarbanes-Oxley Act and the Dodd-Frank Wall Street Reform and Consumer Protection Act. Compliance with these rules and regulations requires us to incur significant legal and financial compliance costs, makes some activities more difficult, time-consuming or costly and increases demand on our systems and resources. Among other things, the Exchange Act requires that we file annual, quarterly and current reports with respect to our business and results of operations and maintain effective disclosure controls and procedures and internal control over financial reporting. In order to improve our disclosure controls and procedures and internal control over financial reporting to meet this standard, additional resources and management oversight are required. As a result, management’s attention is at times diverted from other business concerns, which could harm our business, financial condition, results of operations and prospects. Although we have hired additional personnel to help comply with these requirements, we may need to further expand our legal and finance departments in the future, which will increase our costs and expenses. In addition, changing laws, regulations and standards relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time-consuming. These laws, regulations and standards are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as new guidance is provided by regulatory and governing bodies. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices. We intend to invest resources to comply with evolving laws, regulations and standards, and this investment may result in increased general and administrative expense and a diversion of management’s time and attention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations and standards differ from the activities intended by regulatory or governing bodies, regulatory authorities may initiate legal proceedings against us and our business and prospects may be harmed.

As a result of disclosure of information in the filings required of a public company, our business and financial condition have become more visible, which could result in threatened or actual litigation, including by competitors and other third parties. If such claims are successful, our business, financial condition, results of operations and prospects could be harmed, and even if the claims do not result in litigation or are resolved in our favor, these claims, and the time and resources necessary to resolve them, could divert the resources of our management and harm our business, financial

42

condition, results of operations and prospects. These factors could also make it more difficult for us to attract and retain qualified employees, executive officers and members of our Board.

Our ability to use our net operating loss carryforwards and certain other tax attributes may be limited.

As of December 31, 2022, we had aggregate U.S. federal and state net operating loss carryforwards of $233.2 million and $107.3 million, respectively, which may be available to offset future taxable income for U.S. income tax purposes. If not utilized, $72.9 million of the federal net operating loss carryforwards will begin to expire in 2035 with the remainder carried forward indefinitely, and $72.7 million of the state net operating loss carryforwards will begin to expire in 2023 with the remainder carried forward indefinitely. We also had foreign net operating loss carryforwards of $6.0 million, which do not expire. Realization of these net operating loss carryforwards depends on future income, and there is a risk that certain of our existing carryforwards could expire unused and be unavailable to offset future income tax liabilities, which could adversely affect our operating results and financial condition. In addition, under Sections 382 and 383 of the Code, if a corporation undergoes an “ownership change,” generally defined as a greater than 50% change (by value) in ownership by “5 percent shareholders” over a rolling three-year period, the corporation’s ability to use its pre-change net operating loss carryovers and other pre-change tax attributes to offset its post-change income or taxes may be limited. Similar rules apply under U.S. state tax laws. We have experienced ownership changes in the past and we may experience an ownership change in the future as a result of shifts in our stock ownership. As a result, if we earn net taxable income, our ability to use our pre-change U.S. net operating loss carryforwards to offset U.S. federal taxable income may be subject to limitations, which could potentially result in increased future tax liability to us. In addition to the net operating loss carryforwards discussed above, as a result of past acquisitions and the Merger, we have an additional $12.9 million of federal net operating loss carryforwards. Management has not concluded on the realizability of these NOLs or whether they may be limited by Code Section 382 or 383. Any determination that all or a portion of any such NOLs is not realizable or may be limited by Code Section 382 or 383, would lessen the amount available to us.

We could be subject to additional tax liabilities and United States federal income tax reform could adversely affect us.

We are subject to U.S. federal, state, local and sales taxes in the United States and foreign income taxes, withholding taxes and transaction taxes in numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for income taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. In addition, our future income tax obligations could be adversely affected by changes in, or interpretations of, tax laws in the United States or in other jurisdictions in which we operate. For example, in December 2017, the United States adopted new tax law legislation commonly referred to as the U.S. Tax Cuts and Jobs Act of 2017 (the “Tax Act”) (as modified by the Coronavirus Aid, Relief, and Economic Security Act), which significantly reforms the Code. The Tax Act, among other things, includes changes to U.S. federal tax rates, imposes significant additional limitations on the deductibility of interest and the use of net operating losses generated in tax years beginning after December 31, 2017, allows for the expensing of certain capital expenditures, and puts into effect the migration from a “worldwide” system of taxation to a largely territorial system. Further changes to U.S. tax laws, including limitations on the ability of taxpayers to claim and utilize foreign tax credits, as well as changes to U.S. tax laws that may be enacted in the future, could impact the tax treatment of our foreign earnings. Due to expansion of our international business activities, any changes in the U.S. taxation of such activities may increase our worldwide effective tax rate and adversely affect our operating results and financial condition. The enactment of legislation implementing changes in the U.S. taxation of international business activities or the adoption of other tax reform policies could adversely impact our operating results and financial condition.

We could be required to collect additional sales, use, value added, digital services, or other similar taxes or be subject to other liabilities that may increase the costs our customers would have to pay for our solutions and adversely affect our business, operating results, and financial condition.

We collect sales, use, value added, digital services, and other similar taxes in a number of jurisdictions. One or more U.S. states or countries may seek to impose incremental or new sales, use, value added, digital services, or other tax collection obligations on us. Further, an increasing number of U.S. states have considered or adopted laws that attempt to impose tax collection obligations on out-of-state companies. Additionally, the Supreme Court of the United States ruled in South Dakota v. Wayfair, Inc. et al, or Wayfair, that online sellers can be required to collect sales and use tax despite not having a physical presence in the state of the customer. In response to Wayfair, or otherwise, U.S. states or local governments may adopt, or begin to enforce, laws requiring us to calculate, collect, and remit taxes on sales in their jurisdictions. A successful assertion by one or more U.S. states requiring us to collect taxes where we presently do not do so, or to collect more taxes in a jurisdiction in which we currently do collect some taxes, could result in substantial liabilities, including taxes on past sales, as well as interest and penalties. Furthermore, certain jurisdictions, such as the U.K. and France, have introduced a digital services tax, which is generally a tax on gross revenue generated from users or customers located in

43

those jurisdictions, and other jurisdictions have enacted or are considering enacting similar laws. A successful assertion by a U.S. state or local government, or other country or jurisdiction that we should have been or should be collecting additional sales, use, value added, digital services or other similar taxes could, among other things, result in substantial tax payments, create significant administrative burdens for us, discourage potential customers from subscribing to our solutions due to the incremental cost of any such sales or other related taxes, or otherwise harm our business.

Our corporate structure and intercompany arrangements are subject to the tax laws of various jurisdictions, and we could be obligated to pay additional taxes, which would harm our results of operations.

Our corporate structure and associated transfer pricing policies contemplate the business flows and future growth into the international markets, and consider the functions, risks and assets of the various entities involved in the intercompany transactions. The amount of taxes we pay in different jurisdictions may depend on the application of the tax laws of the various jurisdictions, including the United States, to our international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies, and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements. For example, certain jurisdictions have introduced a digital services tax, which is generally a tax on gross revenue generated from users or customers located in those jurisdictions, and other jurisdictions are considering enacting similar laws. The taxing authorities of the jurisdictions in which we operate may challenge our methodologies for pricing intercompany transactions pursuant to the intercompany arrangements or disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a challenge or disagreement were to occur, and our position was not sustained, or if there are changes in tax laws or the way existing tax laws are interpreted or applied, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. Our financial statements could fail to reflect adequate reserves to cover such a contingency.

Our revenue recognition policy and other factors may distort our financial results in any given period and make them difficult to predict.

Under accounting standards update No. 2014-09 (Topic 606), Revenue from Contracts with Customers (“ASC 606”), we recognize revenue when our customer obtains control of goods or services in an amount that reflects the consideration that we expect to receive in exchange for those goods or services. We sell and deliver our solutions as term-based license subscriptions, perpetual licenses and software-as-a-service (“SaaS”), together with related support services. For those term-based and perpetual license arrangements, we generally recognize both revenue upfront when the distinct license is made available to the customer, as well as revenue recognized ratably over the contract period for support and maintenance based on the stand-ready nature of these elements. For SaaS arrangements that do not contain variable consideration, and for support and maintenance, we recognize revenue ratably over the contract period as the Company satisfies its performance obligation, beginning on the date the Company makes its service available to the customer. Because of this revenue recognition methodology, a single, large term-based or perpetual license in a given period may distort our operating results for that period. In contrast, the impact of agreements that are recognized ratably may take years to be fully reflected in our financial statements. Consequently, a significant increase or decline in our subscription SaaS and support and maintenance contracts in any one quarter will not be fully reflected in the results for that quarter, but will affect our revenue in future quarters. This also makes it challenging to forecast our revenue for future periods, as both the mix of solutions, solution packages and services we will sell in a given period, as well as the size of contracts, is difficult to predict.

Furthermore, the presentation of our financial results requires us to make estimates and assumptions that may affect revenue recognition. In some instances, we could reasonably use different estimates and assumptions, and changes in estimates are likely to occur from period to period. See “Item 8. Financial Statements and Supplementary Data — Note 1. Business and Summary of Significant Accounting Policies — Revenue Recognition.” Given the foregoing factors, our actual results could differ significantly from our estimates, comparing our revenue and operating results on a period-to-period basis may not be meaningful, and our past results may not be indicative of our future performance.

If our estimates or judgments relating to our critical accounting policies prove to be incorrect or financial reporting standards or interpretations change, our results of operations could be adversely affected.

The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and in our consolidated financial statements and related notes included elsewhere in this Annual Report. The results of

44

these estimates form the basis for making judgments about the carrying values of assets, liabilities and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements include those related to the determination of revenue recognition, and more specifically, the estimation and allocation of the transaction price to each performance obligation based on a relative standalone selling price, allowance for doubtful accounts, valuation and impairment of intangible assets and goodwill, impairment of other long-lived assets, useful lives of property and equipment and definite-lived intangible assets and the period of benefit generated from our deferred contract acquisition costs. Our results of operations may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our results of operations to fall below the expectations of industry or financial analysts and investors, resulting in a decline in the trading price of our common stock.

Additionally, we regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and drafts thereof that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we might be required to change our accounting policies, alter our operational policies and implement new or enhance existing systems so that they reflect new or amended financial reporting standards, or we may be required to restate our published financial statements. Such changes to existing standards or changes in their interpretation may have an adverse effect on our reputation, business, financial position and profit/loss, or cause an adverse deviation from our revenue and operating profit target, which may negatively impact our financial results.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our business, operating results and financial condition.

Our sales contracts are primarily denominated in U.S. dollars, and therefore our revenue is not subject to significant foreign currency risk. However, strengthening of the U.S. dollar increases the real cost of our solutions to our customers outside of the United States, which could lead to delays in the purchase of our solutions and the lengthening of our sales cycle. If the U.S. dollar continues to strengthen, this could adversely affect our financial condition and operating results. In addition, increased international sales in the future, including through our channel partners and other partnerships, may result in greater foreign currency denominated sales, increasing our foreign currency risk. Our operating expenses incurred outside the U.S. are primarily denominated in the currency of the country in which such expenses are incurred. As our business continues to grow globally, our exposure to currency exchange rates may increase, which could negatively affect our business, operating results and financial condition. We do not currently hedge against the risks associated with currency fluctuations but may do so in the future.

We may require additional capital to expand our operations and invest in new solutions, and failure to do so could reduce our ability to compete and could harm our business and financial condition.

We may need to raise additional funds in the future to fund our operating expenses, make capital purchases and acquire or invest in business or technology, and we may not be able to obtain those funds on favorable terms, or at all. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in additional debt financing, the holders of our debt would have priority over the holders of our common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness or our ability to pay any dividends on our common stock, though we do not intend to pay dividends in the foreseeable future. We may also be required to take other actions, any of which could harm our business and operating results. If we need to access the capital markets, there can be no assurance that financing may be available on attractive terms, if at all. If we are unable to obtain adequate financing, or financing on terms satisfactory to us, when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly limited, and our business, operating results, financial condition and prospects could be materially and adversely affected. See also “We have indebtedness, which may increase risk to our business and your investment in us.”

Our Company may have undisclosed liabilities and any such liabilities could negatively impact our revenues, business, prospects, financial condition and results of operations.

Before the Closing, Legacy Appgate conducted due diligence on the Company customary and appropriate for a transaction similar to the Merger. However, the due diligence process may not reveal all material liabilities of our Company currently existing or which may be asserted in the future against our Company relating to its activities before the Closing. In addition, the Merger Agreement contains representations with respect to the absence of any liabilities. However, there can be no assurance that our Company will not have any liabilities upon Closing that we are unaware of or that we will be successful in enforcing any indemnification provisions or that such indemnification provisions will be adequate to

45

reimburse us. Any such liabilities of our Company that survived the Closing could negatively impact our revenues, business, prospects, financial condition and results of operations.

Risks Related to the Ownership of Our Common Stock

The market price of our common stock has been volatile and may continue to be volatile, and you could lose all or part of your investment.

Prior to the closing of the Merger, there was no public trading market for shares of Legacy Appgate’s common stock, and shares of Newtown Lane were thinly traded. Following the Merger through March 24, 2023, our common stock has been volatile, with our opening/closing price ranging from a high of $21.25 to a low of $1.21. It is possible that neither an active nor liquid trading market for our common stock will develop, and, if such a market does develop, it is possible that such market will not be sustained, which could make it difficult for you to sell your shares of common stock at an attractive price or at all.

Many factors, many of which are outside our control, may cause the market price for shares of our common stock to fluctuate significantly, including those described elsewhere in this “Risk Factors” section, as well as the following:

•actual or anticipated changes or fluctuations in our operating results;

•the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections;

•announcements by us or our competitors of new products or new or terminated significant contracts, commercial relationships or capital commitments;

•industry or financial analyst or investor reaction to our press releases, other public announcements and filings with the SEC;

•rumors and market speculation involving us or other companies in our industry;

•price and volume fluctuations in the overall stock market from time to time;

•volume fluctuations in the trading of our common stock from time to time;

•changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;

•the sales of shares of our common stock by us or our stockholders;

•failure of industry or financial analysts to maintain coverage of us, changes in financial estimates by any analysts who follow our company, or our failure to meet these estimates or the expectations of investors;

•actual or anticipated developments in our business or our competitors’ businesses or the competitive landscape generally;

•litigation involving us, our industry or both, or investigations by regulators into our operations or those of our competitors;

•developments or disputes concerning our intellectual property rights or our solutions, or third-party proprietary rights;

•announced or completed acquisitions of businesses or technologies by us or our competitors;

•actual or perceived privacy, data protection, or information security incidents or breaches;

•new laws or regulations or new interpretations of existing laws or regulations applicable to our business;

46

•any major changes in our management or our Board;

•general economic conditions and slow or negative growth of our markets; and

•other events or factors, including those resulting from war, incidents of terrorism, global pandemics or responses to these events.

In addition, the stock market in general, and the market for technology companies in particular, has experienced price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry factors may affect the market price of our common stock, regardless of our actual operating performance.

Our common stock is currently thinly traded, liquidity is limited, and we may be unable to obtain listing of our common stock on a more liquid market.

Our common stock is currently thinly traded and quoted on the OTC Markets, which provide significantly less liquidity than a national securities exchange such as the NYSE or Nasdaq. In addition, approximately 95.9% of our common stock is held by affiliates who are subject to certain trading restrictions with respect to their common stock. Without a large public float, our common stock is less liquid than the stock of companies with broader public ownership, and, as a result, the trading prices of our common stock may be more volatile.

For the foregoing reasons, purchasers of our common stock may be subject to price volatility risk given the price of our common stock may change dramatically from a relatively small trading volume, which may also make our common stock more vulnerable to price manipulation attempts. We cannot predict the prices at which our common stock will trade in the future, if at all.

As a former shell company, resales of shares of our restricted common stock in reliance on Rule 144 of the Securities Act are subject to the requirements of Rule 144(i).

We previously were a “shell company” and, as such, sales of our securities pursuant to Rule 144 under the Securities Act of 1933, as amended, cannot be made unless, among other things, at the time of a proposed sale, we are subject to the reporting requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, as amended, and have filed all reports and other materials required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 as amended, as applicable, during the preceding 12 months, other than Form 8-K reports. Because, as a former shell company, the reporting requirements of Rule 144(i) will apply regardless of holding period, restrictive legends on certificates for shares of our common stock cannot be removed except in connection with an actual sale that is subject to an effective registration statement under, or an applicable exemption from the registration requirements of, the Securities Act. Because our unregistered securities cannot be sold pursuant to Rule 144 unless we continue to meet such requirements, any unregistered securities we issue will have limited liquidity unless we continue to comply with such requirements.

SIS Holdings can control our business and affairs and may have conflicts of interest with us in the future.

As of the date of this Annual Report, SIS Holdings, through which, among others, BC Partners and Medina Capital (the “Investors”) hold an indirect interest in our common stock, collectively own approximately 89% of our common stock. As a result, so long as the Investors and/or their affiliates remain our controlling stockholders they will be able to control, directly or indirectly, and subject to applicable law, all matters affecting us, including:

•any determination with respect to our business direction and policies, including the appointment and removal of officers and directors;

•any determinations with respect to mergers, business combinations or disposition of assets;

•compensation and benefit programs and other human resources policy decisions;

•the payment of dividends on our common stock; and

•determinations with respect to tax matters.

47

In addition, the Investors are in the business of making investments in companies and may from time to time acquire and hold interests in businesses that compete directly or indirectly with us. One or more of the Investors may also pursue acquisition opportunities that may be complementary to our business and, as a result, those acquisition opportunities may not be available to us. So long as the Investors, or their respective affiliates, continue to own a significant amount of the outstanding shares of our common stock, even if such amount is less than 50%, the Investors will continue to be able to strongly influence us. Certain of our directors are affiliates of the Investors, and our A&R Charter provides that, subject to certain limitations, none of our directors or officers, or any of their affiliates, will have any duty to refrain from (i) engaging in a corporate opportunity in the same or similar lines of business in which we or our affiliates now engage or propose to engage or (ii) otherwise competing with us or our affiliates.

If we list our common stock on the NYSE or Nasdaq, we will be considered a “controlled company” within the meaning of the rules of the NYSE or Nasdaq stock market, as applicable, and, as a result, will qualify for exemptions from certain corporate governance requirements.

The OTC Markets do not prescribe corporate governance requirements for companies that trade on those markets. We intend to apply to list our common stock on either the NYSE or Nasdaq stock market. As of the date of this Annual Report, SIS Holdings, through which the other Investors hold an indirect interest in our common stock, owns approximately 89% of our common stock. As a result, we are considered as a “controlled company” within the meaning of the corporate governance standards of the NYSE and Nasdaq. Under these rules, a listed company of which more than 50% of the voting power is held by an individual, group or another company is a “controlled company” and may elect not to comply with certain corporate governance requirements, including:

•the requirement that a majority of the board of directors consist of independent directors;

•the requirement that our nominating and corporate governance committee be composed entirely of independent directors with a written charter addressing the committee’s purpose and responsibilities;

•the requirement that our compensation committee be composed entirely of independent directors with a written charter addressing the committee’s purpose and responsibilities; and

•the requirement for an annual performance evaluation of our corporate governance and compensation committees.

While SIS Holdings controls a majority of the voting power of our outstanding common stock, we may elect to rely on these exemptions and, as a result, may not have a majority of independent directors on our Board. When established, our nominating and corporate governance and compensation committees may also not consist entirely of independent directors. Accordingly, holders of our common stock do not have the same protections afforded to stockholders of companies that are subject to all of the corporate governance requirements of the NYSE or Nasdaq.

Future sales, or the perception of future sales, by us or our existing stockholders in the public market following the Merger could cause the market price for our common stock to decline.

The sale of substantial amounts of shares of our common stock in the public market, or the perception that such sales could occur, could harm the prevailing market price of shares of our common stock. These sales, or the possibility that these sales may occur, also might make it more difficult for us to sell equity securities in the future at a time and at a price that we deem appropriate or to raise additional funds through future offerings of other securities.

In addition, certain holders of our common stock and the Convertible Senior Notes are entitled to rights with respect to registration of their shares under the Securities Act pursuant to certain registration rights agreements. If these holders of our common stock and/or the Convertible Senior Notes, by exercising their registration rights, sell a large number of shares, they could adversely affect the market price for our common stock.

We may also issue our shares of common stock or securities convertible into shares of our common stock from time to time in connection with a financing, acquisition, investments or otherwise. Any such issuance could result in substantial dilution to our existing stockholders and cause the market price of our common stock to decline.

48

We do not intend to pay dividends in the foreseeable future. As a result, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.

We have never declared or paid any cash dividends on our common stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends on our common stock in the foreseeable future. Any determination to pay dividends in the future will be at the discretion of our Board. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.

If industry or financial analysts do not publish research about our business, or if they issue inaccurate or unfavorable research regarding our common stock, our stock price and trading volume could decline.

The trading market for our common stock is influenced by, among other things, the research and reports that industry or financial analysts publish about us or our business. We do not control these analysts, or the content and opinions included in their reports. We may be slow to attract research coverage and the analysts who publish information about our common stock will have had relatively little experience with our company, which could affect their ability to accurately forecast our results and make it more likely that we fail to meet their estimates. If we are unable to attract research coverage, this could limit investor interest in our securities and result in decreased trading liquidity. Further, if any of the analysts who cover us issues an inaccurate or unfavorable opinion regarding our stock price, our stock price would likely decline and it could cause our trading liquidity to decline. In addition, the stock prices of many companies in the technology industry have declined significantly after those companies have failed to meet, or significantly exceed, the expectations of analysts. If our financial results fail to meet, or significantly exceed, the expectations of analysts or public investors, analysts could downgrade our common stock or publish unfavorable research about us. If one or more of these analysts cease coverage of our company or fail to publish reports on us regularly, our visibility in the financial markets could decrease, which in turn could cause our stock price or trading liquidity to decline.

If our operating and financial performance in any given period do not meet or exceed the guidance that we provide to the public, the market price of our common stock may decline.

We may, but are not obligated to, provide public guidance on our expected operating and financial results for future periods. If we elect to issue such guidance, it will be composed of forward-looking statements subject to the risks and uncertainties described in this Annual Report. Our actual results may not always be in line with or exceed any guidance we have provided, especially in times of economic uncertainty. If, in the future, our operating or financial results for a particular period do not meet any guidance we provide or the expectations of investment analysts, or if we reduce our guidance for future periods, the market price of our common stock may decline.

Our A&R Charter designates specific courts as the exclusive forum for certain litigation that may be initiated by our stockholders, which could limit our stockholders’ abilities to obtain a favorable judicial forum for disputes with us or our directors, officers or employees.

Our A&R Charter provides that, unless we consent in writing to the selection of an alternative forum, the sole and exclusive forum, to the fullest extent permitted by law, for (1) any derivative action or proceeding brought on our behalf, (2) any action asserting a claim of breach of a fiduciary duty owed by any of our current or former directors, officers or other employees or stockholders to us or our stockholders, creditors or other constituents, or a claim of aiding and abetting any such breach of fiduciary duty, (3) any action asserting a claim against us or any of our directors or officers or other employees or stockholders arising pursuant to, or any action to interpret, apply, enforce any right, obligation or remedy under or determine the validity of, any provision of the DGCL or our A&R Charter or A&R Bylaws or as to which the DGCL confers jurisdiction on the Court of Chancery of the State of Delaware, (4) any action asserting a claim that is governed by the internal affairs doctrine, or (5) any other action asserting an “internal corporate claim” under the DGCL shall be the Court of Chancery of the State of Delaware (or, if and only if the Court of Chancery does not have subject matter jurisdiction, another state court sitting in the State of Delaware or, if and only if neither the Court of Chancery nor any state court sitting in the State of Delaware has subject matter jurisdiction, then the federal district court for the District of Delaware) (the “Delaware Forum Provision”). Notwithstanding the foregoing, our A&R Charter provides that the Delaware Forum Provision will not apply to any actions arising under the Securities Act or the Exchange Act. Section 27 of the Exchange Act creates exclusive federal jurisdiction over all suits brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. Our A&R Charter further provides that unless we consent in writing to the selection of an alternative forum, the federal district court for the District of Delaware shall, to the fullest extent permitted by law, be the sole and exclusive forum for resolving any complaint asserting a cause of action arising

49

under the Securities Act (the “Federal Forum Provision”). We note, however, that there is uncertainty as to whether a court would enforce this provision and that investors cannot waive compliance with the federal securities laws and the rules and regulations thereunder. Section 22 of the Securities Act creates concurrent jurisdiction for state and federal courts over all suits brought to enforce any duty or liability created by the Securities Act or the rules and regulations thereunder.

The Delaware Forum Provision and the Federal Forum Provision may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or other employees, which may discourage lawsuits against us and our directors, officers and other employees. Alternatively, if a court were to find the Delaware Forum Provision or the Federal Forum Provision to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition or results of operations. Any person or entity purchasing or otherwise acquiring any interest in our shares of capital stock shall be deemed to have notice of and consented to the Delaware Forum Provision and the Federal Forum Provision, but will not be deemed to have waived our compliance with the federal securities laws and the rules and regulations thereunder.

We may issue preferred stock whose terms could adversely affect the voting power or value of our common stock.

Our A&R Charter authorizes us to issue, without the approval of our stockholders, one or more classes or series of preferred stock having such designations, preferences, limitations and relative rights, including preferences over our common stock with respect to dividends and distributions, as our Board may determine. The terms of one or more classes or series of preferred stock could adversely impact the voting power or value of our common stock. For example, we might grant holders of preferred stock the right to elect some number of our directors in all events or on the happening of specified events or the right to veto specified transactions. Similarly, the repurchase or redemption rights or liquidation preferences we might assign to holders of preferred stock could affect the residual value of the common stock.

Anti-takeover provisions in our governing documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management or directors and limit the market price of our common stock.

Our A&R Charter, A&R Bylaws and Delaware law contain provisions that could have the effect of rendering more difficult, delaying or preventing an acquisition deemed undesirable by our Board. Among other things, our A&R Charter and/or A&R Bylaws include the following provisions:

•a staggered board, which means that our Board is classified into three classes of directors with staggered three-year terms and, from and after a Trigger Event (as defined in the A&R Charter), directors are only able to be removed from office for cause and only upon the affirmative vote of the holders of at least 66 2/3% in voting power of all of the then outstanding shares of our common stock entitled to vote thereon;

•limitations on convening special stockholder meetings, which could make it difficult for our stockholders to adopt desired governance changes;

•a prohibition on stockholder action by written consent from and after the Trigger Event;

•a forum selection clause, which means certain litigation against us can only be brought in Delaware;

•from and after the Trigger Event, require the affirmative vote of holders of at least 75% of the voting power of all of the then outstanding shares of common stock to amend provisions of the A&R Charter relating to the management of our business, the Board, stockholder action by written consent, competition and corporate opportunities, Section 203 of the DGCL, forum selection and the liability of our directors, or to amend, alter, rescind or repeal our A&R Bylaws;

•the authorization of undesignated preferred stock, the terms of which may be established and shares of which may be issued without further action by our stockholders; and

•advance notice procedures, which apply for stockholders to nominate candidates for election as directors or to bring matters before an annual meeting of stockholders.

50

These provisions, alone or together, could delay or prevent hostile takeovers and changes in control or changes in our management. We have opted out of Section 203 of the DGCL. However, our A&R Charter contains similar provisions providing that we many not engage in certain “business combinations” with any “interested stockholder” for a three-year period following the time that the stockholder became an interested stockholder, unless (i) prior to the time such stockholder became an interested stockholder, the Board approved the transaction that resulted in such stockholder becoming an interested stockholder, (ii) upon consummation of the transaction that resulted in such stockholder becoming an interested stockholder, the interested stockholder owned at least 85% of the common stock or (iii) following Board approval, the business combination receives the approval of the holders of at least two-thirds of our outstanding common stock not held by such interested stockholder at an annual or special meeting of stockholders. Our A&R Charter provides that the Investors and their respective affiliates, and any of their respective direct or indirect transferees and any group as to which such persons are a party, do not constitute “interested stockholders” for purposes of this provision.

In addition, our A&R Charter provides that the federal district courts of the United States will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act but that the forum selection provision will not apply to claims brought to enforce a duty or liability created by the Exchange Act.

Any provision of our A&R Charter, A&R Bylaws or Delaware law that has the effect of delaying, preventing or deterring a change in control could limit the opportunity for our stockholders to receive a premium for their shares of our common stock and could also affect the price that some investors are willing to pay for our common stock.

Risks Related to Our Outstanding Indebtedness

We have indebtedness, which may increase risk to our business and your investment in us.

Concurrently with the execution of the Merger Agreement, Legacy Appgate entered into the Note Purchase Agreement with the Noteholders and the Note Issuance Agreement with Legacy Appgate’s wholly owned domestic subsidiaries and Magnetar (the Note Purchase Agreement and the Note Issuance Agreement, as amended, collectively, the “Note Agreements”). Pursuant to the Note Agreements, Legacy Appgate issued and sold to the Noteholders $50.0 million aggregate principal amount of Initial Convertible Senior Notes on February 9, 2021 and agreed to issue and sell to the Noteholders $25.0 million aggregate principal amount of Additional Convertible Senior Notes on the date of the consummation of the Merger. Interest on the Convertible Senior Notes is payable either entirely in cash or entirely in kind (“PIK Interest”), or a combination of cash and PIK Interest at our option. The Convertible Senior Notes bear interest at the annual rate of 5.0% with respect to interest payments made in cash and 5.5% with respect to PIK Interest. In connection with the consummation of the Merger, Legacy Appgate issued the Additional Convertible Senior Notes and Newtown Lane entered into a Supplemental Agreement, providing for the assumption or guarantee by Newtown Lane of all of Legacy Appgate’s obligations under the Note Agreements and the substitution of the Company’s common stock for Legacy Appgate’s capital stock thereunder in all respects. In addition, on February 1, 2023, Legacy Appgate issued approximately $2.1 million in PIK Notes with respect to a single interest payment date. For additional details on the Convertible Senior Notes see “Item 7—Management’s Discussion and Analysis of Financial Condition and Results of Operations—Liquidity and Capital Resources.”

In addition, on April 26, 2022, Legacy Appgate, the Company, certain subsidiaries of Legacy Appgate and SIS Holdings entered into the Revolving Credit Agreement. The Revolving Credit Agreement provides for a $50.0 million unsecured, revolving credit facility and will mature, on the earlier to occur of (a) June 30, 2023, (b) the closing of a registered offering of Capital Stock (as defined in the Revolving Credit Agreement) of Appgate in an aggregate amount equal to $50.0 million or more or (c) the date of which the Loans (as defined in the Revolving Credit Agreement) are accelerated upon an Event of Default (as defined in the Revolving Credit Agreement). Interest will accrue on amounts drawn under the Revolving Credit Agreement at a rate of 10.0% per annum, payable in cash on the Final Maturity Date (as defined in the Revolving Credit Agreement). The Revolving Credit Agreement is subordinated to the Convertible Senior Notes. All obligations under the Revolving Credit Agreement are guaranteed by Appgate and Legacy Appgate’s domestic subsidiaries.

Our ability to make scheduled payments of the principal of, to pay cash interest on, the Convertible Senior Notes and the Revolving Credit Facility, or to refinance the Convertible Senior Notes or the Revolving Credit Facility, or any other indebtedness we may incur, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. Our business may not generate cash flow from operations in the future sufficient to service our debt and make necessary capital expenditures. The Note Agreements and the Revolving Credit Agreement contain customary restrictive covenants that limit our ability to engage in activities that may be in our long-term best interest. Those covenants include restrictions on our ability to, among other things, incur additional debt and issue

51

disqualified stock; create liens; pay dividends, acquire shares of capital stock, or make certain investments; issue guarantees; sell certain assets and enter into transactions with affiliates. The Note Issuance Agreement and Revolving Credit Agreement also each contain a financial covenant that requires that we maintain liquidity of not less than $10.0 million as of the last day of any calendar month. Our failure to comply with any of those covenants could result in an event of default which, if not cured or waived, could result in the acceleration of our debt issued under the Note Agreements or Revolving Credit Facility. Any such event of default or acceleration could have an adverse effect on the trading price of our common stock. Furthermore, the terms of any future debt we may incur could have further additional restrictive covenants. We may not be able to maintain compliance with these covenants in the future, and in the event that we are not able to maintain compliance, we cannot assure you that we will be able to obtain waivers from the lenders or amend the covenants.

If we are unable to generate such cash flow, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or obtaining additional debt financing or equity capital on terms that may be onerous or highly dilutive. Pursuant to the Note Purchase Agreement, Magnetar has certain rights of first offer to purchase no less than 25% of the amount issued by us in certain debt financings, subject to certain exceptions and certain preemptive rights in connection with equity issuances by us, subject to certain exceptions, which may make obtaining additional debt financing or raising equity capital more difficult. Our ability to refinance any future indebtedness will depend on the capital markets, contractual restrictions and our financial condition at such time. We may not be able to engage in any of these activities or engage in these activities on desirable terms, which could result in a default on our debt obligations. In addition, any of our future debt agreements may contain restrictive covenants that may prohibit us from adopting any of these alternatives. Our failure to comply with these covenants could result in an event of default which, if not cured or waived, could result in the acceleration of our debt.

We may not have the ability to raise the funds necessary to repurchase the Convertible Senior Notes for cash upon occurrence of certain events, and conversion of the Convertible Senior Notes may affect the value of our common stock by causing dilution to our existing stockholders.

Holders of the Convertible Senior Notes have the right to require us to repurchase their Convertible Senior Notes upon the occurrence of (i) a fundamental change (as defined in the Note Issuance Agreement) at a repurchase price equal to 100% of the principal amount of the Convertible Senior Notes to be repurchased, plus accrued and unpaid interest, if any, or (ii) upon a change of control (as defined in the Note Issuance Agreement) at a repurchase price equal to 102% of the principal amount of the Convertible Senior Notes to be repurchased, plus accrued and unpaid interest, if any. We may not have enough available cash or be able to obtain financing at the time we are required to make such repurchases of Convertible Senior Notes. In addition, our ability to repurchase the Convertible Senior Notes or to pay cash upon conversions of the Convertible Senior Notes may be limited by law, by regulatory authority or by agreements governing our future indebtedness. Our failure to repurchase Convertible Senior Notes at a time when the repurchase is required by the Note Issuance Agreement would constitute a default under the Note Issuance Agreement. A default under the Note Issuance Agreement or the fundamental change itself could also lead to a default under the Revolving Credit Agreement and/or agreements governing our future indebtedness. If the repayment of the related indebtedness were to be accelerated after any applicable notice or grace periods, we may not have sufficient funds to repay the indebtedness and repurchase the Convertible Senior Notes or make cash interest or principal payments.

In addition, our indebtedness, combined with our other financial obligations and contractual commitments, could have other important consequences. For example, it could:

•make us more vulnerable to adverse changes in general U.S. and worldwide economic, industry and competitive conditions and adverse changes in government regulation;

•limit our flexibility in planning for, or reacting to, changes in our business and our industry;

•place us at a disadvantage compared to our competitors who have less debt;

•limit our ability to borrow additional amounts to fund acquisitions, for working capital and for other general corporate purposes; and

•make an acquisition of our company less attractive or more difficult.

Any of these factors could harm our business, results of operations and financial condition. In addition, if we incur additional indebtedness, the risks related to our business and our ability to service or repay our indebtedness would increase.

52

Subject to certain exceptions, prior to maturity, each holder of Convertible Senior Notes shall have the option to convert all or any portion of such Convertible Senior Notes into our common stock in accordance with the terms of the Note Issuance Agreement. If holders of our Convertible Senior Notes elect to convert their notes, we may be obligated to deliver them a significant number of shares of our common stock, which would cause dilution to our existing stockholders.

Item 1B. Unresolved Staff Comments

Not applicable.

Item 2. Properties

Our corporate headquarters are located in Coral Gables, Florida. We also have additional offices in multiple other locations in the United States, as well as locations internationally, including in Colombia, Sweden and Argentina. We do not own any real estate. We believe our current facilities are adequate to meet our needs for the immediate future and that, should it be needed, suitable additional space will be available to accommodate expansion of our operations.

Item 3. Legal Proceedings

From time to time, we may be subject to legal proceedings and claims arising in the ordinary course of business. We are not presently party to any legal proceedings the resolution of which would have a material adverse effect on our financial condition, results of operations or liquidity.

Item 4. Mine Safety Disclosures

Not applicable.

53

PART II

Item 5. Market for Our Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

Market Information.

Our common stock is quoted on the OTC Markets under the symbol “APGT”. Any over-the-counter market quotations reflect inter-dealer prices, without retail mark-up, mark-down or commission and may not necessarily represent actual transactions.

Holders.

As of March 24, 2023, there were 54 record holders of our issued and outstanding shares of common stock.

This number does not include the number of persons whose shares are in nominee or in “street name” accounts through brokers.

Item 6. [Reserved]

Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations

The following discussion and analysis provides information we believe is relevant to an assessment and understanding of our results of operations, financial condition, liquidity and cash flows for the periods presented. This discussion should be read in conjunction with our audited consolidated financial statements and related notes contained elsewhere in this Annual Report. This discussion contains forward-looking statements that are based upon our current expectations, including with respect to our future revenues and operating results. Our actual results may differ materially from those anticipated in such forward-looking statements as a result of various factors, including those set forth under “Risk Factors” and “Cautionary Statement Regarding Forward-Looking Statements” contained elsewhere in this Annual Report. We operate on a calendar year basis. Thus, references to 2022, for example, refer to Appgate’s year ended December 31, 2022. Capitalized terms used in this section and not defined herein have the respective meanings given to such terms elsewhere in this Annual Report. Numbers and percentages presented throughout this discussion and analysis may not always add up to equivalent totals and/or to 100% due to rounding.

Overview of Our Business

We believe we are defining a new category of Zero Trust access for enterprises and governments. Our Zero Trust platform is designed to protect against increasingly damaging breaches through innovative, identity-centric, context-aware solutions. Our pure-play focus on Zero Trust has enabled us to deliver the highest ranked current Zero Trust Network Access offering as determined by the Forrester New Wave™: Zero Trust Network Access, Q3 2021.

This new Zero Trust paradigm is needed today because enterprises are undergoing digital transformation as they seek to automate operations, generate new revenue streams, transition business models and deliver a seamless customer experience. Simultaneously, the number and sophistication of cyberattacks have increased dramatically, as has their costs and frequency. This combination of more vulnerable networks and more malicious activity has created a cybersecurity crisis, changing the threat landscape organizations face. As a result, enterprises require security access solutions that proactively ensure the right user has authorized access to the right resources at the right time.

We believe that our Zero Trust solutions secure an enterprise’s exponentially increased attack surface, which occurs as a result of their digital transformation journey. We also offer digital threat protection and risk-based authentication tools to identify and eliminate attacks before they occur, across social media, phishing attacks, bogus websites, and malicious mobile apps.

We sell our solutions primarily through a recurring revenue license model or subscription, and we employ a ‘land and expand’ strategy to generate incremental revenue through the addition of new users and the sale of additional products. Our annual recurring revenue (“ARR”) was $33.7 million and $31.1 million at December 31, 2022 and 2021, respectively. Our dollar-based net retention rates were 96% and 114% at December 31, 2022 and 2021, respectively. Our number of customers generating over $100,000 ARR increased 3% from December 31, 2021 to December 31, 2022, driven by elevated C-suite and board level dialogue and customer prioritization of a Zero Trust posture. See “— Key Business Metrics” for additional information regarding ARR and dollar-based net retention rate.

54

We have achieved revenue of over $40.0 million in both 2022 and 2021. We continue to invest in growing our business and, as a result, we incurred losses from continuing operations of $80.1 million and $54.2 million for 2022 and 2021, respectively.

Factors Affecting Our Business

Reduction in Force

On July 25, 2022, we substantially completed a reduction in force (the “Reduction”) of approximately 22% of our workforce. In connection with the Reduction, we incurred approximately $1.8 million of costs and expenses, primarily comprising severance and termination-related costs, which we recognized in the third quarter of 2022.

On February 2, 2023, we substantially completed a reduction in force (the “February Reduction”) of approximately 8% of our workforce. In connection with the February Reduction, we incurred approximately $0.5 million of costs and expenses, primarily comprising severance and termination-related costs, which we recognized in the first quarter of 2023.

Merger with Newtown Lane

On October 12, 2021, Legacy Appgate successfully completed its merger with a direct, wholly owned subsidiary of Newtown Lane. Upon closing of the Merger, Newtown Lane changed its name to Appgate, Inc., and our common stock is now quoted on the OTC Markets under the symbol “APGT.” The Merger has been accounted for as a reverse capitalization, and the historical financial statements contained in this Annual Report are those of: (1) except for the equity, which was retroactively restated following applicable accounting guidance, Legacy Appgate with respect to all periods prior to consummation of the Merger, and (2) those of us, inclusive of Newtown Lane for the period subsequent to the Merger. We expensed $3.1 million in transaction costs during 2021 in connection with the Merger.

Public Company Costs

Following the consummation of the Merger, we became a public company, which required hiring of additional staff and implementation of processes and procedures to address public company regulatory requirements and customary practices. We expect to continue to incur substantial annual expenses for, among other things, directors’ and officers’ liability insurance, director fees and additional internal and external costs for investor relations, accounting, audit, legal, corporate secretary and other functions.

Formation and Cyxtera Spin-Off

Prior to December 31, 2019, Legacy Appgate was wholly owned by Cyxtera. On December 31, 2019, Cyxtera consummated several transactions (the “Cyxtera Spin-Off”), following which Legacy Appgate became a stand-alone entity. The transactions separated Cyxtera’s data center business from Legacy Appgate’s cybersecurity business. Upon consummation of the Cyxtera Spin-Off, Legacy Appgate and Cyxtera Management, Inc., a wholly-owned subsidiary of Cyxtera (the “Management Company”) entered into a transition services agreement (the “Transition Services Agreement”), pursuant to which the Management Company provided certain transition services to Legacy Appgate, and Legacy Appgate provided certain transition services to the Management Company. The term under the Transition Services Agreement commenced on January 1, 2020 and ended on June 30, 2021. Substantially all of the obligations under the Transition Services Agreement ceased on December 31, 2020.

During 2021, the Management Company charged Legacy Appgate $0.1 million for services rendered under the Transition Services Agreement. Such costs are included in general and administrative expenses in our consolidated statement of operations.

During 2021, Legacy Appgate charged the Management Company $0.1 million for services provided to the Management Company and its affiliates by Legacy Appgate under the Transition Services Agreement. Income for these services is included in other expense, net in our consolidated statement of operations.

On February 8, 2021, Legacy Appgate made a payment of $1.0 million to Cyxtera as settlement in full of trade balances with Cyxtera and its subsidiaries and other amounts due to / from under the Intercompany Master Services Agreement (as defined below) and the Transition Services Agreement, which trade balances and other amounts totaled $2.6 million.

55

Because the Management Company was an affiliate under common control with Legacy Appgate at the time of repayment, the settlement of these amounts was recognized as a capital contribution of $1.6 million.

Promissory Notes

On March 31, 2019, Legacy Appgate issued promissory notes to each of Cyxtera and the Management Company (together, the “Promissory Notes”), which had a combined initial aggregate principal amount of $95.2 million and provided for additional borrowings during the term of the Promissory Notes for additional amounts not to exceed approximately $52.5 million in the aggregate. Interest accrued on the unpaid principal balance of the Promissory Notes at a rate per annum equal to 3% and was payable upon the maturity of the Promissory Notes. Each Promissory Note had an initial maturity date of March 30, 2020, which was extended until March 30, 2021 by amendments entered into effective as of March 30, 2020.

On February 8, 2021, Legacy Appgate repaid Cyxtera $20.6 million, representing the entirety of the then outstanding principal and interest under the Promissory Note issued to Cyxtera, and Legacy Appgate made a partial repayment of $99.0 million to the Management Company on the then outstanding principal and interest of $133.6 million under the Promissory Note issued to the Management Company. On that same date, the Management Company issued Legacy Appgate a payoff letter, extinguishing the balance remaining unpaid following such repayment. Because Cyxtera was Legacy Appgate’s direct parent at the time of issuance of the Promissory Notes and an affiliate under common control with Legacy Appgate at the time of repayment, Legacy Appgate accounted for the note extinguishment of $34.6 million as a capital contribution in 2021.

Sale of Brainspace

On September 30, 2020, Legacy Appgate adopted a plan for the sale of Brainspace Corporation (“Brainspace”), a formerly wholly owned subsidiary of Legacy Appgate, which met the criteria for discontinued operations under Accounting Standards Codification (“ASC”) Topic 205-20, Presentation of Financial Statements — Discontinued Operations — see Note 5 to our consolidated financial statements for discontinued operations disclosures included elsewhere in this Annual Report. On December 17, 2020, Legacy Appgate entered into a securities purchase agreement with respect to the sale of 100% of the outstanding equity interests of Brainspace for cash consideration of $125.0 million, and the sale transaction closed on January 20, 2021. Brainspace offered a comprehensive and advanced data analytics platform for investigations, eDiscovery, intelligence mining, and compliance. Unless otherwise stated, all discussion of Legacy Appgate’s results of operations included in this discussion and analysis focus on continuing operations and exclude the discontinued Brainspace operations.

Key Business Metrics

Our management reviews a number of key performance indicators, each as described below, to evaluate our business, measure our performance, identify trends affecting our business, formulate business plans and make strategic decisions.

Annual Recurring Revenue

ARR is a performance indicator that management believes provides more visibility into the growth of our revenue generated by recurring business. Our management believes ARR is a key metric to measure our business because it is driven by our ability to acquire new subscription customers and to maintain and expand our relationship with existing subscription customers. ARR also mitigates fluctuations due to seasonality, contract term, sales mix, and revenue recognition timing resulting from revenue recognition methodologies under GAAP. We define ARR as the annualized value of SaaS, subscription, and term-based license and maintenance contracts from our recurring software products in effect at the end of a given period. ARR should be viewed independently of revenue and deferred revenue as it is an operating measure and is not intended to be combined with or to replace GAAP revenue or deferred revenue, as they can be impacted by contract start and end dates and renewal rates. ARR is not intended to be a replacement or forecast of revenue or deferred revenue.

56

The table below sets forth our ARR as of the end of the years indicated below (in thousands):

	2022			2021
ARR	$	33,656		$	31,054
Change $	$	2,602
Change %	8		%

Total Customers and Number of Customers with ARR above $100,000

Our management believes that our ability to increase our number of customers is an indicator of our market penetration, the growth of our business, and our potential future business opportunities. Over time, larger customers have constituted a greater share of our total revenue, which has contributed to an increase in ARR. Our management believes there are significant upsell and cross-sell opportunities within our customer base by expanding the number of use cases. Historically, we have consistently increased our number of customers and customers with ARR above $100,000 and expect this trend to continue as a result of the growing demand for our cybersecurity solutions. Our management defines a customer as a distinct organization that has entered into a distinct agreement to access our software products for which the term has not ended or with which we are negotiating a renewal contract or the purchase of our professional services.

The below table sets forth our total customers and customers with ARR above $100,000 as of the end of the years indicated below:

	2022	2021
Total customers	647	652
Customers with ARR above $100,000	68	66

We stopped offering our Compliance Sheriff product which accounted for less than 5% of our total revenue for 2021. Total Compliance Sheriff-only customers included in our total customer count as of December 31, 2021 was 45. As a result, the change in our customer count from December 31, 2021 to December 31, 2022 reflected in this Annual Report is not indicative of our customer growth given our one-time voluntary sunsetting of our Compliance Sheriff product and its respective customers.

Dollar-Based Net Retention Rate

Our management believes that our ability to retain and grow the ARR generated from our existing subscription customers is an indicator of the long-term value of our subscription customer relationships and future business opportunities. We track our performance in this area by measuring our dollar-based net retention rate, which reflects customer renewals, expansion, contraction, and customer attrition within our ARR base. We calculate dollar-based net retention rate by dividing the numerator by the denominator as set forth below:

• Denominator: As of the end of a reporting period, ARR as of the last day of the comparable reporting period in the prior year.

• Numerator: ARR for that same cohort of customers as of the end of the reporting period in the current year, including any expansion and net of any contraction and customer attrition over the trailing 12 months, excluding ARR from new subscription customers in the current period.

Our dollar-based net retention rate was 96% and 114% at December 31, 2022 and 2021, respectively.

Key Components of Results of Operations

Revenue

We recognize revenue under ASC 606, Revenue from Contracts with Customers (“ASC 606”). Under ASC 606, we recognize revenue when our customers obtain control of goods or services in an amount that reflects the consideration that we expect to receive in exchange for those goods or services.

57

We primarily sell our software through on-premise term-based license agreements, perpetual license agreements and SaaS subscriptions, which allow our customers to use our SaaS services without taking possession of the software. Our products offer substantially the same functionality whether our customers receive them through a perpetual license, a term-based license or a SaaS arrangement. Our agreements with customers for software licenses may include maintenance contracts and may also include professional services contracts. Maintenance revenues consist of fees for providing unspecified software updates and technical support for our products for a specified term, which is typically one to three years. We offer a portfolio of professional services and extended support contract options to assist our customers with integration, optimization, training and ongoing advanced technical support. We also generate revenue from threat advisory services, including penetration testing, application assessments, vulnerability analysis, reverse engineering, architecture review and source code review.

Subscription. Our term-based license arrangements that do not contain variable consideration include both upfront revenue recognition when the distinct license is made available to the customer as well as revenue recognized ratably over the contract period for support and maintenance based on the stand-ready nature of these elements. Revenue on our SaaS arrangements that do not contain variable consideration, is recognized ratably over the contract period as we satisfy the performance obligation, beginning on the date the service is made available to our customers.

Subscription revenue represented approximately 81% and 80% of our revenue for 2022 and 2021, respectively. We expect that a majority of our revenue will continue to be from subscriptions for the foreseeable future, and we expect that subscription revenue as a percentage of total revenue will increase over time. Changes in period-over-period subscription revenue growth are primarily impacted by the following factors:

• the type of new and renewed subscriptions (i.e., term-based or SaaS); and

• the duration of new and renewed term-based subscriptions.

While the number of new and increased subscriptions during a period impacts our subscription revenue growth, the type and duration of those subscriptions have a significantly greater impact on the amount and timing of revenue recognized in a period. Subscription revenue from the software license components of term-based licenses is generally recognized at the beginning of the subscription term, while subscription revenue from SaaS and support and maintenance is generally recognized ratably over the subscription term. As a result, our revenue may fluctuate due to the timing and type of the software license components of term-based licensing transactions. In addition, keeping other factors constant, when the percentage of subscription term-based licenses to total subscriptions sold or renewed in a period increases relative to the prior period, revenue growth will generally increase. Conversely, when the percentage of subscription SaaS and support and maintenance to total subscriptions sold or renewed in a period increases, revenue growth will generally decrease, as compared to a prior period. Additionally, a multi-year subscription term-based license will generally result in greater revenue recognition up front relative to a one-year subscription term-based license. Therefore, keeping other factors constant, revenue growth will generally also trend higher in a period where the percentage of multi-year subscription term-based licenses to total subscription term-based licenses increases.

Perpetual licenses. Our perpetual license arrangements generally include both upfront revenue recognition when the distinct license is made available to the customer as well as revenue recognized ratably over the contract period for support and maintenance based on the stand-ready nature of these elements. Revenue related to support and maintenance is included as part of subscription revenue. We expect that perpetual license revenue as a percentage of total revenue will decrease over time.

For 2022 and 2021, approximately 4% and 5%, respectively, of our revenue was from perpetual licenses.

Services and other. Our services-related performance obligations predominantly relate to the provision of consulting and threat advisory services, and to a lesser extent, training and software installation. Software installation services are distinct from subscriptions and do not result in significant customization of the software. Our services are generally priced on a time and materials basis, which is generally invoiced monthly and for which revenue is recognized as the services are performed. Revenue from our training services and sponsorship fees is recognized on the date the services are complete. Over time, we expect services revenue to remain relatively stable as a percentage of total revenue.

For each of 2022 and 2021, approximately 15% of our revenue was from services and other.

58

Concentrations. The following table summarizes revenue by country and main geography in which we operate, including in the United States and Canada (“US&C”), Latin America (“LATAM”), Europe, the Middle East and Africa (“EMEA”), and Asia Pacific (“APAC”), based on the billing address of customers (including, for the avoidance of doubt, resellers and managed service providers) who have contracted with us (in thousands).

	2022		2021
Revenues by country (a):
United States	$	21,668	$	20,568
Colombia	5,440		6,735
Other	15,556		15,730
Total	$	42,664	$	43,033
Revenues by main geography:
US&C	$	23,584	$	22,694
LATAM	13,846		15,142
EMEA	3,104		2,906
APAC	2,130		2,291
Total	$	42,664	$	43,033

(a) Only the United States and Colombia represented 10% or more of our total revenue in either period presented.

No single customer (including, for the avoidance of doubt, resellers and managed service providers) accounted for 10% or more of our total revenue in either period presented.

Cost of Revenue

Cost of revenue consists primarily of employee compensation costs for employees associated with supporting our licensing arrangements and service arrangements, certain third-party expenses and the amortization of developed technology assets. Employee compensation and related costs include cash compensation and benefits to employees, equity-based compensation, costs of third-party contractors and associated overhead costs. Third-party expenses consist of cloud infrastructure costs, other expenses directly associated with our customer support, including, in limited instances, equipment purchased for resale. We expect cost of revenue to increase in absolute dollars.

Gross Profit and Gross Margin

Gross profit, or revenue less cost of revenue, and gross margin, or gross profit as a percentage of revenue, have been and will continue to be affected by various factors, including the timing of our acquisition of new customers and renewals of and follow-on sales to existing customers, the average sales price of our services, mix of services offered in our solutions, including new product introductions, the extent to which we expand our customer support and operations and the extent to which we can increase the efficiency of our technology and infrastructure through technological improvements. We currently expect gross profit to increase in absolute dollars and gross margin to increase slightly over the long term, although our gross profit and gross margin could fluctuate from period to period depending on the interplay of all the above factors.

Operating Expenses

Our operating expenses consist of sales and marketing, research and development, and general and administrative expenses. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, equity-based compensation expense and, with respect to sales and marketing expenses, sales commissions that are recognized as expenses. Operating expenses also include overhead costs for facilities, IT, depreciation expense and amortization expense.

Sales and Marketing

Sales and marketing expenses consist primarily of employee compensation and related expenses, including salaries, bonuses and benefits for our sales and marketing employees, sales commissions that are recognized as expenses over the

59

period of benefit, equity-based compensation expense, marketing and channel programs, travel and entertainment expenses, expenses for conferences and events and allocated overhead costs. We capitalize our sales commissions and associated payroll taxes and recognize them as expenses over the estimated period of benefit. The amount recognized in our sales and marketing expenses reflects the amortization of cost previously deferred as attributable to each period presented in our consolidated financial statements, as described in Note 1 — Business and Summary of Significant Accounting Policies to our audited consolidated financial statements included in Part II, Item 8 of this Annual Report - “Financial Statements and Supplementary Data”. Advertising expenses are charged to sales and marketing expense in the audited consolidated statements of operations as incurred.

We intend to continue to invest in our sales and marketing organization to drive additional revenue, further penetrate the market and expand our global customer base. As a result, we expect our sales and marketing expenses to be our largest operating expense category for the foreseeable future. In particular, we plan to continue to invest in our sales force, broadening our brand awareness and expanding and deepening our channel partner relationships. However, we currently expect sales and marketing expenses to decrease as a percentage of our revenue over the long term, although our sales and marketing expenses may fluctuate as a percentage of revenue from period to period due to the timing and extent of these expenses.

Research and Development

Research and development costs to develop software to be sold, leased or marketed are expensed as incurred up to the point of technological feasibility for the related software product. We have not capitalized development costs for software to be sold, leased or marketed to date, as the software development process is essentially completed concurrent with the establishment of technological feasibility. As such, these costs are expensed as incurred and recognized in research and development costs in the audited consolidated statements of operations.

Software developed for internal use, with no substantive plans to market such software at the time of development, is capitalized and included in property and equipment, net in the audited consolidated balance sheets. Costs incurred during the preliminary planning and evaluation and post implementation stages of the project are expensed as incurred. Costs incurred during the application development stage of the project are capitalized.

Our research and development expenses support our efforts to add new features to our existing offerings and to ensure the reliability, availability and scalability of our solutions. Our research and development teams employ software engineers in the design and the related development, testing, certification and support of our solutions. Accordingly, the majority of our research and development expenses result from employee-related costs, including salaries, bonuses and benefits and costs associated with technology tools used by our engineers.

We intend to continue to make investments in research and development to extend the features of our existing offerings and technology capabilities.

General and Administrative

General and administrative expenses consist primarily of employee-related costs, including salaries and bonuses, equity-based compensation expense and employee benefit costs for our finance, legal, human resources and administrative personnel, as well as professional fees for external legal services, accounting and other related consulting services. Litigation-related expenses, if any, include professional fees and related costs incurred by us in defending or settling significant claims that our management deem not to be in the ordinary course of our business and, if applicable, accruals related to estimated losses in connection with these claims. We expect that our general and administrative expenses will increase in absolute dollars for the foreseeable future, as we incur increased compliance costs and other related costs necessary to operate as a public company. However, we currently expect our general and administrative expenses to decrease as a percentage of revenue over the long term, although our general and administrative expenses may fluctuate as a percentage of revenue from period to period due to the timing and extent of these expenses.

Transaction Costs

In June 2022, we expensed $2.1 million of transaction costs in connection with a contemplated registered offering of equity securities. In 2021, transaction costs expensed in connection with the Merger totaled $3.1 million.

60

Depreciation and Amortization

Acquired intangible assets consist of identifiable intangible assets, including trademarks and tradenames and customer relationships resulting from business combinations. Acquired finite-lived intangible assets are initially recorded at fair value and are amortized on a straight-line basis over their estimated useful lives. Amortization expense for trademarks and tradenames and customer relationships is recorded primarily within depreciation and amortization in the consolidated statements of operations.

Change in Fair Value of Embedded Derivative Liability

We have recognized an embedded derivative liability associated to the Convertible Senior Notes. The embedded derivative is recognized at fair value and is subsequently remeasured at its estimated fair value on a recurring basis at the end of each reporting period, with changes in estimated fair value recognized as change in fair value of embedded derivative liability in our consolidated statements of operations.

Interest Expense 

Interest expense consists primarily of interest incurred on our obligations under the Convertible Senior Notes and the Revolving Credit Facility and through February 8, 2021, obligations of Legacy Appgate under the Promissory Notes. See “—Promissory Notes” above and “—Liquidity and Capital Resources” below. 

Income Tax

Through December 31, 2019, the operations of Legacy Appgate were included in the consolidated U.S. federal, state, local and foreign income tax returns filed by Cyxtera, where applicable.

Our income taxes, as presented in the consolidated financial statements, may not be indicative of the income taxes we will generate in the future. In jurisdictions where Legacy Appgate was included in the tax returns filed by Cyxtera, any income taxes payable/receivable resulting from the related income tax provisions have been reflected in the balance sheets of each separate entity’s provision.

Benefit (provision) for income taxes consists primarily of income taxes related to U.S. federal and state income taxes and income taxes in foreign jurisdictions in which we conduct business.

61

Results of Operations

The following table sets forth our consolidated results of operations for the periods presented (in thousands). The period-to-period comparisons of our historical results are not necessarily indicative of the results that may be expected in the future. The results of operations data have been derived from our audited consolidated financial statements included elsewhere in this Annual Report.

	2022		2021		Variance %
Revenue	$	42,664	$	43,033	1	%
Cost of revenue, exclusive of amortization shown below	18,112		16,069		13	%
Amortization expense	3,781		4,525		16	%
Total cost of revenue	21,893		20,594		6	%
Gross profit	20,771		22,439		7	%
Operating expenses:
Sales and marketing	44,575		39,167		14	%
Research and development	13,103		10,727		22	%
General and administrative	34,037		18,282		86	%
Transaction costs	2,059		3,099		34	%
Depreciation and amortization	5,484		5,408		1	%
Loss on abandonment of assets	1,658		—		nm
Total operating expenses	100,916		76,683		32	%
Loss from continuing operations	(80,145)		(54,244)		48	%
Change in fair value of embedded derivative liability	58,797		(78,497)		175	%
Interest expense, net	(6,443)		(3,190)		102	%
Other expenses, net	(535)		(515)		4	%
Loss from continuing operations before income taxes	(28,326)		(136,446)		79	%
Income tax expense of continuing operations	(1,759)		(2,396)		27	%
Net loss from continuing operations	(30,085)		(138,842)		78	%
Net income from discontinued operations, net of tax	—		65,714		nm
Net loss	$	(30,085)	$	(73,128)	59	%
nm = not meaningful

Revenue

Revenue from continuing operations were as follows for 2022 and 2021:

	2022		2021		Variance %
Subscription revenue	$	34,584	$	34,335	1	%
Perpetual licenses	1,650		2,055		20	%
Services and other	6,430		6,643		3	%
Total	$	42,664	$	43,033	1	%

Revenue decreased by $0.4 million, or 1%, during 2022 compared to 2021. The overall decrease in revenue was primarily attributable to a net decrease in customer count from 652 customers at December 31, 2021 to 647 customers at December 31, 2022 given, in part, to our one-time voluntary sunsetting of our Compliance Sheriff product and its respective customers, combined with decreased revenue from perpetual licenses and services and other as further explained below. These decreases were partially offset by an increase in subscription term-based licenses.

Perpetual licenses revenue accounted for 4% and 5% of our revenue in 2022 and 2021, respectively. Perpetual licenses revenue decreased $0.4 million during 2022 compared to 2021. This decrease in perpetual license revenue was driven by higher sale and deployment of new perpetual licenses in 2021 that did not reoccur in 2022. We expect this trend to continue as demand for term-based license and SaaS subscriptions continue to grow over time.

62

Subscription revenue accounted for 81% and 80% of our total revenue in 2022 and 2021, respectively. Subscription revenue increased $0.2 million, or 1%, in 2022 when compared to 2021. This increase in subscription revenue was driven by $1.3 million in revenue from sales to existing customers partially offset by a decrease of $1.1 million in revenue from sales to new customers. Almost the entirety of the revenue from existing customers was from one-year subscription term-based licenses. Our net-dollar retention rate was 96% at December 31, 2022. Approximately $0.9 million, or 81%, of the decrease in revenue from new customers was from multi-year subscription term-based licenses, with the remaining $0.2 million, or 19%, from one-year subscription term-based licenses.

Services and other revenue accounted for 15% of our revenue in each of 2022 and 2021. Services and other revenue decreased $0.2 million, or 3%, in 2022 when compared to 2021. This decrease in services and other revenue was primarily the result of an overall decrease in service hours billed to customers during 2022 when compared to 2021.

Cost of Revenue

Total cost of revenue from continuing operations increased by $1.3 million, or 6%, during 2022 compared to 2021. The increase in total cost of revenue was primarily due to an increase of $2.0 million in other cost of revenue, partially offset by a decrease in amortization of developed technology of $0.7 million. The increase in other cost of revenue was primarily as a result of an increase in personnel costs from higher average headcount during 2022, and, to a lesser extent, from an increase in subscription and hosting costs and contracted services. Operations headcount increased by 13 positions from 132 at December 31, 2021 to 145 at December 31, 2022. The decrease in amortization of developed technology is related to the abandonment of the Compliance Sheriff related developed technology in 2022.

Gross Profit

Gross profit totaled $20.8 million for 2022, a decrease of $1.7 million, or 7%, as compared to 2021. This decrease was the result of the factors described above under “Revenue” and “Cost of Revenue”.

Operating Expenses

Total operating expenses from continuing operations increased by $24.2 million, or 32%, for 2022 as compared to 2021. The factors that contributed to the increase in operating expenses are detailed below.

Sales and marketing expenses increased by $5.4 million, or 14%, for 2022 as compared to 2021. This increase was primarily the result of an increase in personnel costs from higher headcount on both the sales and marketing teams, and to a lesser extent, higher investment in marketing and advertising costs since completion of the Merger. While sales and marketing headcount has recently decreased as described above, prior to the Reduction, there was overall higher headcount in both the sales and marketing teams in 2022 as compared to 2021.

Research and development increased $2.4 million, or 22%, for 2022 as compared to 2021. This increase was primarily the result of an increase in personnel costs from higher headcount. Research and development headcount increased by 6 positions from 120 at December 31, 2021 to 126 at December 31, 2022.

General and administrative expenses increased by $15.8 million, or 86%, for 2022 as compared to 2021. This increase was primarily the result of equity-based compensation expense recognized during 2022 in connection with the 2021 Plan, and an increase in personnel costs from higher headcount throughout 2021 and 2022 prior to the Reduction. General and administrative headcount decreased by 11 positions from 76 at December 31, 2021 to 65 at December 31, 2022.

Transaction costs. In June 2022, we expensed $2.1 million of transaction costs related to a contemplated registered equity offering. Transaction costs expensed in connection with the Merger totaled $3.1 million in 2021.

Depreciation and amortization expense remained relatively flat for 2022 as compared to 2021. While there was an increase in depreciation and amortization primarily due to depreciation and amortization on purchases of property and equipment during 2021, we had lower amortization expense related to intangibles following the abandonment of the Compliance Sheriff related intangibles in 2022.

Loss on abandonment of assets. We stopped offering our Compliance Sheriff product and, as a result, recorded a loss on abandonment of the related intangible assets of $1.7 million in 2022.

63

Change in Fair Value of Embedded Derivative Liability

During 2022, we recognized a gain of $58.8 million in connection with the embedded derivative associated with the conversion feature under the Convertible Senior Notes, while we recognized a loss of $78.5 million in 2021. Refer to Note 7 to the audited consolidated financial statements in this Annual Report for a discussion of the key inputs affecting the value of the derivative.

Interest Expense, Net

Interest expense, net increased by $3.3 million for 2022 as compared to 2021. The increase in interest expense, net was primarily attributable to the change in the mix of our debt during 2021 and 2022. As described above, the Promissory Notes were repaid in part with the balance extinguished, in each case on February 8, 2021. On February 9, 2021, Legacy Appgate issued the Initial Convertible Senior Notes, which are described below, and in connection with the closing of the Merger on October 12, 2021, issued the Additional Convertible Senior Notes. Additionally, on April 26, 2022, Legacy Appgate, Appgate, the other guarantors party thereto and SIS Holdings entered into the Revolving Credit Agreement which provides for the Revolving Credit Facility. Interest accrues on amounts drawn under the Revolving Credit Facility at a rate of 10.0% per annum, payable in cash on the Final Maturity Date. During 2022, we borrowed $46.5 million under the Revolving Credit Facility, all of which remained outstanding as of December 31, 2022.

Other Expenses, Net

Other expenses, net remained flat at $0.5 million in 2022 as compared to 2021.

Income Tax Expense

Our effective tax rate for 2022 and 2021 was (6.2)% and (1.8)%, respectively. The effective tax rate for 2022 differs from the U.S. Federal income tax rate of 21% primarily due to changes in the valuation allowance, the change in the fair value of our embedded derivative liability that is not tax deductible, share-based compensation write-off, and foreign withholding taxes. The effective tax rate for 2021 differs from the U.S. Federal income tax rate of 21% primarily due to changes in the valuation allowance, the change in the fair value of our embedded derivative liability that is not tax deductible, state taxes, and foreign withholding taxes. 

Non-GAAP Financial Measures

In addition to our results determined in accordance with GAAP, we believe the following non-GAAP financial measures are useful to investors in evaluating our operating performance.

These non-GAAP financial measures are presented for supplemental informational purposes only and should not be considered a substitute for financial information presented in accordance with GAAP and may be different from similarly titled non-GAAP measures used by other companies. A reconciliation is provided below for each non-GAAP financial measure to the most directly comparable financial measure determined in accordance with GAAP. Investors are encouraged to review the related GAAP financial measures and the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures.

Non-GAAP Gross Profit and Gross Margin

Non-GAAP gross profit and non-GAAP gross margin are supplemental measures of operating performance that are not determined in accordance with GAAP and do not represent, and should not be considered as, an alternative to gross profit and gross margin, the most directly comparable financial measures determined in accordance with GAAP. We define non-GAAP gross profit as gross profit, adjusted to add back non-cash equity-based compensation expense and developed technology amortization expense and define non-GAAP gross margin as non-GAAP gross profit as a percentage of revenue.

We use non-GAAP gross profit and non-GAAP gross margin to understand and evaluate our core operating performance and trends, to prepare and approve our annual budget, and to develop short-term and long-term operating plans. We believe that non-GAAP gross profit and non-GAAP gross margin are useful measures to our management and to our investors because they provide consistency and comparability with past financial performance and between periods, as the metrics

64

generally eliminate the effects of the variability of amortization expense of intangibles and non-cash equity-based compensation expense from period to period, which may fluctuate for reasons unrelated to overall operating performance. We believe that the use of these measures enables our management to more effectively evaluate our performance period-over-period and relative to our competitors, some of which use similar non-GAAP financial measures to supplement their GAAP results. Non-GAAP gross profit and non-GAAP gross margin have limitations as analytical tools, and you should not consider them in isolation, or as a substitute for analysis of our results as reported under GAAP. Because of these limitations, non-GAAP gross profit and non-GAAP gross margin should not be considered as a replacement for gross profit and gross margin, as determined in accordance with GAAP, or as a measure of our profitability.

A reconciliation of our non-GAAP gross profit and non-GAAP gross margin to gross profit and gross margin, the most directly comparable financial measures determined in accordance with GAAP, for 2022 and 2021, is as follows (in thousands):

	2022			2021
GAAP revenue	$	42,664		$	43,033
GAAP gross profit	20,771			22,439
Add: amortization expense	3,781			4,525
Add: equity-based compensation	62			504
Non-GAAP gross profit	$	24,614		$	27,468
GAAP gross margin	49		%	52		%
Non-GAAP gross margin	58		%	64		%

Non-GAAP Loss from Operations and Non-GAAP Operating Margin

We define non-GAAP loss from operations as GAAP loss from continuing operations excluding amortization expense of acquired intangible assets, loss on abandonment of assets, non-cash equity-based compensation expense, and transaction costs. We define non-GAAP operating margin as non-GAAP loss from continuing operations as a percentage of revenue.

A reconciliation of our non-GAAP loss from operations and non-GAAP operating margin to loss from continuing operations and operating margin, the most directly comparable financial measures determined in accordance with GAAP, for 2022 and 2021, is as follows (in thousands):

	2022			2021
GAAP revenue	$	42,664		$	43,033
GAAP loss from continuing operations	(80,145)			(54,244)
Add: amortization expense	8,355			9,196
Add: loss on abandonment of assets	1,658			—
Add: equity-based compensation	14,653			3,460
Add: transaction costs	2,059			3,099
Non-GAAP loss from operations	$	(53,420)		$	(38,489)
GAAP operating margin	(188)		%	(126)		%
Non-GAAP operating margin	(125)		%	(89)		%

65

Free Cash Flow and Free Cash Flow Margin

Free cash flow is a non-GAAP financial measure that we define as net cash provided by (used in) operating activities of continuing operations less cash used for purchases of property and equipment and repayment of finance leases. We believe that free cash flow is a useful indicator of liquidity that provides information to management and investors, even if negative, as it provides useful information about the amount of cash generated (or consumed) by our operating activities that is available (or not available) to be used for other strategic initiatives. For example, if free cash flow is negative, we may need to access cash reserves or other sources of capital to invest in strategic initiatives. While we believe that free cash flow is useful in evaluating our business, free cash flow is a non-GAAP financial measure that has limitations as an analytical tool, and free cash flow should not be considered as an alternative to, or substitute for, net cash provided by (used in) operating activities in accordance with GAAP. The utility of free cash flow as a measure of our liquidity is limited as it does not represent the total increase or decrease in our cash balance for any given period and does not reflect our future contractual commitments. In addition, other companies, including companies in our industry, may calculate free cash flow differently or not at all, which reduces the usefulness of free cash flow as a tool for comparing our results to those of other companies.

	2022			2021
Net cash, cash equivalents and restricted cash used in operating activities of continuing operations	$	(58,548)		$	(52,915)
Less:
Purchases of property and equipment	(568)			(920)
Repayment of finance leases	—			(22)
Free cash flow	$	(59,116)		$	(53,857)
As a percentage of revenue:
GAAP revenue	$	42,664		$	43,033
Net cash, cash equivalents and restricted cash used in operating activities of continuing operations	(137)		%	(123)		%
Less:
Purchases of property and equipment	(1)		%	(2)		%
Repayment of finance leases	—		%	—		%
Free cash flow	(138)		%	(125)		%

Liquidity and Capital Resources

As of December 31, 2022, we had cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility of $11.5 million and of $3.5 million, respectively. Historically, Legacy Appgate’s principal source of liquidity was borrowing availability under the Promissory Notes and cash generated from Legacy Appgate’s operations. As discussed above, on February 8, 2021, Legacy Appgate repaid Cyxtera the full amount of the Promissory Note issued to Cyxtera and made a partial repayment on the then accumulated principal and interest under the Promissory Note issued to the Management Company. On that same date, the Management Company issued a payoff letter to Legacy Appgate extinguishing the balance remaining unpaid of $34.6 million following such repayment. The payoff letter resulted in the full settlement and extinguishment of the Promissory Note held by the Management Company.

We have generated significant operating losses and negative cash flows from operations as reflected in our accumulated deficit and consolidated statements of cash flows. We expect to continue to incur operating losses and negative cash flows from operations for the foreseeable future. Currently, our principal sources of liquidity are the proceeds from the issuance of the Convertible Senior Notes, our borrowings and remaining borrowing capacity under the Revolving Credit Facility and cash generated from our operations, which have enabled us to make continued investments to support the growth of our business. As a result of our recurring losses from operations and current liquidity, management is of the opinion that there is a substantial doubt as to the Company’s ability to continue as a going concern. The audited consolidated financial statements included herein have been prepared assuming that we will continue as a going concern and do not include adjustments that might result from the outcome of this uncertainty. If we are unable to raise the requisite funds, we will need to curtail or cease operations. See Note 1 to the audited consolidated financial statements for more information and Part I, Item 1A, “Risk Factors—Management has performed an analysis of our ability to continue as a going concern, and

66

has determined that, based on our current financial position, there is a substantial doubt about our ability to continue as a going concern. In addition, our independent registered public accounting firm has raised substantial doubt as to our ability to continue as a going concern in this Annual Report.”

We have based our estimates as to how long we expect we will be able to fund our operations on assumptions that may prove to be wrong. In the long-term, we will be required to obtain additional financing to fund our current planned operations, which may consist of borrowings under the Revolving Credit Facility or an alternative financing arrangement, which may not be available to us on acceptable terms, or at all. Our failure to raise capital as and when needed may have a negative impact on our financial condition and our ability to pursue our business strategy. If we do raise additional capital through public or private equity offerings, the ownership interest of our existing stockholders will be diluted. If we raise additional capital through debt financing, we may be subject to covenants limiting or restricting our ability to take specific actions, such as incurring additional debt, making capital expenditures or declaring dividends.

Debt

As of December 31, 2022, we had $121.5 million in aggregate principal amount of debt outstanding: $75.0 million under the Convertible Senior Notes and $46.5 million under the Revolving Credit Facility. As of December 31, 2021, we had $75.0 million in aggregate principal amount of debt outstanding, all of which was under the Convertible Senior Notes.

Convertible Senior Notes 

On February 9, 2021, Legacy Appgate issued the Initial Convertible Senior Notes to various funds managed by Magnetar. In connection with the closing of the Merger, Legacy Appgate issued the Additional Convertible Senior Notes. The Convertible Senior Notes are subject to the terms and conditions of the Note Issuance Agreement and Note Purchase Agreement.

We received net proceeds of $72.8 million from the issuance of the Initial Convertible Senior Notes and Additional Convertible Senior Notes, after deducting fees and expenses of $2.2 million. We recorded these fees and expenses as debt issuance costs that will be amortized over the term of the Convertible Senior Notes.

The Convertible Senior Notes are senior, unsecured obligations of Legacy Appgate, and the payment of the principal and interest is unconditionally guaranteed, jointly and severally by Legacy Appgate’s U.S. subsidiaries and, as of the closing of the Merger, also by the Company. The Convertible Senior Notes mature on February 9, 2024, unless earlier converted, redeemed, or repurchased.

Interest on the Convertible Senior Notes is payable either entirely in cash or entirely in kind (“PIK Interest”), or a combination of cash and PIK Interest at Appgate’s discretion. The Convertible Senior Notes bear interest at the annual rate of 5% with respect to interest payments made in cash and 5.50% with respect to PIK Interest, with interest payable semi-annually on February 1 and August 1 of each year, commencing on August 1, 2021. PIK Notes issued or issuable in respect of PIK Interest have the same terms and conditions as the Convertible Senior Notes. On February 1, 2023, Legacy Appgate issued approximately $2.1 million in PIK Notes with respect to a single interest payment date. The Note Issuance Agreement includes certain affirmative and financial covenants we are required to satisfy.

Revolving Credit Agreement

On April 26, 2022, Legacy Appgate, Appgate, the other guarantors party thereto and SIS Holdings entered into the Revolving Credit Agreement which provides for a $50.0 million unsecured, revolving credit facility, or the “Revolving Credit Facility”. This indebtedness is contractually subordinated to the Convertible Senior Notes and matures, on the earlier to occur of (a) June 30, 2023, (b) the closing of a registered offering of Capital Stock (as defined in the Revolving Credit Agreement) of the Company in an aggregate amount equal to $50.0 million or more and (c) the date of which the Loans (as defined in the Revolving Credit Agreement) are accelerated upon an Event of Default (as defined in the Revolving Credit Agreement). Interest accrues on amounts drawn under the Revolving Credit Facility at a rate of 10.0% per annum, payable in cash on the Final Maturity Date (as defined in the Revolving Credit Agreement). The Revolving Credit Agreement is subject to customary terms, covenants and conditions. All obligations under the Revolving Credit Agreement are guaranteed by Appgate and Legacy Appgate’s domestic subsidiaries. As of December 31, 2022, we had $46.5 million in aggregate principal amount of debt outstanding under the Revolving Credit Facility.

67

Promissory Notes

On March 31, 2019, Legacy Appgate issued the Promissory Notes to each of Cyxtera and the Management Company. As discussed above and in our audited consolidated financial statements included elsewhere in Part II, Item 8 of this Annual Report - “Financial Statements and Supplementary Data”, on February 8, 2021, Legacy Appgate repaid Cyxtera the full amount on the then outstanding principal and interest of $20.6 million under the Promissory Note issued to Cyxtera and made a partial repayment of $99.0 million to the Management Company on the then outstanding principal and interest of $133.6 million under the Promissory Note issued to the Management Company. On that same date, the Management Company issued a payoff letter to Legacy Appgate extinguishing the balance remaining unpaid following such repayment. Because Cyxtera was Legacy Appgate’s direct parent at the time of issuance of the Promissory Notes and an affiliate under common control with Legacy Appgate at the time of repayment, we recognized the note extinguishment of $34.6 million as a capital contribution in 2021.

Other Contractual Obligations and Commitments

In addition to our debt obligations under the Convertible Senior Notes, the Revolving Credit Facility, and lease obligations under several operating lease arrangements, Appgate has other contractual commitments. Refer to Note 10 — Leases and Note 11 — Debt, to our audited consolidated financial statements included elsewhere in this Annual Report for additional information on maturities. Refer to Note 12 — Commitments and Contingencies to our audited consolidated financial statements included elsewhere in this Annual Report for additional information regarding cash amounts committed under other contractual obligations.

Cash Flow

Cash Flows for 2022 and 2021. The following table sets forth our historical cash flows for the periods indicated (in thousands):

	2022		2021
Net cash, cash equivalents and restricted cash used in operating activities	$	(58,548)	$	(52,066)
Net cash, cash equivalents and restricted cash (used in) provided by investing activities	$	(568)	$	124,102
Net cash, cash equivalents and restricted cash provided by (used in) financing activities of continuing operations	$	46,500	$	(48,408)

Operating Activities

Our largest source of operating cash is cash collections from customers for sales of licenses and services. Our primary uses of cash from operating activities are for employee-related expenditures, marketing expenses and third-party hosting costs.

Net cash used in operating activities during 2022 was $58.5 million, which resulted from a net loss of $30.1 million, non-cash charges of $24.9 million and net cash outflow of $3.6 million from changes in assets and liabilities. Non-cash charges primarily consisted of a $58.8 million change in the fair value of our embedded derivative liability, $14.7 million in equity-based compensation, $9.3 million of depreciation and amortization, $6.0 million of amortization of deferred contract acquisition costs, and $1.7 million loss on abandonment of assets following our decision to stop offering our Compliance Sheriff product. The net cash outflow from changes in assets and liabilities was primarily due to more cash used in working capital, primarily driven by higher employee-related expenses in 2022 as discussed above under “Results of Operations,” and higher costs associated to the Merger and related initiatives, increases in deferred contract acquisition costs, and a decrease in deferred revenue, partially offset by increased collections.

Net cash used in operating activities during 2021 was $52.1 million, which resulted from a net loss of $73.1 million, adjusted for the net income from discontinued operations, net of tax of $65.7 million, net cash provided by operating activities of discontinued operations of $0.8 million, non-cash charges of $97.6 million and net cash outflow of $11.6 million from changes in assets and liabilities. Non-cash charges primarily consisted of a $78.5 million change in the fair value of our embedded derivative liability, $9.9 million of depreciation and amortization, $5.3 million of amortization of deferred contract acquisition costs, and $3.5 million in equity-based compensation. The net cash outflow from changes in assets and liabilities was primarily due to more cash used in working capital, primarily driven by higher headcount in 2021 as discussed above under “Results of Operations,” and higher costs associated to the Merger and related initiatives,

68

increases in contract assets and deferred contract acquisition costs, and a decrease in deferred revenue, partially offset by increased collections.

Investing Activities

During 2022, we used cash in our investing activities of $0.6 million as compared to cash provided by investing activities of $124.1 million during 2021. The change in cash flows from investing activities during 2022 when compared to 2021 was primarily due to receipt of $125.0 million in net proceeds from the sale of Brainspace in January 2021.

Financing Activities

During 2022, we borrowed $46.5 million under the Revolving Credit Facility. We did not have any other cash movement in financing activities during 2022. During 2021, we used $48.4 million of cash in financing activities, primarily for the repayment of $119.6 million to Cyxtera and/or the Management Company in February 2021 as settlement and extinguishment of the Promissory Notes, net of gross proceeds of $75.0 million received from the issuance of the Initial Convertible Senior Notes and Additional Convertible Senior Notes. In 2022, we paid $2.2 million in debt issuance costs in connection with the issuance of the Initial Convertible Senior Notes and Additional Convertible Senior Notes and spent $1.5 million on the recapitalization of the Company following the Merger (see Note 2).

Critical Accounting Estimates

The discussion and analysis of our financial condition and results of operations are based upon our consolidated financial statements, which have been prepared in accordance with GAAP. The preparation of these financial statements requires management to make estimates and judgments that affect the reported amounts of assets and liabilities, revenue and expenses and related disclosures of contingent assets and liabilities at the date of our financial statements. We evaluate our estimates and assumptions on an ongoing basis. The estimates and assumptions used by management are based on historical experience and other factors, which are believed to be reasonable under the circumstances. Actual results may differ from these estimates under different assumptions or conditions, impacting our reported results of operations and financial condition.

Critical accounting policies are those that we consider the most important to the portrayal of our financial condition and results of operations because they require our most difficult, subjective, or complex judgments, often as a result of the need to make estimates about the effect of matters that are inherently uncertain. Based on this definition, we have identified the following critical accounting estimates: revenue from contracts with customers, accounting for income taxes, and accounting for goodwill and intangible assets. These critical accounting estimates are addressed below. In addition, we have other key accounting estimates that are described in Note 1 – Business and Summary of Significant Accounting Policies to our audited consolidated financial statements included elsewhere in this Annual Report.

Revenue Recognition

We recognize revenue under ASC 606. Under ASC 606, we recognize revenue when our customers obtain control of goods or services in an amount that reflects the consideration that we expect to receive in exchange for those goods or services.

We primarily sell our software through on-premise term-based license agreements, perpetual license agreements and SaaS subscriptions, which allow our customers to use our SaaS services without taking possession of the software. Our products offer substantially the same functionality whether our customers receive them through a perpetual, or term-based license or a SaaS arrangement. Our agreements with customers for software licenses may include maintenance contracts and may also include professional services contracts. Maintenance revenues consist of fees for providing unspecified software updates and technical support for our products for a specified term, which is typically one to three years. We offer a portfolio of professional services and extended support contract options to assist our customers with integration, optimization, training and ongoing advanced technical support. We also generate revenue from threat advisory services, including penetration testing, application assessments, vulnerability analysis, reverse engineering, architecture review and source code review.

If a contract contains a single performance obligation, the entire transaction price is allocated to the single performance obligation. For contracts that contain multiple distinct performance obligations, we allocate the transaction price to each performance obligation based on a relative standalone selling price (“SSP”). We determine the transaction price with reference to the SSP of the various performance obligations inherent within a contract. The SSP is determined based on the prices at which we separately sell these products, assuming the majority of these fall within a pricing range. In instances

69

where SSP is not directly observable, such as when we do not sell the software license separately, we derive the SSP utilizing market conditions and other factors, including customer type, market conditions and pricing objectives, historical sales data, and negotiated discounts from price lists, if any, that can require significant judgement.

Derivatives

We have concluded that the conversion feature under the Convertible Senior Notes requires bifurcation from the debt host agreement in accordance with ASC 815. Accordingly, we recognize a derivative liability at fair value for this instrument in our consolidated balance sheet and adjust the carrying value of the liability to fair value at each reporting period until the conversion feature underlying the instrument is exercised, redeemed, cancelled or expires. The changes in fair value are recorded as other expense in our consolidated statement of operations. The derivative is valued using Level 3 inputs which are highly subjective and require a high degree of judgment. Refer to Note 7 to our consolidated financial statements included elsewhere in this Annual Report for disclosures regarding those significant unobservable inputs and how a change in those significant unobservable inputs to a different amount might produce a significantly higher or lower derivative value at the reporting date.

Income Taxes

Through December 31, 2019, the operations of Legacy Appgate were included in the consolidated U.S. federal, state, local and foreign income tax returns, filed by Cyxtera, where applicable.

We account for income taxes using the asset and liability method. Deferred income taxes are recognized by applying the enacted statutory tax rates applicable to future years to differences between the carrying amounts of existing assets and liabilities and their respective tax bases and net operating loss and tax credit carryforwards. The effect on deferred tax assets and liabilities of a change in tax rates is recognized in the period that includes the enactment date. The measurement of deferred tax assets is reduced, if necessary, by a valuation allowance to amounts that are more likely than not to be realized. In addition, certain Federal and state NOL carryforward assets are reduced by a valuation allowance and/or may be limited by Code Section 382 or 383.

We use an estimate of the annual effective income tax rate at each interim period based on the facts and circumstances available at that time, while the actual effective income tax rate is calculated at year-end.

See Note 18 – Income Taxes to our audited consolidated financial statements included elsewhere in this Annual Report for additional information about accounting for income taxes.

Goodwill and Other Long-Lived Assets, including Acquired Intangible Assets

Goodwill represents the excess of the fair value of purchase consideration in a business combination over the fair value of net tangible and intangible assets acquired. Goodwill amounts are not amortized, but rather tested for impairment at least annually or more often if circumstances indicate that the carrying value may not be recoverable. Upon the Cyxtera Spin-Off, Legacy Appgate’s opening carve-out consolidated financial statements included the goodwill balances carried over from Cyxtera in connection with Cyxtera’s acquisition of the entities that formed Legacy Appgate, less impairments. We perform annual impairment tests of goodwill on October 1st of each year or whenever an indicator of impairment exists. We did not record any impairment of goodwill in 2022 or 2021.

Our annual impairment tests of goodwill may be completed through qualitative assessments. We may elect to bypass the qualitative assessment and proceed directly to a quantitative impairment test, for any reporting unit, in any period. We can resume the qualitative assessment for any reporting unit in any subsequent period. Under a qualitative approach, our impairment review for goodwill consists of an assessment of whether it is more-likely-than-not that a reporting unit’s fair value is less than its carrying amount. If we elect to bypass the qualitative assessment for any reporting units, or if a qualitative assessment indicates it is more-likely-than-not that the estimated carrying value of a reporting unit exceeds its fair value, we perform a quantitative goodwill impairment test that requires us to estimate the fair value of the reporting unit. If the fair value of the reporting unit is less than its carrying amount, we will measure any goodwill impairment loss as the amount by which the carrying amount of a reporting unit exceeds its fair value, not to exceed the total amount of goodwill allocated to that reporting unit. We use an income approach and a market approach, when available, to estimate a reporting unit’s fair value, which discounts the reporting unit’s projected cash flows using a discount rate we determine from a market participant's perspective under the income approach or utilizing similar publicly traded companies as

70

guidelines for determining fair value under the market approach. We make significant assumptions when estimating a reporting unit’s projected cash flows, including revenue, driven primarily by sales growth, operating expenses, capital expenditures and income tax rates, among others.

We completed our impairment reviews for goodwill as of October 1, 2022 and 2021 and no impairment resulted. The estimates and assumptions we use to estimate fair values when performing quantitative assessments are highly subjective judgments based on our experience and knowledge of our operations. Significant changes in the assumptions used in our analysis could result in an impairment charge related to goodwill. Circumstances that could result in changes to future estimates and assumptions include, but are not limited to, expectations of sales growth, which can be caused by a variety of factors, increases in income tax rates and increases in discount rates.

Acquired intangible assets consist of identifiable intangible assets, including developed technology, trademarks and tradenames, and customer relationships, resulting from business combinations. Acquired finite-lived intangible assets are initially recorded at fair value and are amortized on a straight-line basis over their estimated useful lives. Amortization expense of trademarks and tradenames, and customer relationships is recorded primarily within depreciation and amortization in our consolidated statements of operations. Amortization expense of developed technology is recorded within cost of revenue in our consolidated statements of operations.

Long-lived assets, such as property and equipment and acquired intangible assets, are reviewed for impairment whenever events or changes in circumstances indicate that their carrying amounts may not be recoverable. We measure the recoverability of these assets by comparing the carrying amounts to the future undiscounted cash flows that these assets are expected to generate. If the total of the future undiscounted cash flows are less than the carrying amount of an asset, we record an impairment charge for the amount by which the carrying amount of the asset exceeds the fair value. When assessing the recoverability of our long-lived assets, we make assumptions regarding estimated future cash flows and other factors. Some of these assumptions involve a high degree of judgment and also bear a significant impact on the assessment conclusions. Included among these assumptions are estimating undiscounted future cash flows, including the projection of sales and revenue, operating expenses, and capital requirements, among others. We formulate estimates from historical experience and assumptions of future performance, based on business plans and forecasts, recent economic and business trends, and competitive conditions. In the event that our estimates or related assumptions change in the future, we may be required to record an impairment charge. We did not record any impairment of long-lived assets in 2022 or 2021.

Recent Accounting Pronouncements

Recently issued accounting pronouncements are described in Note 1 of our audited consolidated financial statements included elsewhere in this Annual Report.

Item 7A. Quantitative and Qualitative Disclosures About Market Risk

Market Risk

Market risk represents the risk of loss that may impact our financial position due to adverse changes in financial market prices and rates. Because we have operations in the United States and internationally, our market risk exposure is primarily to potential changes in inflation or interest rates. We do not hold financial instruments for trading purposes.

Foreign Currency Exchange Risk

Our revenues and expenses are primarily denominated in U.S. dollars. During 2022 and 2021, we recorded a loss of $0.1 million and $0.4 million, respectively, on foreign exchange transactions. To date, we have not entered into any hedging arrangements with respect to foreign currency risk or any other derivative financial instruments but may do so in the future if our exposure to foreign currency should become more significant. For business conducted outside of the United States, we may have both revenue and costs incurred in the local currency, creating a partial natural hedge. Changes to exchange rates therefore have not had a significant impact on the business to date. However, we will continue to assess our foreign exchange exposure as we continue to grow our business globally. During 2022 and 2021, a hypothetical 10% change in foreign currency exchange rates applicable to our business would not have had a material impact on our consolidated financial statements.

71

Interest Rate Risk

We do not hold financial instruments subject to variable interest rates.

Inflation Risk

We do not believe that inflation has had a material effect on our business, financial condition, or results of operations. If our costs become subject to significant inflationary pressures, we may not be able to fully offset such higher costs through price increases. Our inability or failure to do so could harm our business, financial condition, and operating results.

72

Item 8. Financial Statements and Supplementary Data

Appgate, Inc.

Table of Contents

Consolidated Financial Statements:	Page
Report of Independent Registered Public Accounting Firm (BDO USA, LLP; Miami, FL; PCAOB ID#243)	74
Consolidated Balance Sheets as of December 31, 2022 and 2021	77
Consolidated Statements of Operations for the Years Ended December 31, 2022 and 2021	78
Consolidated Statements of Comprehensive Loss for the Years Ended December 31, 2022 and 2021	79
Consolidated Statement of Changes in Stockholders' Equity (Deficit) for the Years Ended December 31, 2022 and 2021	80
Consolidated Statements of Cash Flows for the Years Ended December 31, 2022 and 2021	81
Notes to Consolidated Financial Statements	83

73

Report of Independent Registered Public Accounting Firm

Stockholders and Board of Directors of

Appgate, Inc.

Miami, Florida

Opinion on the Consolidated Financial Statements

We have audited the accompanying consolidated balance sheets of Appgate, Inc. and subsidiaries (the “Company”) as of December 31, 2022 and 2021, the related consolidated statements of operations, comprehensive loss, changes in stockholders’ equity (deficit), and cash flows for each of the two years then ended, and the related notes (collectively referred to as the “consolidated financial statements”). In our opinion, the consolidated financial statements present fairly, in all material respects, the financial position of the Company at December 31, 2022 and 2021, and the results of its operations and its cash flows for each of the years then ended, in conformity with accounting principles generally accepted in the United States of America.

Going Concern Uncertainty

The accompanying consolidated financial statements have been prepared assuming that the Company will continue as a going concern. As discussed in Note 1 to the consolidated financial statements, the Company has suffered recurring losses from operations and has a net capital deficiency that raise substantial doubt about its ability to continue as a going concern. Management's plans in regard to these matters are also described in Note 1. The consolidated financial statements do not include any adjustments that might result from the outcome of this uncertainty.

Basis for Opinion

These consolidated financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on the Company’s consolidated financial statements based on our audits. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States) (“PCAOB”) and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.

We conducted our audits in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the consolidated financial statements are free of material misstatement, whether due to error or fraud. The Company is not required to have, nor were we engaged to perform, an audit of its internal control over financial reporting. As part of our audits, we are required to obtain an understanding of internal control over financial reporting but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control over financial reporting. Accordingly, we express no such opinion.

Our audits included performing procedures to assess the risks of material misstatement of the consolidated financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the consolidated financial statements. Our audits also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the consolidated financial statements. We believe that our audits provide a reasonable basis for our opinion.

Critical Audit Matters

The critical audit matters communicated below are matters arising from the current period audit of the consolidated financial statements that were communicated or required to be communicated to the audit committee and that: (1) relate to accounts or disclosures that are material to the consolidated financial statements and (2) involved our especially challenging, subjective, or complex judgments. The communication of critical audit matters does not alter in any way our opinion on the consolidated financial statements, taken as a whole, and we are not, by communicating the critical audit matters below, providing separate opinions on the critical audit matters or on the accounts or disclosures to which they relate.

74

Revenue Recognition — Relative Standalone Selling Price

As described in Notes 1 and 6 to the consolidated financial statements, the Company sells software through on-premise term-based license agreements, perpetual licenses agreements and software as a service (“SaaS”) subscriptions. The Company’s contracts for software licenses may include maintenance and may also include professional services. The Company identifies each performance obligation in a contract based on the products and services that will be transferred to the customer that are both capable of being distinct and are distinct within the context of the contract. If a contract includes more than one distinct performance obligation, the Company allocates the transaction price to each distinct performance obligation based on a relative standalone selling price. The Company determines relative standalone selling price (“SSP”) utilizing either observable inputs such as the prices at which products are separately sold or in instances where SSP is not directly observable, utilizing market conditions and other factors, including customer type, pricing objectives, historical sales data, and negotiated discounts from price lists, if any, that can require significant judgement.

We identified the Company’s determination of relative SSP with regard to certain of the Company’s software contracts as a critical audit matter because of the significant estimates and assumptions used by the Company in making these determinations. This required a high degree of auditor judgement and an increased extent of effort when performing audit procedures to evaluate the reasonableness of the Company’s relative SSP.

The primary procedures we performed to address this critical audit matter included:

•Evaluating the reasonableness of the Company’s methodology used to determine relative SSP;

•Testing the completeness and accuracy of the data used to determine relative SSP by (a) selecting a sample of customer contracts, obtaining the related source documents and comparing that data to the data used to develop the SSP; and (b) evaluating the value relationship between performance obligations not sold separately; and

•Testing the mathematical accuracy of the Company’s calculation of relative SSP and verifying the consistent application of the methodology of establishing relative SSP across periods.

Convertible Senior Notes and Embedded Derivative Liability

As described in Notes 7 and 11 to the consolidated financial statements, on February 9, 2021, the Company issued $50.0 million in aggregate principal amount of convertible senior notes due 2024 (the “Initial Convertible Senior Notes”). In connection with the closing of the merger on October 12, 2021 with a public shell company (the “Merger”), the Company issued an additional $25.0 million in aggregate principal balance in convertible notes (the “Additional Convertible Senior Notes” and together with the Initial Convertible Senior Notes and any PIK Notes (as defined in Note 11 to the consolidated financial statements), the “Convertible Senior Notes”). The Company concluded that its Convertible Senior Notes contained an embedded derivative, a conversion feature, and determined that following the closing of the Merger, this embedded derivative required bifurcation in accordance with ASC 815, Derivatives and Hedging. The fair value of the convertible senior notes and embedded derivative were approximately $64.6 million and $19.7 million, respectively. The embedded derivative is recorded as a derivative liability on the Company’s consolidated balance sheet as of December 31, 2022.

We identified the valuation of the Convertible Senior Notes and embedded derivative as a critical audit matter because of the complexity of the valuation models and the judgements made by management in estimating the fair value of the Convertible Senior Notes and embedded derivative. Specifically, the valuation models used in determining the fair value of the Convertible Senior Notes and embedded derivative include inputs subject to management's judgment, specifically an estimate of volatility, market yield and probability of a change of control or fundamental change. This required subjective auditor judgment and an increased level of effort when performing audit procedures, including the involvement of valuation professionals with specialized skills and knowledge.

The primary procedures we performed to address this critical audit matter included:

•Testing the accuracy of the source data used by management in the valuation by comparing it to the debt agreement and share price;

75

•Testing management’s process for developing the fair value estimate and evaluating the significant assumptions used to calculate the fair value of the Convertible Senior Notes and embedded derivative, including the probability of a change of control or fundamental change, and considering evidence obtained in other areas of the audit to determine if contradictory evidence existed; and

•Utilizing personnel with specialized skills and knowledge in valuation approach and methodologies to assist in: (i) assessing the appropriateness of the methodology used in estimating the fair value of the Convertible Senior Notes and embedded derivative; (ii) evaluating the reasonableness of volatility and market yields; and (iii) performing sensitivity tests to determine the impact of changes to certain of the primary inputs to the concluded value determined by management.

/s/ BDO USA, LLP

We have served as the Company’s auditor since 2020.

Miami, Florida

March 31, 2023

76

Appgate, Inc.

Consolidated Balance Sheets

As of December 31, 2022 and 2021

(in thousands, except share information)

	2022		2021
ASSETS
Current assets:
Cash and cash equivalents	$	11,531	$	25,990
Restricted cash	1,473		1,473
Accounts receivable, net of allowance of $52 and $163, respectively	4,231		6,848
Contract assets	1,462		1,458
Deferred contract acquisition costs, current	1,508		1,319
Prepaid and other current assets	3,517		6,196
Total current assets	23,722		43,284
Property and equipment, net	1,617		2,115
Operating lease right-of-use assets	1,679		2,497
Contract assets, noncurrent	9,134		8,630
Deferred contract acquisition costs, noncurrent	3,103		2,986
Goodwill	71,604		71,604
Intangible assets, net	26,449		36,459
Deferred income taxes	1,334		863
Other assets	182		147
Total assets	$	138,824	$	168,585
LIABILITIES AND STOCKHOLDERS’ DEFICIT
Current liabilities:
Accounts payable	$	4,334	$	4,483
Accrued expenses	10,240		12,193
Operating lease liabilities, current	619		798
Deferred revenue, current	5,578		5,274
Revolving credit facility	46,500		—
Total current liabilities	67,271		22,748
Deferred revenue, noncurrent	909		717
Operating lease liabilities, noncurrent	1,261		1,891
Convertible senior notes, net	73,769		72,968
Derivative liability	19,700		78,497
Total liabilities	162,910		176,821
Commitments and contingencies (Note 12)
Stockholders’ deficit:
Preferred stock, $0.001 par value per share; 1,000,000 shares authorized; no shares issued and outstanding	—		—
Common stock, $0.001 par value per share; 270,000,000 shares authorized; 131,793,660 shares issued and outstanding	132		132
Additional paid-in capital	524,239		509,586
Accumulated other comprehensive loss	(2,403)		(1,985)
Accumulated deficit	(546,054)		(515,969)
Total stockholders’ deficit	(24,086)		(8,236)
Total liabilities and stockholders’ deficit	$	138,824	$	168,585

See accompanying notes to consolidated financial statements.

77

Appgate, Inc.

Consolidated Statements of Operations

For the Years Ended December 31, 2022 and 2021

(in thousands, except share and per share information)

	2022		2021
Revenue	$	42,664	$	43,033
Cost of revenue, exclusive of amortization shown below	18,112		16,069
Amortization expense	3,781		4,525
Total cost of revenue	21,893		20,594
Gross profit	20,771		22,439
Operating expenses:
Sales and marketing	44,575		39,167
Research and development	13,103		10,727
General and administrative	34,037		18,282
Transaction costs	2,059		3,099
Depreciation and amortization	5,484		5,408
Loss on abandonment of assets	1,658		—
Total operating expenses	100,916		76,683
Loss from continuing operations	(80,145)		(54,244)
Change in fair value of embedded derivative liability	58,797		(78,497)
Interest expense, net	(6,443)		(3,190)
Other expenses, net	(535)		(515)
Loss from continuing operations before income taxes	(28,326)		(136,446)
Income tax expense of continuing operations	(1,759)		(2,396)
Net loss from continuing operations	(30,085)		(138,842)
Net income from discontinued operations, net of tax	—		65,714
Net loss	$	(30,085)	$	(73,128)
(Loss) income per share:
Net loss from continuing operations per share of common stock - basic	$	(0.23)	$	(3.48)
Net loss from continuing operations per share of common stock - diluted	$	(0.62)	$	(3.48)
Net income from discontinued operations per share of common stock - basic and diluted	$	—	$	1.64
Weighted-average shares used in computation - basic and diluted	131,793,660		39,951,865

See accompanying notes to consolidated financial statements.

78

Appgate, Inc.

Consolidated Statements of Comprehensive Loss

For the Years Ended December 31, 2022 and 2021

(in thousands)

	2022		2021
Net loss	$	(30,085)	$	(73,128)
Other comprehensive loss:
Change in foreign currency translation	(418)		(1,317)
Other comprehensive loss	(418)		(1,317)
Comprehensive loss	$	(30,503)	$	(74,445)

See accompanying notes to consolidated financial statements.

79

Appgate, Inc.

Consolidated Statements of Changes in Stockholders’ Equity (Deficit)

For the Years Ended December 31, 2022 and 2021

(in thousands, except share information)

	Preferred stock			Common stock			Additional paid-in capital		Accumulated other comprehensive loss		Accumulated deficit		Total stockholders’ equity (deficit)
	Shares	Amount		Shares	Amount
Balance as of December 31, 2020	—	$	—	13,757,550	$	14	$	471,687	$	(668)	$	(442,841)	$	28,192
Recapitalization	—	—		886,190	1		(109)		—		—		(108)
Stock issued in connection with Merger	—	—		117,149,920	117		(1,634)		—		—		(1,517)
Equity-based compensation	—	—		—	—		3,401		—		—		3,401
Transactions with former Parent (Notes 1 and 4)	—	—		—	—		36,241		—		—		36,241
Net loss	—	—		—	—		—		—		(73,128)		(73,128)
Other comprehensive loss	—	—		—	—		—		(1,317)		—		(1,317)
Balance as of December 31, 2021	—	—		131,793,660	132		509,586		(1,985)		(515,969)		(8,236)
Equity-based compensation	—	—		—	—		14,653		—		—		14,653
Net loss	—	—		—	—		—		—		(30,085)		(30,085)
Other comprehensive loss	—	—		—	—		—		(418)		—		(418)
Balance as of December 31, 2022	—	$	—	131,793,660	$	132	$	524,239	$	(2,403)	$	(546,054)	$	(24,086)

See accompanying notes to consolidated financial statements.

80

Appgate, Inc.

Consolidated Statements of Cash Flows

For the Years Ended December 31, 2022 and 2021

(in thousands)

	2022		2021
Cash flows from operating activities:
Net loss	$	(30,085)	$	(73,128)
Net income from discontinued operations, including gain on sale of $64.6 million, net of tax in 2021	—		(65,714)
Adjustments to reconcile net loss to net cash used in operating activities:
Depreciation and amortization	9,265		9,933
Loss on abandonment of assets	1,658		—
Equity-based compensation	14,653		3,460
Amortization of deferred contract acquisition costs	5,951		5,333
Change in fair value of embedded derivative liability	(58,797)		78,497
Amortization of debt issuance costs	802		212
Operating lease amortization	137		140
Provision for (Reversal of) allowance for doubtful accounts	857		(95)
Deferred income taxes	590		95
Changes in assets and liabilities:
Accounts receivable	1,989		5,405
Contract assets	(510)		(3,419)
Prepaid and other current assets	2,677		(4,141)
Due from affiliates, net	—		3,252
Deferred contract acquisition costs	(6,047)		(6,467)
Accounts payable	(126)		(2,247)
Accrued expenses	(2,082)		(2,795)
Deferred revenue	520		(1,236)
Net cash, cash equivalents and restricted cash used in operating activities of continuing operations	(58,548)		(52,915)
Net cash, cash equivalents and restricted cash provided by operating activities of discontinued operations	—		849
Net cash, cash equivalents and restricted cash used in operating activities	(58,548)		(52,066)
Cash flows from investing activities:
Purchases of property and equipment	(568)		(920)
Net cash, cash equivalents and restricted cash used in investing activities of continuing operations	(568)		(920)
Net cash, cash equivalents and restricted cash provided by investing activities of discontinued operations	—		125,022
Net cash, cash equivalents and restricted cash (used in) provided by investing activities	(568)		124,102
Cash flows from financing activities:
Proceeds from Revolving Credit Facility (Note 11)	46,500		—
Recapitalization, net of costs (Note 3)	—		(1,502)
Proceeds from Convertible Senior Notes (Note 11)	—		75,000
Payment of debt issuance costs	—		(2,244)
Repayment of Promissory Notes	—		(119,640)
Repayment of finance leases	—		(22)
Net cash, cash equivalents and restricted cash provided by (used in) financing activities of continuing operations	46,500		(48,408)
Effect of foreign currency exchange rates on cash	(1,843)		(1,786)

81

Net (decrease) increase in cash, cash equivalents and restricted cash	(14,459)		21,842
Cash, cash equivalents and restricted cash at beginning of period	27,463		5,621
Cash, cash equivalents and restricted cash at end of period	$	13,004	$	27,463
Cash and cash equivalents	$	11,531	$	25,990
Restricted cash	1,473		1,473
Cash, cash equivalents and restricted cash of continuing operations at end of period	$	13,004	$	27,463
Supplemental cash flow information:
Cash paid for interest	$	3,503	$	2,272
Cash paid for income taxes, net of refunds	$	2,333	$	2,440
Operating lease right-of-use assets obtained in exchange for operating lease liabilities	$	—	$	1,383
Non-cash increase to paid-in capital as a result of settlement of transactions with former Parent	$	—	$	36,241
Non-cash decrease to paid-in capital as a result of reverse merger transaction	$	—	$	132

See accompanying notes to consolidated financial statements.

82

Appgate, Inc.

Notes to Consolidated Financial Statements

Note 1. Business and Summary of Significant Accounting Policies 

Merger with Newtown

On October 12, 2021, Cyxtera Cybersecurity, Inc., a Delaware corporation doing business as AppGate (“Legacy Appgate”), successfully completed its merger (the “Merger”) with a direct, wholly owned subsidiary of Newtown Lane Marketing, Incorporated, a public company incorporated in Delaware (“Newtown”). In connection with the Merger, Legacy Appgate changed its legal name to Appgate Cybersecurity, Inc. and upon closing of the Merger, Newtown changed its name to Appgate, Inc. (“Appgate”, the “Company”, “we”, “us”, or “our”). Appgate’s common stock is now quoted on the OTC Markets under the symbol “APGT”.

Description of the Business 

Appgate is a cybersecurity company that protects against breaches and fraud through innovative, identity-centric, Zero Trust solutions. Appgate exists to provide modern enterprises with a solution to increasingly common cyber-attacks, against which traditional cybersecurity tools are proving ineffective. We sell and deliver our solutions using a combination of term-based license subscriptions, perpetual licenses and software-as-a-service (“SaaS”), together with related support services. We conduct business worldwide. Our headquarters is in Coral Gables, Florida.

Formation and Cyxtera Spin-Off 

Prior to December 31, 2019, Legacy Appgate was wholly owned by Cyxtera Technologies, Inc. (“Cyxtera” or “former Parent”). 

On December 31, 2019, the boards of directors of SIS Holdings GP LLC (“SIS GP”), the sole general partner of SIS Holdings LP, Cyxtera’s then sole stockholder (“SIS Holdings”), and Cyxtera, approved several transactions to reorganize Cyxtera’s cybersecurity business. In connection with the reorganization, Cyxtera redeemed, cancelled and retired 0.04 of a share of its common stock, par value $0.01, held by SIS Holdings, representing the relative fair value of all of the outstanding equity interests of Cyxtera’s cybersecurity business, in exchange for the transfer by Cyxtera of all issued and outstanding equity interests of the cybersecurity business (the “Cyxtera Spin-Off”) to SIS Holdings. The Cyxtera Spin-Off was accounted for as a common control transaction. Accordingly, the Cyxtera Spin-Off was accounted for by Appgate as a carve out from Cyxtera and has been accounted for based upon the guidance in Accounting Standards Codification (“ASC”) Topic 805-50, Business Combinations, which requires receiving entities to recognize the net assets received at their historical carrying amounts. 

Transactions with former Parent recognized in our consolidated statements of changes in stockholders’ equity resulted from the settlement of and carve out adjustments related to transactions with and allocations from our former Parent. 

Sale of Brainspace 

On September 30, 2020, Legacy Appgate adopted a plan for the sale of Brainspace Corporation (“Brainspace”), which met the criteria for discontinued operations under ASC Topic 205-20, Presentation of Financial Statements – Discontinued Operations – see Note 5 for discontinued operations disclosures. Legacy Appgate executed a securities purchase agreement with respect to the sale of 100% of the outstanding equity interests of Brainspace for cash consideration of $125.0 million on December 17, 2020, and the sale transaction closed on January 20, 2021. Brainspace offered a comprehensive and advanced data analytics platform for investigations, eDiscovery, intelligence mining, and compliance. 

Basis of Presentation 

The accompanying consolidated financial statements have been prepared in accordance with United States generally accepted accounting principles (“GAAP”). All references to “$” or “dollars” are to the currency of the United

83

Appgate, Inc.

Notes to Consolidated Financial Statements

States (“U.S.”) unless otherwise indicated. We operate on a calendar year basis. References to 2022, for example, refer to our year ended December 31, 2022. 

Principles of Consolidation 

The consolidated financial statements include the accounts of Appgate and the accounts of entities in which Appgate has a controlling financial interest, the usual condition of which is ownership of a majority voting interest. All material intercompany balances and transactions have been eliminated in consolidation.

Use of Estimates 

The preparation of consolidated financial statements in conformity with GAAP requires management to make estimates, judgments and assumptions that affect the amounts reported and disclosed in the financial statements and accompanying notes. Such estimates include, but are not limited to, the determination of revenue recognition, deferred revenue, deferred contract acquisition costs, valuation of goodwill and acquired intangible assets, the period of benefit generated from our deferred contract acquisition costs, allowance for doubtful accounts, valuation of equity awards, useful lives of property and equipment, useful lives of acquired intangible assets, valuation of deferred tax assets and liabilities, fair value of our debt and the embedded derivative liability, and the discount rate used for operating leases. Management determines these estimates and assumptions based on historical experience and on various other assumptions that are believed to be reasonable. Actual results could differ significantly from these estimates, and such differences may be material to the consolidated financial statements. 

Liquidity and Going Concern 

The accompanying consolidated financial statements have been prepared assuming the Company will continue as a going concern. The going concern basis of presentation assumes that the Company will continue in operation one year after the date these financial statements are issued and will be able to realize its assets and discharge its liabilities and commitments in the normal course of business.

Pursuant to the requirements of ASC Topic 205-40, Disclosure of Uncertainties about an Entity’s Ability to Continue as a Going Concern, management must evaluate whether there are conditions or events, considered in the aggregate, that raise substantial doubt about the Company’s ability to continue as a going concern for one year from the date these financial statements are issued. This evaluation does not take into consideration the potential mitigating effect of management’s plans that have not been fully implemented or are not within control of the Company as of the date the financial statements are issued. When substantial doubt exists under this methodology, management evaluates whether the mitigating effect of its plans sufficiently alleviates substantial doubt about the Company’s ability to continue as a going concern. The mitigating effect of management’s plans, however, is only considered if both (1) it is probable that the plans will be effectively implemented within one year after the date that the financial statements are issued, and (2) it is probable that the plans, when implemented, will mitigate the relevant conditions or events that raise substantial doubt about the entity’s ability to continue as a going concern within one year after the date that the financial statements are issued.

The Company had cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility (as defined in Note 11) of $11.5 million and $3.5 million, respectively, at December 31, 2022, a loss from continuing operations of $80.1 million for the year ended December 31, 2022, and an accumulated deficit of $546.1 million at December 31, 2022. Current economic and market conditions have put pressure on our growth plans. The Company’s ability to continue as a going concern is dependent on its ability to obtain additional capital. The Company believes that its current level of cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility are not sufficient to continue investing in growth, while at the same time meeting its obligations as they become due. These conditions raise substantial doubt regarding our ability to continue as a going concern for a period of at least one year from the date of issuance of these audited consolidated financial statements. In an effort to alleviate these conditions, management is currently evaluating various cost reduction and other alternatives and may seek to raise additional funds (in excess of the funds available to the Company under the Revolving Credit Facility) through the issuance of equity, mezzanine or debt securities, through arrangements with strategic partners, through obtaining credit from financial institutions or otherwise. The Company implemented two reductions in force in July 2022 and February 2023 as well as several other cost reduction initiatives, but, as of the date of issuance of these audited consolidated financial statements, does not have any additional funding commitment in place. The actual amount that we may be able to raise under these

84

Appgate, Inc.

Notes to Consolidated Financial Statements

alternatives will depend on market conditions and other factors, as well as limitations under our Note Issuance Agreement and the Revolving Credit Agreement (as defined in Note 11). As we seek additional sources of financing, there can be no assurance that such financing would be available to us on favorable terms or at all. Our ability to obtain additional financing in the debt and equity capital markets is subject to several factors, including market and economic conditions, our performance and investor sentiment with respect to us and our industry. As a result of these uncertainties, and notwithstanding management’s plans and efforts to date, there is substantial doubt about our ability to continue as a going concern.

Foreign Currency 

Our reporting currency is the U.S. dollar. The functional currency of our foreign subsidiaries is generally the currency of the economic environment in which a particular subsidiary primarily operates. Accordingly, monetary assets and liabilities of our foreign subsidiaries are re-measured into U.S. dollars at the exchange rates in effect at the reporting date, non-monetary assets and liabilities are re-measured at historical rates, and revenue and expenses are re-measured at average exchange rates in effect during each reporting period. The effects of translation adjustments are reported as a component of accumulated other comprehensive income (loss) in the consolidated statements of stockholders’ equity. Foreign currency transaction gains and losses are recorded in other expense, net in the consolidated statements of operations. We recognized re-measurement losses of $0.1 million and $0.4 million in 2022 and 2021, respectively.

Financial Instruments and Concentrations of Credit Risk 

Financial instruments that potentially subject the Company to concentrations of credit risk consist of cash and cash equivalents, accounts receivable and contract assets. Our cash and cash equivalents and restricted bank deposits are invested with major banks in the United States, Latin America, Europe and Asia. Generally, these investments may be redeemed upon demand, and we believe that the financial institutions that hold our cash deposits are financially sound and, accordingly, subject us to minimal credit risk. 

Our trade receivables and contract assets are derived from sales to a diverse set of customers located in the following main geographical regions: United States and Canada (“US&C”); Latin America (“LATAM”); Europe, the Middle East and Africa (“EMEA”); and Asia Pacific (“APAC”). Concentration of credit risk with respect to trade receivables is mitigated by credit limits, ongoing credit evaluation and account monitoring procedures. 

As of December 31, 2022 and 2021, none of our customers (including resellers and managed service providers) comprised more than 10% of our accounts receivable, net.

Segment Information

We operate as one reportable and operating segment. Our chief operating decision maker is our chief executive officer, who reviews financial information presented on a consolidated basis for purposes of making operating decisions, assessing financial performance and allocating resources.

Revenue Recognition 

We primarily sell our software through on-premise term-based license agreements, perpetual license agreements and SaaS subscriptions, which allow our customers to use our SaaS services without taking possession of the software. Our products offer substantially the same functionality whether our customers receive them through a perpetual or term-based license or a SaaS arrangement. Our agreements with customers for software licenses may include maintenance contracts and may also include professional services contracts. Maintenance revenues consist of fees for providing unspecified software updates and technical support for our products for a specified term, which is typically one to three years. We offer a portfolio of professional services and extended support contract options to assist our customers with integration, optimization, training and ongoing advanced technical support. We also generate revenue from threat advisory services, including penetration testing, application assessments, vulnerability analysis, reverse engineering, architecture review and source code review.

Under ASC Topic 606, Revenue from Contracts with Customers, we recognize revenue when the customer obtains control of the promised goods or services in an amount that reflects the consideration that we expect to receive in exchange

85

Appgate, Inc.

Notes to Consolidated Financial Statements

for those goods or services. Our contracts include varying terms and conditions and identifying and evaluating the impact of these terms and conditions on revenue recognition requires significant judgment. In determining the appropriate amount of revenue to be recognized as we fulfill our obligations under each of our agreements, we perform the following steps: 

(i) identification of the contract with a customer; 

We enter into contracts with customers through order forms, which in some cases are governed by master sales agreements. We determine that we have a contract with a customer when the order form has been approved by us, each party’s rights regarding the products or services to be transferred can be identified, the payment terms for the services can be identified, we have determined that the customer has the ability and intent to pay and the contract has commercial substance. We apply judgment in determining the customer’s ability and intent to pay, which is based on a variety of factors, including the customer’s historical payment experience or, in the case of a new customer, credit, reputation and financial or other information pertaining to the customer. At contract inception, we evaluate whether two or more contracts should be combined and accounted for as a single contract and whether the combined or single contract includes more than one performance obligation. We also evaluate termination rights at contract inception to determine the impact, if any, on the contractual term.

(ii) determination of whether the promised goods or services are performance obligations;

Performance obligations promised in a contract are identified based on the products and services that will be transferred to the customer that are both capable of being distinct, whereby the customer can benefit from the products or services either on their own or together with other resources that are readily available from third parties or from us, and are distinct in the context of the contract, whereby the transfer of the products and services is separately identifiable from other promises in the contract.

Our term-based license arrangements include both an obligation to provide the right to use our software, as well as an obligation to provide support and maintenance for the duration of the term. Our perpetual software licenses include the perpetual obligation to provide the right to use our software and may include an obligation to provide support and maintenance for a limited period of time. Our SaaS products provide access to SaaS services as well as support, which we consider to be a single performance obligation.

Services-related performance obligations relate to software installation and the provision of consulting and training services. Software-installation services are distinct from subscriptions and do not result in significant customization of the software.

We have concluded that our contracts with customers do not contain warranties that give rise to a separate performance obligation.

(iii) measurement of the transaction price;

The transaction price is the amount of consideration we expect to be entitled to receive in exchange for transferring our products and services to a customer, excluding amounts collected on behalf of third parties. The consideration promised in our contracts with customers may include fixed amounts, variable amounts, or both.

(iv) allocation of the transaction price to the performance obligations; and

If the contract contains a single performance obligation, the entire transaction price is allocated to the single performance obligation. For contracts that contain multiple distinct performance obligations, we allocate the transaction price to each performance obligation based on a relative standalone selling price (“SSP”). We determine the transaction price with reference to the SSP of the various performance obligations inherent within a contract. The SSP is determined based on the prices at which we separately sell these products, assuming the majority of these fall within a pricing range. In instances where SSP is not directly observable, such as when we do not sell the software license separately, we derive the SSP utilizing market conditions and other factors, including customer type, market conditions and pricing objectives, historical sales data, and negotiated discounts from price lists, if any, that can require significant judgement.

86

Appgate, Inc.

Notes to Consolidated Financial Statements

(v) recognition of revenue when the Company satisfies each performance obligation;

Revenue is recognized at the time the related performance obligation is satisfied by transferring the promised product or service to the customer. Our term-based and perpetual license arrangements generally include both upfront revenue recognition when the distinct license is made available to the customer, as well as revenue recognized ratably over the contract period for support and maintenance based on the stand-ready nature of these elements. Further, revenue on our SaaS arrangements is generally recognized ratably over the contract period as we satisfy the performance obligation, beginning on the date our service is made available to our customers.

However, certain of our on-premise license arrangements and certain of our SaaS arrangements contain usage-based fees. Revenues from usage-based arrangements for distinct on-premise licenses and SaaS subscriptions are recognized as the end user usage occurs under practical expedient ASC 606-10-55-18. For usage-based arrangements with a fixed minimum guarantee amount, the minimum amount is generally recognized upfront when the software is made available to the customer.

Professional services and other revenue consist primarily of fees from professional services provided to our customers and partners to configure and optimize the use of our solutions, as well as training services related to the configuration and operation of our solutions. Our professional services are generally priced on a time and materials basis, which is generally invoiced monthly and for which revenue is recognized as the services are performed. Revenue from our training services and sponsorship fees is recognized on the date the services are complete.

We generate sales directly through our sales team and through our channel partners. Sales to channel partners are made at a discount, and revenues are recorded at this discounted price once all of the revenue recognition criteria above are met. To the extent that we offer rebates, incentives or joint marketing funds to such channel partners, recorded revenues are reduced by those amounts. Channel partners generally receive an order from an end-customer prior to placing an order with us. Payment from channel partners is generally not contingent on the partner’s collection from end-customers. We are generally the party primarily responsible for fulfilling the promise to provide the specified good or service to the end customer. Accordingly, for sales through our channel partners, we generally are considered the principal to the end customer and thus, we report revenue on a gross basis.

Any sales taxes collected from customers and remitted directly to government authorities are excluded from revenue and cost of sales.

Incremental Costs to Obtain a Contract with a Customer

We capitalize incremental costs associated with obtaining customer contracts, specifically certain commission payments. We pay commissions based on contract value upon signing a new arrangement with a customer and upon renewal and upgrades of existing contracts with customers only if the renewal and upgrades result in an incremental increase in contract value. We also incur commission expense on an ongoing basis based upon revenue recognized. In these cases, no incremental costs are deferred, as the commissions are earned and expensed in the same period for which the associated revenue is recognized. Based on the nature of our technology and services, and the rate at which we continually enhance and update our technology, the expected life of the customer arrangement is determined to be approximately five years. Commissions for new arrangements and incremental renewals are both amortized over approximately five years. Amortization is primarily included in sales and marketing expense in the consolidated statements of operations. The current portion of deferred commission and incentive payments is included in deferred contract acquisitions costs, current, and the long-term portion is included in deferred contract acquisition costs, noncurrent on our consolidated balance sheets.

Accounts Receivable and Allowance 

Accounts receivable are recorded at the invoiced amount and are non-interest bearing. Accounts receivable are stated at their realizable value, net of an allowance for doubtful accounts. We have a well-established collections history from our customers. Credit is extended to customers based on an evaluation of their financial condition and other factors. In determining the necessary allowance for doubtful accounts, management considers the current aging and financial condition of our customers, the amount of receivables in dispute and current payment patterns. The allowance for doubtful accounts has historically not been material. We do not have any off-balance-sheet credit exposure related to our customers. 

87

Appgate, Inc.

Notes to Consolidated Financial Statements

Cash Equivalents

We classify all highly liquid instruments with an original maturity of three months or less as cash equivalents.

Restricted Cash

Restricted cash consists of amounts invested in guaranteed investment certificates, which are required as collateral for the Company’s letters of credit.

Fair Value Measurements

Fair value is defined as the price that would be received to sell an asset or paid to transfer a liability in an orderly transaction between market participants in the principal market, or if none exists, the most advantageous market, for the specific asset or liability at the measurement date (the exit price). The fair value is based on assumptions that market participants would use when pricing the asset or liability. The fair values are assigned a level within the fair value hierarchy, depending on the source of the inputs to the calculation, as follows:

Level 1 - Observable inputs that reflect quoted prices (unadjusted) for identical assets or liabilities in active markets.

Level 2 - Inputs other than quoted prices included in Level 1 that are observable for the asset or liability either directly or indirectly.

Level 3 - Unobservable inputs reflecting management’s own assumptions about the inputs used in pricing the asset or liability. 

Property and Equipment, Net

Property and equipment, net is stated at historical cost net of accumulated depreciation. Property and equipment, excluding leasehold improvements, are depreciated using the straight-line method over the estimated useful lives of the respective assets, generally ranging from three to seven years. Leasehold improvements are amortized using the straight-line method over the shorter of the estimated useful lives of the respective assets or the lease term.

Expenditures for maintenance and repairs are expensed as incurred and significant improvements and betterments that substantially enhance the life of an asset are capitalized.

Software Development Costs

Research and development costs for software to be sold, leased or marketed are expensed as incurred up to the point of technological feasibility for the related software product. We have not capitalized development costs for software to be sold, leased or marketed to date, as the software development process is essentially completed concurrently with the establishment of technological feasibility. As such, these costs are expensed as incurred and recognized in research and development costs in the consolidated statements of operations.

Software developed for internal use, with no substantive plans to market such software at the time of development, are capitalized and included in property and equipment, net in the consolidated balance sheets. Costs incurred during the preliminary planning and evaluation and post implementation stages of the project are expensed as incurred. Costs incurred during the application development stage of the project are capitalized.

Business Combinations

We account for our business combinations using the acquisition method of accounting, which requires, among other things, allocation of the fair value of purchase consideration to the tangible and intangible assets acquired and liabilities assumed at their estimated fair values on the acquisition date. The excess of the fair value of purchase consideration over the values of these identifiable assets and liabilities is recorded as goodwill. When determining the fair value of assets acquired and liabilities assumed, we make estimates and assumptions, especially with respect to intangible

88

Appgate, Inc.

Notes to Consolidated Financial Statements

assets. Our estimates of fair value are based upon assumptions believed to be reasonable, but which are inherently uncertain and unpredictable and, as a result, actual results may differ materially from estimates. During the measurement period, not to exceed one year from the date of acquisition, we may record adjustments to the assets acquired and liabilities assumed, with a corresponding offset to goodwill if new information is obtained related to facts and circumstances that existed on the acquisition date. After the measurement period, any subsequent adjustments are reflected in the consolidated statements of operations. Acquisition costs, such as legal and consulting fees, are expensed as incurred.

Goodwill and Other Long-Lived Assets, including Acquired Intangible Assets

Goodwill represents the excess of the fair value of purchase consideration in a business combination over the fair value of net tangible and intangible assets acquired. Goodwill amounts are not amortized, but rather tested for impairment at least annually or more often if circumstances indicate that the carrying value may not be recoverable. Upon the Cyxtera Spin-Off, our opening carve-out consolidated financial statements included the goodwill balances carried over from Cyxtera in connection with Cyxtera’s acquisition of the entities that formed Legacy Appgate, less impairments.

Acquired intangible assets consist of identifiable intangible assets, including developed technology, trademarks and tradenames, and customer relationships, resulting from business combinations. Acquired finite-lived intangible assets are initially recorded at fair value and are amortized on a straight-line basis over their estimated useful lives. Amortization expense of trademarks and tradenames, and customer relationships is recorded primarily within depreciation and amortization in the consolidated statements of operations. Amortization expense of developed technology is recorded within cost of revenue in the consolidated statements of operations.

Long-lived assets, such as property and equipment, right-of-use assets and acquired intangible assets, are reviewed for impairment whenever events or changes in circumstances indicate that their carrying amounts may not be recoverable. We measure the recoverability of these assets by comparing the carrying amounts to the future undiscounted cash flows that these assets are expected to generate. If the total of the future undiscounted cash flows are less than the carrying amount of an asset, we record an impairment charge for the amount by which the carrying amount of the asset exceeds the fair value. No impairment of long-lived assets was recorded during 2022 or 2021.

Assets Held for Sale

We consider assets to be held for sale when management, with appropriate authority, approves and commits to a formal plan to actively market the assets for sale at a price reasonable in relation to their estimated fair value, the assets are available for immediate sale in their present condition, an active program to locate a buyer has been initiated, the sale of the assets is probable and expected to be completed within one year and it is unlikely that significant changes will be made to the plan. Upon designation as held for sale, we record the assets at the lower of their carrying value or their estimated fair value, reduced for the cost to dispose the assets, and cease to record depreciation and amortization expenses on the assets.

Assets and liabilities of a discontinued operation are reclassified for all comparative periods presented in the consolidated balance sheet. Refer to Note 5 – Discontinued Operations for additional information regarding our assets and liabilities held for sale.

Discontinued Operations

We report financial results for discontinued operations separately from continuing operations to distinguish the financial impact of disposal transactions from ongoing operations. Discontinued operations reporting occurs only when the disposal of a component or a group of components of the Company (i) meets the held-for-sale classification criteria, is disposed of by sale, or disposed of other than by sale, and (ii) represents a strategic shift that will have a major effect on our operations and financial results. The results of operations and cash flows of a discontinued operation are restated for all comparative periods presented. Unless otherwise noted, discussion in the notes to our consolidated financial statements refers to the Company’s continuing operations only. Refer to Note 5 – Discontinued Operations for additional information regarding our discontinued operations.

89

Appgate, Inc.

Notes to Consolidated Financial Statements

Operating and Finance Leases

We enter into operating lease arrangements for real estate assets related to office space and colocation assets related to space and racks at data center facilities. Operating leases related balances are included in “operating lease right-of-use assets,” “operating lease liabilities, current,” and “operating lease liabilities, noncurrent” in our consolidated balance sheets. Right-of-use assets represent our right to use an underlying asset for the lease term and lease liabilities represent our obligation to make payments arising from the lease. 

We determine if an arrangement contains a lease at inception based on whether there is an identified asset and whether the Company controls the use of the identified asset throughout the period of use. We classify leases as either financing or operating. Our finance leases were not significant to any of the periods presented. Operating lease right-of-use assets and lease liabilities are recognized at the lease commencement date based on the present value of lease payments over the lease term. Lease payments consist of the fixed payments under the arrangement. Variable costs, such as maintenance and utilities based on actual usage, are not included in the measurement of right-to-use assets and lease liabilities but are expensed and disclosed when the event determining the amount of variable consideration to be paid occurs.

As the implicit rate of our leases is not determinable, we use an incremental borrowing rate to determine the value of lease obligations. The incremental borrowing rate represents the rate of interest that would be paid to borrow on a collateralized basis over a similar term. The Company determines its incremental borrowing rate based on information available as of the lease commencement date, including applicable lease terms and the current economic environment. The lease expense is recognized on a straight-line basis over the lease term.

We generally use the base, non-cancelable lease term when recognizing the right-of-use assets and lease liabilities, unless it is reasonably certain that a renewal or termination option will be exercised. We account for lease components and non-lease components as a single lease component for all classes of underlying assets. Right-of-use assets are assessed for impairments consistent with our long-lived asset policy.

Leases with a term of twelve months or less are deemed short-term leases and are not recognized on the consolidated balance sheets for all classes of underlying assets. We recognize lease expense for these leases on a straight-line basis over the term of the lease and provide appropriate disclosures.

Debt Issuance Costs and Fees

Debt issuance costs and fees are capitalized and amortized over the term of the related loans based on the effective interest method. Such amortization is a component of interest expense, net on the consolidated statements of operations. Debt issuance costs related to outstanding debt are presented as a reduction of the carrying amount of the debt liability on our consolidated balance sheets.

Derivatives

We do not use derivative instruments to hedge exposures to cash flow, market, or foreign currency risks. We evaluate all of our financial instruments to determine if such instruments are derivatives or contain features that qualify as embedded derivatives, pursuant to ASC 480, Distinguishing Liabilities from Equity, and ASC 815, Derivatives and Hedging (“ASC 815”). The classification of derivative instruments, including whether such instruments should be recorded as liabilities or as equity, is re-assessed at the end of each reporting period.

As described in Note 11, we have determined that the conversion feature under our Convertible Senior Notes (as defined in Note 11) requires bifurcation from the debt host agreement in accordance with ASC 815. Accordingly, we recognize a derivative liability at fair value for this instrument in our consolidated balance sheet and adjust the carrying value of the liability to fair value at each reporting period until the conversion feature underlying the instrument is exercised, redeemed, cancelled or expires. The changes in fair value are recorded as other expense in our consolidated statement of operations.

90

Appgate, Inc.

Notes to Consolidated Financial Statements

Equity-based Compensation

Certain employees of Appgate and its affiliates have received profit-interest units (“PIU”), restricted stock units (“RSUs”) and phantom stock units (“PSUs”). Compensation expense related to these awards is based on the fair value of the underlying units or stock on the grant date. For additional information regarding equity-based compensation, see Note 14 – Profit Interest Units of SIS Holdings LP and Note 15 – Appgate, Inc. 2021 Incentive Compensation Plan.

Research and Development

Our research and development expenses support our efforts to add new features to our existing offerings and to ensure the reliability, availability and scalability of our solutions. Our research and development teams employ software engineers in the design and the related development, testing, certification and support of our solutions. Accordingly, the majority of our research and development expenses result from employee-related costs, including salaries, bonuses and benefits and costs associated with technology tools used by our engineers.

Advertising Expenses

Advertising expenses are charged to sales and marketing expense in the consolidated statements of operations as incurred. We recognized advertising expense of $1.2 million and $1.0 million in 2022 and 2021, respectively.

Income Taxes

Through December 31, 2019, the operations of Legacy Appgate were included in the consolidated U.S. federal, state, local and foreign income tax returns, filed by Cyxtera, where applicable. In jurisdictions in which we were included in Cyxtera’s tax returns, any income taxes payable/receivable resulting from the related income tax provisions have been reflected in the balance sheets of each separate entity’s provision. See Note 4 – Transactions with Former Parent – Cyxtera.

We account for income taxes using the asset and liability method. Deferred income taxes are recognized by applying the enacted statutory tax rates applicable to future years to differences between the carrying amounts of existing assets and liabilities and their respective tax bases and net operating loss and tax credit carryforwards. The effect on deferred tax assets and liabilities of a change in tax rates is recognized in the period that includes the enactment date. The measurement of deferred tax assets is reduced, if necessary, by a valuation allowance to amounts that are more likely than not to be realized.

We recognize tax benefits from uncertain tax positions only if we believe that it is more likely than not that the tax position will be sustained on examination by the taxing authorities based on the technical merits of the position. The tax benefits recognized in the financial statements from such positions are then measured based on the largest benefit that has a greater than 50% likelihood of being realized upon settlement.

On December 22, 2017, the U.S. Tax Cuts and Jobs Act of 2017 (the “Tax Act”) was signed into law. The Tax Act revised U.S. corporate income tax law by, among other things, reducing the U.S. federal corporate income tax rate to 21 percent, imposed a minimum tax on foreign earnings related to intangible assets called global intangible low-taxed income (“GILTI”), a one-time transition tax on previously unremitted foreign earnings, and modified the taxation of other income and expense items. With regards to the GILTI minimum tax, foreign earnings are reduced by the profit attributable to tangible assets and a deductible allowance of up to 50 percent, subject to annual limitations. For GILTI, we have elected to account for the impact of the minimum tax as a period cost when incurred. The effects of the Tax Act on the measurement of deferred tax assets and liabilities and other aspects of our income tax provision are described in greater detail in Note 18 – Income Taxes.

Comprehensive Loss

Comprehensive loss consists of two components, net loss and other comprehensive loss. Other comprehensive loss refers to unrealized foreign currency gains or losses that are recorded as an element of stockholders’ deficit and are excluded from net loss.

91

Appgate, Inc.

Notes to Consolidated Financial Statements

(Loss) Income Per Common Share

As described earlier, on October 12, 2021, Legacy Appgate completed the Merger. In accordance with applicable guidance, the equity structure of Legacy Appgate has been restated in all comparative periods up to the closing date of the Merger to reflect the number of shares of Appgate’s common stock, $0.001 par value per share, issued to Legacy Appgate’s sole shareholder in connection with the Merger. As such, the shares and corresponding capital amounts and earnings per share related to Newtown common stock prior to the Merger have been retroactively restated to reflect the new equity structure of Appgate post-Merger.

Recently Adopted Accounting Pronouncements

In August 2020, the Financial Accounting Standards Board (“FASB”) issued Accounting Standards Update (“ASU”) No. 2020-06, Debt-Debt with Conversion and Other Options (Subtopic 470-20) and Derivatives and Hedging – Contracts in Entity’s Own Equity (Subtopic 815-40): Accounting for Convertible Instruments and Contracts in an Entity’s Own Equity, designed to reduce the complexity and improve comparability of financial reporting associated with accounting for convertible instruments and contracts in an entity’s own equity. Key changes in the ASU include: 

•Convertible debt will no longer be bifurcated into debt and equity for most convertible securities, thus improving the GAAP interest expense treatment;

•Precludes the use of the treasury stock method for convertible securities with flexible settlement with net share settlement intent;

•Removes the following features required for equity contracts to be exempt from derivative accounting: (a) to consider whether a contract would be settled in registered shares, (b) to consider whether collateral is required to be posted and (c) to assess shareholder rights;

•Enhances information transparency by making targeted improvements to disclosure for convertible instruments and earnings-per share guidance; and

•Clarifies that an average market price for a given reporting period (and not the quarter-end stock price) should be used to calculate any in-the-money share dilution.

The ASU allows entities to adopt the guidance through either a modified retrospective method (i.e., applying changes on an ongoing basis) or fully retrospective method (i.e., applying changes retrospectively). The new standard is effective for smaller reporting companies defined for fiscal years beginning after December 15, 2023, including the interim periods within those fiscal years. Early adoption is permitted for fiscal years beginning after December 15, 2020, including interim periods. We adopted this standard on January 1, 2021. The adoption of this standard did not have a material impact to our consolidated financial statements.

In December 2019, the FASB issued ASU No. 2019-12, Income Taxes (Topic 740) (“ASU 2019-12”): Simplifying the Accounting for Income Taxes. The new standard eliminates certain exceptions related to the approach for intraperiod tax allocation, the methodology for calculating income taxes in an interim period, and the recognition of deferred tax liabilities for outside basis differences related to changes in ownership of equity method investments and foreign subsidiaries. The guidance also simplifies aspects of accounting for franchise taxes and enacted changes in tax laws or rates and clarifies the accounting for transactions that result in a step-up in the tax basis of goodwill. For public business entities, it is effective for fiscal years beginning after December 15, 2020, including interim periods within those fiscal years. Early adoption is permitted. We adopted this standard on January 1, 2021. The adoption of this standard did not have a material impact to our consolidated financial statements.

Recently Issued Accounting Pronouncements Not Yet Adopted

In June 2016, the FASB issued ASU No. 2016-13, Financial Instruments-Credit Losses (Topic 326): Measurement of Credit Losses on Financial Instruments. This standard amends guidance on reporting credit losses for assets held at amortized cost basis and available-for-sale debt securities to require that credit losses on available-for-sale debt securities be presented as an allowance rather than as a write-down. The measurement of credit losses for newly

92

Appgate, Inc.

Notes to Consolidated Financial Statements

recognized financial assets and subsequent changes in the allowance for credit losses are recorded in the statements of operations. This standard is effective for smaller reporting companies for fiscal years beginning after December 15, 2022, with early adoption permitted. We adopted this standard effective January 1, 2023 using the modified retrospective transition method. The adoption of this standard did not have a material impact to our consolidated financial statements.

Note 2. Merger Transaction

On October 12, 2021, Legacy Appgate completed the Merger. Upon consummation of the Merger, Newtown issued 117,149,920 shares of its common stock to SIS Holdings, the sole stockholder of Legacy Appgate as of immediately prior to the closing, in exchange for all outstanding shares of Legacy Appgate common stock.

In connection with the Merger, Newtown issued 666,667 shares of Newtown common stock to an advisor of Newtown (the “Advisor”) and one or more existing stockholders of Newtown contributed 666,667 shares of Newtown common stock to Newtown. On October 12, 2021, in connection with closing, Newtown entered into a supplemental agreement (the “Supplemental Agreement”) with Legacy Appgate and Magnetar, as representative of the holders of the Convertible Senior Notes (as defined in Note 11), pursuant to which Newtown, among other things, unconditionally guaranteed all of Legacy Appgate’s Obligations (as defined in the Note Issuance Agreement described and defined in Note 11), including the Convertible Senior Notes, and assumed all of Legacy Appgate’s Conversion Obligations and Change of Control Conversion Obligations (each as defined in the Note Issuance Agreement).

Immediately after giving effect to the Merger and assuming no conversion of the Convertible Senior Notes and no issuance of shares under the 2021 Plan (as defined in Note 15), the holders of Newtown’s common stock as of immediately prior to the closing of the Merger, together with the Advisor, own an aggregate of approximately 11% of the Company’s common stock and SIS Holdings, the sole stockholder of Legacy Appgate as of immediately prior to the closing of the Merger, owns an aggregate of approximately 89% of the Company’s common stock. The accumulated deficit of Newtown was eliminated to reflect the legal capitalization of the combined entity upon the completion of the Merger.

As a result of the Merger, SIS Holdings became the controlling stockholder of the Company. Accordingly, the Merger of Newtown’s wholly owned subsidiary, Merger Sub, with and into Legacy Appgate was a reverse merger that was accounted for as a recapitalization of Legacy Appgate. As described in Note 1, upon completion of the Merger, Newtown changed its name to Appgate, Inc.

A summary of the current assets that were acquired and current liabilities assumed in the reverse merger transaction is as follows (in thousands):

Current assets:
Cash	$	9
Total current assets	9
Current liabilities:
Accounts payable and accrued expenses	1,093
Convertible notes payable - Related Party	367
Due to unrelated party	167
Total current liabilities	1,627
Net current liabilities	$	(1,618)

Upon completion of the Merger, the settlement of all net liabilities of Newtown was treated as a direct reduction from the recapitalization transaction in Appgate’s additional paid-in capital.

Note 3. Income (Loss) per Common Share

Basic loss per common share is computed by dividing net loss (the numerator) by the weighted-average number of shares of common stock outstanding (the denominator) for the period. Diluted loss per common share assumes that any

93

Appgate, Inc.

Notes to Consolidated Financial Statements

dilutive equity instruments were exercised with outstanding common stock adjusted accordingly when the conversion of such instruments would be dilutive.

The Company's potential dilutive shares consist of 10,982,805 shares of Appgate’s common stock underlying the Convertible Senior Notes that is convertible at any time at the option of the holders of the Convertible Senior Notes prior to their maturity - see Note 11. These potentially dilutive shares have been excluded from diluted (loss) income per share for 2021 as the effect would be to reduce the net loss per share and have an anti-dilutive effect. Therefore, the weighted-average number of common shares outstanding used to calculate both basic and diluted net loss per share is the same in 2021.

Weighted average shares of common stock outstanding has been retroactively restated for the equivalent number of shares received by the accounting acquirer as a result of the Merger as if these shares had been outstanding as of the beginning of the earliest period presented.

The following table summarizes the basic and diluted earnings per share calculations (in thousands, except per share amounts):

	2022		2021		2022		2021
	Continuing operations				Discontinued operations
Numerator:
Net (loss) income attributable to common stockholders - basic	$	(30,085)	$	(138,842)	$	—	$	65,714
Add: Effect of mark-to-market adjustment recognized during the period	(58,797)		78,497		—		—
Net (loss) income attributable to common stockholders - diluted	$	(88,882)	$	(60,345)	$	—	$	65,714
Denominator:
Weighted-average shares of common stock - basic	131,793,660		39,951,865		131,793,660		39,951,865
Effect from conversion of shares of common stock under the Convertible Senior Notes (Note 11)	10,982,805		10,982,805		10,982,805		10,982,805
Weighted-average shares of common stock - diluted	142,776,465		50,934,670		142,776,465		50,934,670
Basic earnings per share	$	(0.23)	$	(3.48)	$	—	$	1.64
Diluted earnings per share	$	(0.62)	$	(3.48)	$	—	$	1.64

Note 4. Transactions with Former Parent – Cyxtera

As discussed in Note 1, on December 31, 2019, Cyxtera consummated the Cyxtera Spin-Off, following which Legacy Appgate became a stand-alone entity. The transaction separated Cyxtera’s data center business from Legacy Appgate’s cybersecurity business. Over time, Legacy Appgate has entered into several agreements and transactions with Cyxtera (and/or one or more of its subsidiaries), SIS Holdings and certain equity owners of SIS Holdings. These agreements, relationships and transactions are described below.

Service Provider Fees

In connection with the formation of Cyxtera in 2017, certain equity owners of SIS Holdings and/or affiliates thereof (collectively, the “Service Providers”) entered into a Services Agreement (the “Services Agreement”) with Cyxtera and all of Cyxtera’s subsidiaries and controlled affiliates as of such date, including Legacy Appgate (collectively, the “Company Group”). Under the Services Agreement, the Service Providers agreed to provide certain executive and management, financial, consulting, human resources and advisory services as requested by members of the Company Group from time to time. Pursuant to the Services Agreement, the Company Group also agreed to pay the Service Providers an annual service fee in the aggregate amount of $1.0 million in equal quarterly installments. The Service

94

Appgate, Inc.

Notes to Consolidated Financial Statements

Providers waived all fees under the Services Agreement for 2021. The Services Agreement was terminated on July 29, 2021.

Cyxtera Management Inc. Intercompany Master Services Agreement Fee

Also in connection with the formation of Cyxtera in 2017, the Company Group entered into an Intercompany Master Services Agreement (the “Intercompany Master Services Agreement”). Under the Intercompany Master Services Agreement, Cyxtera Management, Inc., a wholly owned subsidiary of Cyxtera (the “Management Company”), agreed to provide certain services to other members of the Company Group from time to time, including financial, accounting, administrative, facilities and other services. No amounts were allocated to Legacy Appgate under the Intercompany Master Services Agreement in 2021. The Intercompany Master Services Agreement was terminated on July 29, 2021.

Cyxtera Management Inc. Transition Services Agreement 

Upon consummation of the Cyxtera Spin-Off, Legacy Appgate and the Management Company entered into a transition services agreement (the “Transition Services Agreement”), pursuant to which the Management Company provided certain transition services to us, and we provided certain transition services to the Management Company. The term under the Transition Services Agreement commenced on January 1, 2020 and ended on June 30, 2021. Substantially all of the obligations under the Transition Services Agreement ceased on December 31, 2020. During 2021, the Management Company charged Legacy Appgate $0.1 million for services rendered under the Transition Services Agreement. Costs incurred under the Transition Services Agreement are included in general and administrative expenses in the consolidated statement of operations for 2021. During 2021, Legacy Appgate charged the Management Company $0.1 million of fees for services provided to the Management Company and its affiliates by Legacy Appgate under the Transition Services Agreement. Income for these services is included in other expenses, net in the consolidated statement of operations for 2021.

Promissory Notes

On March 31, 2019, Legacy Appgate issued promissory notes to each of Cyxtera and the Management Company (together, the “Promissory Notes”) evidencing funds borrowed at such time by Legacy Appgate from each of Cyxtera and the Management Company, as well as potential future borrowings. The Promissory Notes had a combined initial aggregate principal amount of $95.2 million and provided for additional borrowings during the term of the Promissory Notes for additional amounts not to exceed approximately $52.5 million in the aggregate (approximately $147.7 million including the initial aggregate principal amount). Interest accrued on the unpaid principal balance of the Promissory Notes at a rate per annum equal to 3%; provided, that with respect to any day during the period from the date of the Promissory Notes through December 31, 2019, interest was calculated assuming that the unpaid principal balance of the Promissory Notes on such day was the unpaid principal amount of the notes on the last calendar day of the quarter in which such day occurs. Interest was payable upon the maturity date of the Promissory Notes. Each of the Promissory Notes had an initial maturity date of March 30, 2020 and was extended through March 30, 2021 by amendments entered into effective as of March 30, 2020.

During 2021, we recognized $0.5 million of interest expense on the Promissory Notes.

On February 8, 2021, Legacy Appgate repaid Cyxtera $20.6 million, representing the entirety of the then outstanding principal and interest under the Promissory Note held by Cyxtera, and Legacy Appgate made a partial repayment of $99.0 million to the Management Company on the then outstanding principal and interest of $133.6 million under the Promissory Note held by the Management Company. On that same date, the Management Company issued Legacy Appgate a payoff letter, extinguishing the balance remaining unpaid following such repayment. Because Cyxtera was Legacy Appgate’s direct parent at the time of issuance of the Promissory Notes and an affiliate under common control with Legacy Appgate at the time of repayment, we recognized the note extinguishment of $34.6 million as a capital contribution in 2021.

Note 5. Discontinued Operations

As stated in Note 1, on January 20, 2021, Legacy Appgate completed the sale of 100% of the outstanding equity interests of its formerly wholly owned subsidiary, Brainspace, for $125.0 million. We recorded a gain on the sale of

95

Appgate, Inc.

Notes to Consolidated Financial Statements

Brainspace of $64.6 million. We have classified the results of Brainspace as discontinued operations in our consolidated statement of operations for 2021.

The major items constituting net income attributable to discontinued operations for 2021 are presented below (in thousands):

Revenue	$	2,111
Cost of revenue	142
Gross profit	1,969
Operating expenses:
Sales and marketing	240
Research and development	290
Total operating expenses	530
Income from operations	1,439
Gain on the disposal of the discontinued operation	64,621
Income from discontinued operations	66,060
Income tax expense of discontinued operations	(346)
Net income of discontinued operations, net of tax	$	65,714

Note 6. Revenue

Disaggregation of Revenue

The following table summarizes our revenue by category (in thousands):

	2022		2021
Subscription revenue:
Multi-year subscription term-based licenses	$	12,014	$	11,101
1-year subscription term-based licenses	10,024		8,568
Total subscription term-based licenses	22,038		19,669
Subscription SaaS	8,740		10,526
Support and maintenance	3,806		4,140
Total subscription revenue	34,584		34,335
Perpetual licenses	1,650		2,055
Services and other	6,430		6,643
Total	$	42,664	$	43,033

96

Appgate, Inc.

Notes to Consolidated Financial Statements

The following table summarizes revenue by main geography in which we operate based on the billing address of customers (including, for the avoidance of doubt, resellers and managed service providers) who have contracted with us (in thousands): 

	2022		2021
Revenues by country (a):
United States	$	21,668	$	20,568
Colombia	5,440		6,735
Other	15,556		15,730
Total	$	42,664	$	43,033
Revenues by main geography:
US&C	$	23,584	$	22,694
LATAM	13,846		15,142
EMEA	3,104		2,906
APAC	2,130		2,291
Total	$	42,664	$	43,033

(a) Only the United States and Colombia represented 10% or more of our total revenue in either period presented.

Significant Customers

No single customer (including, for the avoidance of doubt, resellers and managed service providers) accounted for 10% or more of the total revenue in either period presented.

Contract Balances

Timing of revenue recognition may differ from the timing of invoicing to customers. We record an unbilled receivable when revenue is recognized prior to invoicing, or deferred revenue when revenue is recognized after invoicing. For multi-year agreements, we generally invoice customers annually at the beginning of each annual coverage period. We record a receivable related to revenue recognized for multi-year on-premises licenses as we generally have an unconditional right to invoice and receive payment in the future related to those licenses.

Contract liabilities consist of deferred revenue and include payments received in advance of performance under a customer contract. Such amounts are recognized as revenue over the remaining contractual period. In 2022 and 2021, we recognized revenue of $5.5 million and $6.0 million, respectively, that was included in the corresponding contract liability balance at the beginning of the related year.

We receive payments from customers based upon contractual billing schedules and accounts receivable are recorded when the right to consideration becomes unconditional. Payment terms on invoiced amounts are typically 30 days to 45 days. Contract assets include amounts related to our contractual right to consideration for both completed and partially completed performance obligations that may not have been invoiced. Unbilled receivables were $10.6 million and $10.1 million as of December 31, 2022 and 2021, respectively.

In instances where the timing of revenue recognition differs from the timing of invoicing, we have determined our contracts generally do not include a significant financing component. The primary purpose of our invoicing terms is to provide customers with simplified and predictable ways of purchasing our products and services, not to provide customers with financing. Examples include invoicing at the beginning of a subscription term for SaaS services that do not contain variable consideration with revenue recognized ratably over the contract period, and multi-year on-premises licenses that do not contain variable consideration that are invoiced annually with license revenue recognized upfront and support and maintenance recognized ratably over the contract period.

97

Appgate, Inc.

Notes to Consolidated Financial Statements

Remaining Performance Obligations

The typical contractual term for term-based licenses and support and maintenance is one to three years. Most of our contracts are non-cancelable. However, customers typically have the right to terminate their contracts for cause if we fail to perform and cure within the applicable cure period. As of December 31, 2022, the aggregate amount of the transaction price allocated to remaining performance obligations was $36.3 million. We expect to recognize 40% of the transaction price over the next 12 months, with the remainder recognized thereafter.

Costs to Obtain and Fulfill a Contract

The following table summarizes the activity of the deferred contract acquisition costs (in thousands):

	2022		2021
Beginning balance	$	4,305	$	3,061
Capitalization of contract acquisition costs	6,146		6,193
Amortization of deferred contract acquisition costs	(5,951)		(5,333)
Impacts of foreign currency translation	111		384
Ending balance	$	4,611	$	4,305
Deferred contract acquisition costs, current	$	1,508	$	1,319
Deferred contract acquisition costs, noncurrent	$	3,103	$	2,986

We periodically review the carrying amount of deferred contract acquisition costs to determine whether events or changes in circumstances have occurred that could impact the period of benefit of these deferred costs. We did not recognize any impairment losses of deferred contract acquisition costs during 2022 or 2021.

Sales commissions accrued but not paid as of December 31, 2022 and 2021 totaled $0.9 million and $1.4 million, respectively, and are included within accrued expenses in the consolidated balance sheets.

Our fulfillment costs are generally not significant.

Note 7. Financial Instruments and Fair Value Measurements

Our financial instruments consist of cash equivalents, accounts receivable, contract assets, accounts payable, accrued expenses, deferred revenue, our debt and an embedded derivative liability. The fair value of cash equivalents, accounts receivable, contract assets, accounts payable, accrued expenses, and deferred revenue approximate their carrying value because of the short-term nature of these instruments.

The carrying value of our Convertible Senior Notes, net of issuance costs was $73.8 million and $73.0 million as of December 31, 2022 and 2021, respectively. The fair value of the Convertible Senior Notes was estimated as $64.6 million and $69.5 million as of December 31, 2022 and 2021, respectively. The fair value was estimated using a discounted cash flow analysis with a yield based on our credit rating.

Recurring Fair Value Measurements

The fair value of the embedded derivative liability was estimated using a “with and without” approach as of December 31, 2022 and 2021:

•“With” scenario: the fair value of the Convertible Senior Notes as of the valuation date is estimated based on a Two-Factor binomial lattice model.

•“Without” scenario: the fair value of the Convertible Senior Notes “without” the embedded features was estimated using a DCF model whereby the contractual cash flows absent the embedded derivative (i.e., the coupon and principal payments) are discounted at a risk-adjusted rate.

98

Appgate, Inc.

Notes to Consolidated Financial Statements

The following table summarizes fair value measurements by level at December 31, 2022 and 2021 for instruments measured at fair value on a recurring basis (in thousands):

	Level 1		Level 2		Level 3		Total
December 31, 2022
Financial liability:
Embedded derivative liability	$	—	$	—	$	19,700	$	19,700
December 31, 2021
Financial liability:
Embedded derivative liability	$	—	$	—	$	78,497	$	78,497

The following table presents the changes in Level 3 liabilities measured at fair value on a recurring basis in 2022 and 2021 (in thousands):

	Embedded derivative liability		Total liabilities
Balance at January 1, 2021	$	—	$	—
Loss included in earnings	78,497		78,497
Balance at December 31, 2021	78,497		78,497
Gain included in earnings	(58,797)		(58,797)
Balance at December 31, 2022	$	19,700	$	19,700

The loss/gain included in the previous table is reported in our consolidated statements of operations within change in fair value of embedded derivative liability. There were no transfers between fair value measurement levels during 2022 or 2021.

The significant unobservable inputs used in the fair value measurement of our embedded derivative liability at December 31, 2022 and 2021 are a volatility rate of 72.5% and 64.0%, respectively, and a bond yield of 21.78% and 8.85%, respectively. The expected volatility of our equity is estimated based on the historical volatility of our common stock and the remaining term of the Convertible Senior Notes of 1.1 years and 2.1 years at December 31, 2022 and 2021, respectively. We consider those inputs to be significant as changes in any of those inputs in isolation would result in significantly lower (higher) fair value measurement. Generally, a change in our volatility assumption will generate a directionally similar change in the overall value of the instrument, while a change in the bond yield will generate a directionally opposite change in the overall value of the instrument.

Note 8. Balance Sheet Components

Accounts Receivable and Allowance for Doubtful Accounts

Our accounts receivable represent amounts invoiced and due from our customers (including, for the avoidance of doubt, resellers and managed service providers) under our revenue contracts. The activity in the allowance for doubtful accounts was as follows (in thousands):

	2022		2021
Beginning balance	$	163	$	437
Provision for (Reversal of) allowance for doubtful accounts	857		(95)
Write offs	(952)		(218)
Impacts of foreign currency translation	(16)		39
Ending balance	$	52	$	163

99

Appgate, Inc.

Notes to Consolidated Financial Statements

Prepaid and Other Current Assets

Our prepaid and other current assets consisted of the following as of December 31, 2022 and 2021 (in thousands):

	2022		2021
Prepaid expenses	$	2,879	$	4,247
Withholding taxes	638		394
Deferred costs	—		1,555
Total	$	3,517	$	6,196

Property and Equipment, Net

Our property and equipment, net consisted of the following as of December 31, 2022 and 2021 (in thousands):

	2022		2021
Leasehold improvements	$	3,912	$	4,225
Equipment and fixtures	4,078		4,233
	7,990		8,458
Less: accumulated depreciation and amortization	(6,373)		(6,343)
Property and equipment, net	$	1,617	$	2,115

During 2022 and 2021, we recognized depreciation and amortization expense on property and equipment of $0.9 million and $0.7 million, respectively.

Accrued Expenses

Our accrued expenses consisted of the following as of December 31, 2022 and 2021 (in thousands):

	2022		2021
Accrued compensation and benefits	$	4,483	$	7,967
Accrued interest	3,506		1,316
Accrued services	1,092		1,482
Accrued income taxes	350		415
Accrued other taxes	767		810
Other	42		203
Total	$	10,240	$	12,193

Note 9. Goodwill and Intangible Assets

Goodwill

The carrying amount of goodwill was $71.6 million as of December 31, 2022 and 2021.

100

Appgate, Inc.

Notes to Consolidated Financial Statements

Intangible Assets, Net

Our acquired intangible assets subject to amortization consist of customer relationships, trademarks and tradenames, and developed technology and were originally acquired by Cyxtera when it acquired the entities that formed Legacy Appgate. The useful lives of the assets were as follows: (i) customer relationships – 7.5 to 17.5 years, (ii) trademarks and tradenames – 8.5 to 14.5 years, and (iii) developed technology – 2.5 to 7.5 years. Acquired intangibles subject to amortization consist of the following as of December 31, 2022 and 2021 (in thousands):

	2022						2021						Weighted average remaining useful life (Years)
	Gross		Accumulated amortization		Net		Gross		Accumulated amortization		Net
Customer relationships	$	30,157	$	(19,064)	$	11,093	$	30,157	$	(15,706)	$	14,451	3.6
Trademarks and tradenames	17,932		(8,826)		9,106		18,732		(8,051)		10,681		8.0
Developed technology	34,279		(28,029)		6,250		38,881		(27,554)		11,327		1.8
Total	$	82,368	$	(55,919)	$	26,449	$	87,770	$	(51,311)	$	36,459

We stopped offering our Compliance Sheriff product. As a result, during 2022, we recorded a loss on abandonment of the related intangible assets (namely, trademarks and tradenames and developed technology) of $1.7 million. Other than the loss on abandonment, the main changes in the carrying amount of each major class of intangible assets during 2022 was amortization, and to a lesser extent, foreign currency translation. The main changes in the carrying amount of each major class of intangible assets during 2021 was amortization, and to a lesser extent, foreign currency translation.

We recorded amortization expense on intangible assets of $8.4 million and $9.2 million in 2022 and 2021, respectively. Amortization expense for all intangible assets, except our developed technology, was recorded within depreciation and amortization expense in the consolidated statements of operations. Amortization expense for our developed technology was recorded within cost of revenue in the consolidated statements of operations.

Future amortization expense of intangible assets is as follows (in thousands) for the years ending:

2023	$	7,941
2024	7,377
2025	4,224
2026	2,297
2027	1,140
Thereafter	3,470
Total	$	26,449

Impairment Tests

We perform annual impairment tests of goodwill on October 1st of each year or whenever an indicator of impairment exists. No impairment was recorded during 2022 or 2021.

Note 10. Leases

We lease office space and certain colocation space under non-cancelable operating lease agreements. We also leased certain equipment under finance lease arrangements that expired in November 2021.

101

Appgate, Inc.

Notes to Consolidated Financial Statements

Operating Leases

The following is a summary of our operating lease costs for 2022 and 2021 (in thousands):

	2022		2021
Operating lease cost	$	896	$	1,120
Short-term lease cost	317		68
Variable lease cost	68		76
Total operating lease costs	$	1,281	$	1,264

The following table presents information about leases on our consolidated balance sheets as of December 31, 2022 and 2021 (in thousands):

	2022		2021
Operating lease right-of-use assets	$	1,679	$	2,497
Operating lease liabilities, current	$	619	$	798
Operating lease liabilities, noncurrent	$	1,261	$	1,891

At December 31, 2022, the weighted-average remaining lease term and weighted-average discount rate for operating leases were 3.5 years and 6.52%, respectively. At December 31, 2021, the weighted-average remaining lease term and weighted-average discount rate for operating leases were 4.0 years and 6.39%, respectively.

Cash paid for amounts included in the measurement of operating lease liabilities was $0.9 million and $1.0 million for 2022 and 2021, respectively.

Right-of-use assets obtained in exchange for lease obligations was $1.4 million for 2021 (none for 2022).

Maturities of operating lease liabilities consisted of the following as of December 31, 2022 (in thousands):

For the years ending:
2023	$	623
2024	556
2025	528
2026	356
2027	27
Total future minimum lease payments	2,090
Less: Imputed interest	(210)
Total	$	1,880

Note 11. Debt

Our debt consists of the following as of December 31, 2022 and 2021 (in thousands):

	2022		2021
Revolving Credit Facility	$	46,500	$	—
Principal amount of Convertible Senior Notes	75,000		75,000
Unamortized debt issuance costs	(1,231)		(2,032)
Net carrying amount	73,769		72,968
Total debt	$	120,269	$	72,968

102

Appgate, Inc.

Notes to Consolidated Financial Statements

Interest expense, net was as follows (in thousands):

	2022		2021
Interest expense on Revolving Credit Facility	$	1,944	$	—
Interest expense on Convertible Senior Notes	3,750		2,497
Amortization of debt issuance costs	802		180
Interest on Promissory Notes (Note 4)	—		472
Other, net	(53)		41
Total interest expense, net	$	6,443	$	3,190

Interest accrued but not paid as of December 31, 2022 and 2021 totaled $3.5 million and $1.3 million, respectively, and is included within accrued expenses in the audited consolidated balance sheets.

Revolving Credit Facility

On April 26, 2022, Legacy Appgate, Appgate, the other guarantors party thereto and SIS Holdings entered into a revolving credit agreement (the “Revolving Credit Agreement”) which provides for a $50.0 million unsecured, revolving credit facility (the “Revolving Credit Facility”). This indebtedness is contractually subordinated to the Convertible Senior Notes and matures on the earlier to occur of (a) June 30, 2023, (b) the closing of a registered offering of Capital Stock (as defined in the Revolving Credit Agreement) of the Company in an aggregate amount equal to $50.0 million or more and (c) the date of which the Loans (as defined in the Revolving Credit Agreement) are accelerated upon an Event of Default (as defined in the Revolving Credit Agreement). Interest accrues on amounts drawn under the Revolving Credit Facility at a rate of 10.0% per annum, payable in cash on the Final Maturity Date (as defined in the Revolving Credit Agreement). The Revolving Credit Agreement is subject to customary terms, covenants and conditions. All obligations under the Revolving Credit Agreement are guaranteed by Appgate and Legacy Appgate’s domestic subsidiaries. During the year ended December 31, 2022, we borrowed $46.5 million under the Revolving Credit Facility, all of which remained outstanding as of December 31, 2022.

Convertible Senior Notes

On February 9, 2021, Legacy Appgate issued $50.0 million in aggregate principal amount of convertible senior notes due 2024 (the “Initial Convertible Senior Notes”) to various funds managed by Magnetar Financial LLC (“Magnetar”). In connection with the closing of the Merger, Legacy Appgate issued an additional $25.0 million in aggregate principal balance in convertible notes to various funds managed by Magnetar (the “Additional Convertible Senior Notes” and together with the Initial Convertible Senior Notes and any PIK Notes (as defined below), the “Convertible Senior Notes”). The Convertible Senior Notes are subject to the terms and conditions of the note issuance agreement among Legacy Appgate, Legacy Appgate’s wholly owned domestic subsidiaries and Magnetar, the representative of the noteholders (the “Note Issuance Agreement”), and the note purchase agreement among Legacy Appgate and the lender parties thereto (the “Note Purchase Agreement”). Capitalized terms not otherwise defined in this Note 11 have the meanings ascribed to them in the Note Issuance Agreement.

We received net proceeds of $72.8 million from the issuance of the Initial Convertible Senior Notes and Additional Convertible Senior Notes, after deducting fees and expenses of $2.2 million. We recorded these fees and expenses as debt issuance costs that will be amortized over the term of the Convertible Senior Notes.

The Convertible Senior Notes are senior, unsecured obligations of Legacy Appgate, and the payment of the principal and interest is unconditionally guaranteed, jointly and severally by Legacy Appgate’s U.S. subsidiaries and, as of the closing of the Merger, also by Appgate. The Convertible Senior Notes will mature on February 9, 2024, unless earlier converted, redeemed, or repurchased.

Interest on the Convertible Senior Notes is payable either entirely in cash or entirely in kind (“PIK Interest”), or a combination of cash and PIK Interest at our discretion. The Convertible Senior Notes bear interest at the annual rate of 5% with respect to interest payments made in cash and 5.50% with respect to PIK Interest, with interest payable semi-annually on February 1 and August 1 of each year, commencing on August 1, 2021. Additional notes (“PIK Notes”) to be issued for PIK Interest will have the same terms and conditions as the Convertible Senior Notes. The Note Issuance Agreement

103

Appgate, Inc.

Notes to Consolidated Financial Statements

includes certain affirmative and financial covenants we are required to satisfy (as further described below). We were in compliance with all covenants as of December 31, 2022.

Supplemental Agreement

On October 12, 2021, in connection with the closing of the Merger, Newtown entered into a supplemental agreement (the “Supplemental Agreement”) with Legacy Appgate and Magnetar, as representative of the holders of the Convertible Senior Notes, pursuant to which Newtown, among other things, unconditionally guaranteed all of Legacy Appgate’s Obligations under the Note Issuance Agreement, including the Convertible Senior Notes, and assumed all of Legacy Appgate’s Conversion Obligations and Change of Control Conversion Obligations under the Note Issuance Agreement.

Other key terms of the Convertible Senior Notes, as of December 31, 2022, follow:

Conversion upon Change of Control. If Legacy Appgate undergoes a Change of Control other than the Merger prior to maturity, each holder of Convertible Senior Notes shall have the option to convert all or any portion of such Convertible Senior Notes into Legacy Appgate common stock or, following entry into the Supplemental Agreement (as defined above), our common stock, subject to and in accordance with the terms of the Note Issuance Agreement, including the applicable conversion rate thereunder.

Conversion. Other than upon a Change of Control, prior to maturity, each holder of the Convertible Senior Notes shall have the option to convert all or any portion of such Convertible Senior Notes into Legacy Appgate common stock or, following entry into the Supplemental Agreement, our common stock, subject to and in accordance with the terms of the Note Issuance Agreement, including the applicable conversion rate thereunder.

Guarantees; Conversion Obligations. The Convertible Senior Notes are guaranteed by each of Legacy Appgate’s wholly owned domestic subsidiaries and, as of the closing of the Merger, also by Appgate. Upon the consummation of certain events resulting in Legacy Appgate becoming a direct or indirect subsidiary of any person (including the Merger), such acquiring person, any direct or indirect parent company thereof and each subsidiary thereof (immediately prior to such event) shall unconditionally guarantee Legacy Appgate’s Obligations and assume all of Legacy Appgate’s Conversion Obligations and Change of Control Conversion Obligations and, upon such assumption, Legacy Appgate shall be released from its Conversion Obligations and Change of Control Conversion Obligations.

Repurchase Upon a Fundamental Change. Upon the occurrence of a Fundamental Change at any time after a Public Company Event, each holder of Convertible Senior Notes shall have the option to require Legacy Appgate to repurchase for cash all or any portion of such Convertible Senior Notes, at a repurchase price equal to 100% of the principal amount thereof, plus accrued and unpaid interest thereon, subject to and in accordance with the terms of the Note Issuance Agreement.

Repurchase Upon a Change of Control. Upon the occurrence of a Change of Control, each holder of Convertible Senior Notes shall have the option to require Legacy Appgate to repurchase for cash all or any portion of such Convertible Senior Notes, at a repurchase price equal to 102% of the principal amount thereof, plus accrued and unpaid interest thereon, subject to and in accordance with the terms of the Note Issuance Agreement.

Covenants. The Note Issuance Agreement contains restrictive covenants that, among other things, generally limit the ability of our and certain of our subsidiaries (subject to certain exceptions) to: (i) incur additional debt and issue Disqualified Stock; (ii) create liens; (iii) pay dividends, acquire shares of capital stock, or make investments; (iv) issue guarantees; (v) sell assets and (vi) enter into transactions with affiliates. The Note Issuance Agreement also contains a financial covenant that requires that we maintain liquidity of not less than $10.0 million as of the last day of any calendar month. The foregoing restrictive covenants are subject to a number of important exceptions and qualifications, as set forth in the Note Issuance Agreement.

Events of Default. The Note Issuance Agreement provides for customary events of default which include (subject in certain cases to customary grace and cure periods), among others: (i) nonpayment of principal or interest; (ii) breach of covenants or other agreements in the Note Issuance Agreement; (iii) defaults in failure to pay certain other indebtedness; and (iv) certain events of bankruptcy or insolvency. Generally, if an event of default occurs and is continuing under the Note Issuance Agreement, Magnetar or the holders of at least 25% in aggregate principal amount of the Convertible Senior Notes then outstanding may declare the principal of, premium, if any, and accrued interest on all the Convertible Senior Notes immediately due and payable.

104

Appgate, Inc.

Notes to Consolidated Financial Statements

No Registration. The Convertible Senior Notes and any Appgate common stock to be issued upon conversion of the Convertible Senior Notes have not been registered under the Securities Act of 1933, as amended (the “Securities Act”), or any state securities laws and may not be offered or sold in the United States absent registration under the Securities Act or an applicable exemption from registration requirements. This description of the Note Issuance Agreement and the Convertible Senior Notes does not constitute an offer to sell, or the solicitation of an offer to buy, any securities and shall not constitute an offer, solicitation or sale in any jurisdiction in which such offer, solicitation or sale would be unlawful.

If the holders have not converted the Convertible Senior Notes and the Convertible Senior Notes have not been redeemed by the maturity date, Legacy Appgate must repay the outstanding principal amount and accrued interest.

Embedded Derivative Liability

The Convertible Senior Notes contain (i) call options to be settled in cash upon the occurrence of a Change of Control (other than the Merger), (ii) put options to be settled in cash contingent upon the occurrence of a Fundamental Change after a Public Company Event or a Change of Control (other than the Merger) and (iii) a default interest rate increase of 3% applicable upon the occurrence of an event of default. Appgate evaluated these embedded redemption features under the guidance of ASC 815, and determined that a redemption feature contained a substantial premium requiring bifurcation at fair value. However, management determined the probability of a Change of Control to be remote and as such the fair value of the embedded redemption feature has been estimated to be zero. Management also evaluated the contingent interest feature and determined the likelihood of payment to be remote. Accordingly, the fair value of the contingent interest feature was also estimated to be zero. Lastly, management evaluated the embedded conversion feature, and determined that following the closing of the Merger, this embedded feature meets the net settlement criterion under ASC 815-15-25. Consequently, the automatic conversion meets the criteria under ASC 815-15-25-1(c). For an embedded feature to be bifurcated, it must meet all three criteria in ASC 815-15-25-1. Therefore, this embedded feature requires bifurcation. Accordingly, we have recorded an embedded derivative liability representing the combined fair value of the right of the noteholders to receive 10,982,805 shares of our common stock upon conversion of the Convertible Senior Notes at any time (the “conversion feature”). The embedded derivative liability is presented as a non-current liability in our consolidated balance sheet and is adjusted to reflect fair value at each period end with changes in fair value recorded in the “Change in fair value of embedded derivative liability” financial statement line item of our consolidated statements of operations. We will continue to adjust the embedded derivative liability for changes in fair value until the underlying conversion feature is exercised, redeemed, cancelled or expires.

As of December 31, 2022, the carrying amount of this embedded derivative included in our consolidated balance sheet was $19.7 million. The fair value of this derivative is estimated using Level 3 inputs in the fair value hierarchy on a recurring basis. Refer to Note 7 – Financial Instruments and Fair Value Measurements. Based on the estimated value of the derivative at December 31, 2022, if the noteholders were to exercise the conversion feature, they would not receive any excess over the aggregate principal amount on the Convertible Senior Notes.

Note 12. Commitments and Contingencies

Letters of Credit

As of December 31, 2022, we had $1.5 million in irrevocable stand-by letters of credit outstanding, which were issued primarily to guarantee a subsidiary’s performance under contracts with customers and as a guarantee under the Company’s corporate credit card line. As of December 31, 2022, no amounts had been drawn on any of these irrevocable stand-by letters of credit.

Non-cancelable Purchase Obligations

In the normal course of business, we enter into non-cancelable purchase commitments with various parties to purchase products and services, such as technology equipment, subscription-based cloud service arrangements, corporate events and consulting services. As of December 31, 2022, we had outstanding non-cancelable purchase obligations with terms of 12 months or longer aggregating $2.2 million.

105

Appgate, Inc.

Notes to Consolidated Financial Statements

Legal Contingencies

We may be subject to legal proceedings and litigation arising from time to time. We record a liability when we believe that it is both probable that a loss has been incurred and the amount can be reasonably estimated. We periodically evaluate developments in our legal matters that could affect the amount of liability that we accrue, if any, and adjust, as appropriate. Until the final resolution of any such matter for which we may be required to record a liability, there may be a loss exposure in excess of the liability recorded and such amount could be significant. We expense legal fees as incurred. As of December 31, 2022 and 2021, the Company was not a party to, and the Company is not currently party to, any litigation that would have a material adverse effect on the Company’s consolidated financial statements.

Note 13. Stockholders’ Deficit

As of December 31, 2022, our authorized share capital consists of 1,000,000 shares of preferred stock and 270,000,000 shares of capital stock designated as common stock. As of December 31, 2022, we had 131,793,660 shares of common stock issued and outstanding. We do not have any shares of preferred stock issued and outstanding. As described in Note 2, on October 12, 2021, the Merger was consummated. In accordance with applicable guidance, the equity structure of Appgate has been restated in all comparative periods up to the closing date of the Merger to reflect the number of shares of Appgate’s common stock, $0.001 par value per share, issued to Legacy Appgate’s sole shareholder in connection with the Merger. As such, the shares and corresponding capital amounts and earnings per share related to Legacy Appgate common stock prior to the Merger have been retroactively restated to reflect the new equity structure of Appgate post-merger.

Note 14. Profit Interest Units of SIS Holdings LP

SIS Holdings adopted the SIS Holdings LP Class B Unit Plan (the “SIS Holdings Plan”) in May 2017. The purpose of the SIS Holdings Plan is to promote the interests of SIS Holdings and its controlled affiliates, including Appgate and Cyxtera by (a) attracting and retaining officers, directors, managers, employees and consultants of SIS Holdings and its controlled affiliates, and (b) enabling such persons to acquire an equity interest in and participate in the long-term growth and financial success of SIS Holdings and its controlled affiliates. 1,000,000 Class B profit interest units were originally available for issuance pursuant to awards under the SIS Holdings Plan. Class B units issued under the SIS Holdings Plan are limited partnership units in SIS Holdings and are subject to the terms and conditions of the Amended and Restated Limited Partnership Agreement of SIS Holdings dated May 1, 2017.

All outstanding awards, including, but not limited to, awards to employees of Appgate (or a subsidiary thereof), under the SIS Holdings Plan were issued in 2017, 2018 and 2019. Awards under the SIS Holdings Plan are subject to a vesting schedule measured by a service condition such that awards vest 25% after the first anniversary of issue date (or, with respect to certain employees, the earlier of their hire date and May 1, 2017), and the remainder vest in equal monthly installments over the 42 months following the initial vesting date. In addition, vesting of all unvested units will be accelerated upon the satisfaction of a performance condition, namely an “exit event”. An exit event is defined as a change of control through sale of all or substantially all of the assets of SIS Holdings and its subsidiaries (whether by merger, recapitalization, stock sale or other sale or business combination, including the sale of any subsidiary accounting for all or substantially all of the revenues of SIS Holdings and its subsidiaries on a consolidated basis) or any transaction resulting in a change of in excess of 50% of the beneficial ownership of the voting units of SIS Holdings. The holders of the Class B units were not required to make any capital contributions to SIS Holdings, Appgate or Cyxtera in exchange for their Class B units and are entitled to receive distributions (when and if declared by SIS Holdings) on their vested units (including those accelerated upon an exit event).

Compensation expense related to the Class B units is recognized based on the estimated fair values of the Class B units and recognized on straight line basis over the service period. The fair value of the Class B units was estimated using a Black-Scholes OPM, which estimates the fair value of each class of security using call options. Similar to call options for publicly-traded stock, call options used in an OPM assign value to each class of security based on the potential to profit from the upside of the business while taking into account the unique characteristics of each class of security. Each call option gives its holder the right, but not the obligation, to buy the underlying asset at a predetermined price, or exercise price. The starting equity value is based on the total equity value of Appgate and Cyxtera rather than, in the case of a regular call option, the per share stock price.

106

Appgate, Inc.

Notes to Consolidated Financial Statements

The strike prices on the options in an OPM model are represented by “breakpoints”, which are the points at which there is a change in the proportion of the claims of the various securities on the total equity value. Each junior security is considered a call option with a claim on the equity value at an exercise price which settles all of the more senior claims and takes into account the unique characteristics of each class of security. A discount for lack of marketability was then calculated based on the Finnerty model, using series-specific volatility, and applied to the per share value of Class B units produced by the OPM, to arrive at a non-marketable value.

The following summary shows the activity in PIU awards granted by SIS Holdings to employees of Appgate (or a subsidiary thereof):

	Number of units	Weighted- average grant date fair value
Outstanding at December 31, 2020	253,384	$	87.12
Forfeited	(3,348)	(85.94)
Outstanding at December 31, 2021	250,036	87.14
Forfeited	(625)	(104.69)
Outstanding at December 31, 2022	249,411	$	87.10

Equity-based compensation costs with respect to PIU awards granted under the SIS Holdings Plan totaled $0.3 million and $3.5 million for 2022 and 2021, respectively. These amounts are included in the following captions in the consolidated statements of operations (in thousands):

	2022		2021
Cost of revenue	$	62	$	504
Sales and marketing	263		1,844
Research and development	—		359
General and administrative	—		753
Total	$	325	$	3,460

No related income tax benefit was recognized as of 2022 or 2021.

As of December 31, 2022, total equity-based compensation costs related to 402 unvested Class B units not yet recognized totaled $42 thousand, which is expected to be recognized over a weighted-average period of 0.25 years.

Effective July 29, 2021, the SIS Holdings Plan was amended to the extent required such that any distribution by SIS Holdings to its equity holders that is attributable to amounts received by SIS Holdings in respect of its equity interests in Cyxtera or Legacy Appgate, in each case upon the consummation of the transactions contemplated by Cyxtera’s merger with Starboard Value Acquisition Corp. in July 2021 (the “Cyxtera Transaction” and, together with the Merger, the “Transactions”) or the Merger Agreement, respectively, shall be deemed to have been made at an amount equal to the value of the Cyxtera common stock or Legacy Appgate common stock, as applicable, in each such Transaction.  

Note 15. Appgate, Inc. 2021 Incentive Compensation Plan

On October 12, 2021, our Board of Directors adopted the Appgate, Inc. 2021 Incentive Compensation Plan (the “2021 Plan”). The purpose of the 2021 Plan is to assist Appgate and its related entities in attracting, motivating, retaining and rewarding high-quality executives and other employees, officers, directors, consultants and other persons who provide services to Appgate or its related entities by enabling such persons to acquire or increase a proprietary interest in the Company in order to strengthen the mutuality of interests between such persons and the Company’s shareholders, and providing such persons with performance incentives to expend their maximum efforts in the creation of shareholder value. During 2021, no grants or awards were made under the 2021 Plan.

107

Appgate, Inc.

Notes to Consolidated Financial Statements

During the year ended December 31, 2022, our Board of Directors (or a designee thereof) approved certain grants of long-term incentive awards to executives, employees, officers and consultants of the Company (or a subsidiary thereof). Such grants were given as RSUs and PSUs. Awards of RSUs were given as time-based awards and/or performance-based awards under the 2021 Plan. All PSUs were given as performance-based awards. The vesting of the performance-based awards is dependent upon certain conditions, including service and/or performance conditions as defined in the grants. Our Executive Chairman and Chairman of our Board of Directors received a time-based award, the “Chairman Award”, which entitled him to receive a specific number of shares of the Company’s common stock on the vesting date. Such Chairman Award originally vested no later than December 31, 2022 but was cancelled on December 23, 2022. The fair value of RSUs and PSUs granted is determined using the fair value of the Company’s common stock on the date of the grant.

The following table summarizes nonvested RSUs and PSUs activity for the year ended December 31, 2022:

	RSUs						PSUs
	Time-vested			Performance-vested			Performance-vested
	Shares	Weighted-average grant date fair value		Shares	Weighted-average grant date fair value		Shares	Weighted-average grant date fair value
Nonvested at December 31, 2021	—	$	—	—	$	—	—	$	—
Granted	1,102,217	13.00		4,436,129	13.14		58,519	13.17
Vested	—	0.00		—	0.00		—	0.00
Forfeited	—	0.00		(107,748)	13.00		(1,433)	13.00
Nonvested at March 31, 2022	1,102,217	13.00		4,328,381	13.14		57,086	13.17
Granted	—	0.00		192,869	12.81		5,145	11.14
Vested	—	0.00		—	0.00		—	0.00
Forfeited	—	0.00		(97,974)	13.15		(4,661)	12.86
Nonvested at June 30, 2022	1,102,217	13.00		4,423,276	13.13		57,570	13.02
Granted	—	0.00		5,455,744	7.21		528	7.50
Vested	—	0.00		—	0.00		—	0.00
Forfeited	—	0.00		(647,606)	13.45		(6,293)	13.26
Nonvested at September 30, 2022	1,102,217	13.00		9,231,414	9.62		51,805	12.91
Granted	—	0.00		1,318	2.61		—	0.00
Vested	—	0.00		—	0.00		—	0.00
Forfeited	—	0.00		(22,552)	10.48		(1,927)	13.00
Cancelled	(1,102,217)	13.00		—	—		—	—
Nonvested at December 31, 2022	—	$	—	9,210,180	$	13.29	49,878	$	13.07

For the year ended December 31, 2022, we recognized $14.3 million of equity-based compensation expense related to the 2021 Plan. This amount is included in general and administrative expenses in the consolidated statement of operations.

Note 16. Cyxtera Management, Inc. Long-Term Incentive Plan

On February 13, 2018, the Management Company adopted the Cyxtera Management, Inc. Long-Term Incentive Plan (the “LTI Plan”). The purpose of the LTI Plan is to retain key talent, attract new employees, align particular behavior with the common goals of profitability and revenue growth, provide incentive awards the value of which are tied to the equity value of SIS Holdings and to create an opportunity for certain key employees to participate in value creation. Certain employees of Appgate (or a subsidiary thereof) are participants under the LTI Plan.

Award units entitle the holder to share in the equity appreciation of SIS Holdings upon an exit event or an initial public offering (an “IPO”) of Cyxtera or its successor. Except in the case of an IPO, any payments in respect of the awards

108

Appgate, Inc.

Notes to Consolidated Financial Statements

are expected to be made in cash. In an IPO, payment may be made in the stock of the IPO vehicle. Payout is estimated to range between $0 and $70.0 million, depending on a multiple based on the results of the exit event or IPO. While awards under the LTI Plan vest, to the extent there is no exit event or an IPO, the awards expire after seven years from the grant date. We have determined that no expense or liability should be recognized under this LTI Plan until an exit event or IPO occurs.

On July 29, 2021, Cyxtera consummated the Cyxtera Transaction and caused its subsidiaries to terminate or declare an “Early Settlement Event” under (resulting in the final settlement of) the LTI Plan and any award agreements thereunder, in each case, without liability to Appgate, Cyxtera, or any of their respective subsidiaries.

Note 17. 401(k) Savings Plan

Effective January 1, 2021, Legacy Appgate’s U.S. employees became eligible to participate in the Appgate Cybersecurity Inc. 401(k) Savings Plan (the “401(k) Plan”), a defined contribution benefit plan sponsored by Legacy Appgate. Under the 401(k) Plan, the Company (or a subsidiary thereof) makes matching contributions equal to 100% of an employee’s salary deferral that does not exceed 1% of the employee’s compensation plus 50% of the salary deferral between 1% and 6% of the employee’s compensation.

During 2022 and 2021, we made matching contributions to the 401(k) Plan of $1.1 million and $0.7 million, respectively. These amounts are included in the following captions in the consolidated statements of operations (in thousands):

	2022		2021
Cost of revenue	$	167	$	106
Sales and marketing	650		469
Research and development	106		57
General and administrative	157		115
Total	$	1,080	$	747

Note 18. Income Taxes

The amounts of loss from continuing operations before income taxes was as follows (in thousands):

	2022		2021
United States	$	(28,820)	$	(137,102)
Foreign	494		656
Total	$	(28,326)	$	(136,446)

109

Appgate, Inc.

Notes to Consolidated Financial Statements

The income tax expense from continuing operations for 2022 and 2021 consisted of the following (in thousands):

	2022		2021
Current:
Federal	$	—	$	—
State	373		24
Foreign	1,976		2,467
Total current income tax expense	2,349		2,491
Deferred:
Federal	—		—
State	—		—
Foreign	(590)		(95)
Total deferred income tax benefit	(590)		(95)
Income tax expense	$	1,759	$	2,396

The effective tax rates for 2022 and 2021 were (6.2)% and (1.8)%, respectively. An income tax reconciliation between the U.S. Federal statutory tax rate of 21% for each of 2022 and 2021 and the effective tax rate is as follows (in thousands):

	2022				2021
Income tax at U.S. Federal statutory income tax rate	$	(5,949)	21.0	%	$	(28,654)	21.0	%
State and local taxes, net of Federal income tax benefit	(1,006)		3.6	%	(1,469)		1.1	%
Valuation allowance	16,890		(59.6)	%	14,072		(10.3)	%
Change in fair value of embedded derivative liability	(12,347)		43.6	%	16,484		(12.1)	%
Share-based compensation write-off (Note 14)	3,015		(10.6)	%	—		0.0	%
Nondeductible expenses	102		(0.4)	%	730		(0.5)	%
Taxes of foreign operations at rates different than U.S. Federal statutory income tax rate	1,126		(4.0)	%	1,936		(1.5)	%
Deferred adjustments	(69)		0.2	%	—		0.0	%
Other	(3)		0.0	%	(703)		0.5	%
Total	$	1,759	(6.2)	%	$	2,396	(1.8)	%

The effective tax rate for 2022 differs from the U.S. Federal income tax rate of 21% primarily due to changes in the valuation allowance, the change in the fair value of our embedded derivative liability that is not tax deductible, share-based compensation write-off, and foreign withholding taxes. The effective tax rate for 2021 differs from the U.S. Federal income tax rate of 21% primarily due to changes in the valuation allowance, the change in the fair value of our embedded derivative liability that is not tax deductible, state taxes, and foreign withholding taxes.

The Tax Act, which was signed into law on December 22, 2017, contained many significant changes to the U.S. federal income tax laws. Among other things, the Tax Act reduced the U.S. corporate income tax rate from 35% to 21% effective January 1, 2018, limited the tax deductibility of interest expense, accelerated expensing of certain business assets and transitioned the U.S. international taxation from a worldwide tax system to a territorial tax system by imposing a one-time mandatory repatriation of undistributed foreign earnings. Also included in the Tax Act was the implementation of a minimum tax on foreign earnings.

On March 27, 2020, the Coronavirus Aid, Relief and Economic Security (“CARES”) Act was enacted and signed into law. Intended to provide economic relief to those impacted by the COVID-19 pandemic, the CARES Act includes provisions, among other things, addressing the carryback of NOLs for specific periods and temporary modifications to the limitation placed on the tax deductibility of interest expense.

110

Appgate, Inc.

Notes to Consolidated Financial Statements

The tax effects of temporary differences that give rise to significant portions of the deferred tax assets and deferred tax liabilities consists of the following (in thousands):

	2022		2021
Deferred tax assets:
Net operating loss carryforward	$	56,303	$	44,158
Accrued expenses	417		1,270
Allowance for doubtful accounts	13		34
163(j) Interest expense limitation and carryforward	1,398		—
Section 174 costs	2,221		—
Total deferred tax assets	60,352		45,462
Deferred tax liabilities:
Property and equipment	(205)		(289)
Deferred revenue	(416)		(955)
Intangible assets	(5,008)		(6,907)
Deferred contract acquisition costs	(1,078)		(922)
Total deferred tax liabilities	(6,707)		(9,073)
Valuation allowance	(52,311)		(35,526)
Deferred income tax asset, net	$	1,334	$	863

The Company anticipates most of its deferred tax assets will be realized within the period during which its deferred tax liabilities are expected to reverse. However, there are certain U.S. federal and foreign deferred tax assets as well as state NOLs that are not expected to be realized before expiration and as such are not more-likely-than-not realizable and we have recorded a valuation allowance against such deferred tax assets.

As of December 31, 2022, we had U.S. Federal NOL carryforwards of $233.2 million generated in tax years 2002 through 2022, of which $22.9 million will expire in 2035, $22.8 million will expire in 2036, $27.2 million will expire in 2037, and $160.3 million will carry forward indefinitely. We have state NOL carryforwards of $107.3 million generated in tax years 2007 through 2021. The state NOL carryforwards of $72.7 million will expire from 2023 to 2042 and $34.6 million will carry forward indefinitely. Additionally, we have foreign NOL carry forwards of $6.0 million generated from tax years 2006 through 2016, of which $6.0 million will carry forward indefinitely.

In addition to the NOL carryforwards discussed above, as a result of past acquisitions and the Merger, we have an additional $12.9 million of federal NOL carryforwards. Management has not concluded on the realizability of these NOLs or whether they may be limited by Internal Revenue Code Section 382 or 383. Accordingly, to reflect that a more likely than not determination has not been made, a deferred tax asset has not been recorded as of December 31, 2022.

In assessing the realizability of deferred tax assets, management considers whether it is more likely than not that some portion or all of the deferred tax assets will be realized. In making such a determination, we considered all available positive and negative evidence, including our past operating results, forecasted earnings, frequency and severity of current and cumulative losses, duration of statutory carryforward periods, future taxable income and prudent and feasible tax planning strategies. On the basis of this evaluation, we continue to maintain a valuation allowance against a portion of the Company’s deferred tax assets. As of December 31, 2022, we have recorded a valuation allowance of $52.3 million for the portion of the deferred tax asset that did not meet the more-likely-than-not realization criteria. We increased the valuation allowance on our net deferred taxes by $16.8 million during 2022.

We are subject to taxation in the United States and various foreign jurisdictions. As of December 31, 2022, we were no longer subject to examination by the Internal Revenue Service for tax years prior to 2018 and generally not subject to examination by state tax authorities for tax years prior to 2017. With few exceptions, we are no longer subject to foreign examinations by tax authorities for tax years prior to 2019. Tax authorities may review the utilization of our NOL carryforwards beyond these dates. All material withholding tax returns and income tax returns have been timely filed.

111

Appgate, Inc.

Notes to Consolidated Financial Statements

We do not have any unrecorded unrecognized tax positions (“UTPs”) as of December 31, 2022. While we currently do not have any UTPs, it is foreseeable that the calculation of our tax liabilities may involve dealing with uncertainties in the application of complex tax laws and regulations in a multitude of jurisdictions across our global operations. ASC 740 states that a tax benefit from an uncertain tax position may be recognized when it is more likely than not that the position will be sustained upon examination, including resolutions of any related appeals or litigation processes, on the basis of the technical merits. Upon identification of a UTP, we would (1) record the UTP as a liability in accordance with ASC 740 and (2) adjust these liabilities if/when management’s judgment changes as a result of the evaluation of new information not previously available. Ultimate resolution of UTPs may produce a result that is materially different from an entity’s estimate of the potential liability. In accordance with ASC 740, we would reflect these differences as increases or decreases to income tax expense in the period in which new information is available. If any, we recognize and include interest and penalties accrued on uncertain tax positions as a component of income tax expense.

Note 19. Segment and Geographic Information

Our chief operating decision maker is our chief executive officer, who reviews financial information presented on a consolidated basis for the purposes of allocating resources and evaluating financial performance. Accordingly, management has determined that we operate as one operating and reportable segment.

Our long-lived assets consist of property and equipment and operating lease right-of-use assets, which are summarized by geographic area as follows (in thousands):

	2022								2021
	United States		Sweden		Other		Total		United States		Sweden		Other		Total
Property and equipment, net	$	1,344	$	138	$	135	$	1,617	$	1,690	$	152	$	273	$	2,115
Operating lease right-of-use assets	974		479		226		1,679		1,528		632		337		2,497
Total	$	2,318	$	617	$	361	$	3,296	$	3,218	$	784	$	610	$	4,612

Only the United States and Sweden represented 10% or more of our total long-lived assets as of December 31, 2022 and 2021.

Refer to Note 6 – Revenue, for information on revenue by geography.

Note 20. Related Party Transactions

Commercial Related Person Transactions with Cyxtera

Three members of our Board of Directors also, as of February 27, 2023, serve on the board of directors of Cyxtera and, as of March 23, 2022, SIS Holdings owned approximately 61.5% of Cyxtera’s outstanding common stock. Our most significant related party relationships and transactions are with Cyxtera, the Management Company, SIS Holdings and certain of the equity owners of SIS Holdings. Those relationships and transactions are described in Notes 1 and 4. In addition, Legacy Appgate maintains a number of ordinary course commercial relationships, both as a customer and service provider, with Cyxtera.

For instance, in 2022 and 2021, Cyxtera purchased certain cybersecurity products and services from Legacy Appgate, including licenses for Legacy Appgate cybersecurity software and training. During each of 2022 and 2021, Legacy Appgate charged Cyxtera $0.2 million for those products and services and recognized revenue from these licenses in the same amounts. As of December 31, 2022, Legacy Appgate had receivables from Cyxtera (and/or its subsidiaries) for $4 thousand under these agreements. There were no open receivables from Cyxtera (and/or its subsidiaries) as of December 31, 2021.

During 2022 and 2021, Cyxtera provided Legacy Appgate certain data center colocation and CXD services. During 2022 and 2021, Cyxtera charged Legacy Appgate $0.5 million and $0.3 million, respectively, for those services. As of December 31, 2022 and 2021, Legacy Appgate had payables to Cyxtera (and/or its subsidiaries) for $0.1 million and $9 thousand, respectively, under these agreements.

112

Appgate, Inc.

Notes to Consolidated Financial Statements

Transactions with Director Affiliated Companies

Two members of our Board of Directors are also, as of February 27, 2023, members of the board of directors of Chewy, Inc. (“Chewy”), an American online retailer of pet food and other pet-related products. During 2022 and 2021, Legacy Appgate charged Chewy (or the channel partner reselling certain cybersecurity products provided to Chewy) $0.5 million and $0.4 million, respectively, and recognized revenue in the same amounts, under contracts by Legacy Appgate or a channel partner for certain cybersecurity products provided to Chewy. There were no open receivables from Chewy (or the channel partner reselling certain cybersecurity products provided to Chewy) as of December 31, 2022 and 2021.

One current member of our Board of Directors serves, as of February 27, 2023, on the board of directors of PetSmart, Inc. (“PetSmart”). During 2022, Legacy Appgate charged PetSmart $0.1 million and recognized revenue in the same amount from its contract with PetSmart. There were no open receivables from PetSmart as of December 31, 2022. The agreement with PetSmart was executed in 2022, and as such, no charges or revenue were recognized under such agreement in prior periods.

Other Related Party Transactions

CenturyLink Communications, LLC (“CenturyLink”), an approximate 10.4% owner of SIS Holdings and, as a result, an indirect beneficial owner of the Company, is a reseller of certain of our products and services. During 2022 and 2021, Legacy Appgate charged CenturyLink $0.9 million and $0.8 million, respectively, under contracts for certain cybersecurity products provided by Legacy Appgate to CenturyLink for resale by CenturyLink to end users. During 2022 and 2021, Legacy Appgate recognized $1.0 million and $0.6 million, respectively, as revenue from these contracts. As of December 31, 2022 and 2021, we had receivables from CenturyLink for $0.1 million and $0.6 million, respectively, under these agreements.

Note 21. Subsequent Events

Reduction in Force

On February 2, 2023, we substantially completed a reduction in force (the “February Reduction”) of approximately 8% of our workforce. In connection with the February Reduction, we incurred approximately $0.5 million of costs and expenses, primarily comprising severance and termination-related costs, which we recognized in the first quarter of 2023.

Appgate, Inc. 2021 Incentive Compensation Plan

As of March 28, 2023, there were no time-based RSUs, 8,134,965 performance-based RSUs, and 47,585 performance-based PSUs issued and outstanding to participants under the 2021 Plan, which performance-based RSUs and performance-based PSUs were subject to certain vesting criteria. As of March 28, 2023, none of the awards had vested.

Waiver to Note Purchase Agreement and Registration Rights Agreement

As of January 24, 2023, the Company, Legacy Appgate, the holders of the Convertible Senior Notes (the “Noteholders”) and Magnetar, as representative of the Noteholders (the “Representative”), entered into a Waiver to Note Purchase Agreement and Registration Rights Agreement (the “Waiver”).

The Waiver (a) waives certain registration rights of the Noteholders under that certain Registration Rights Agreement (as amended), dated as of February 8, 2021 entered into by and among Legacy Appgate and the Noteholders, and (b) certain rights of the Noteholders under the Note Purchase Agreement, in each case, until April 30, 2023.

Revolving Credit Facility

On January 31, 2023, we borrowed an additional $2.0 million under the Revolving Credit Facility, and as of March 31, 2023, we had an aggregate of $48.5 million in borrowings outstanding under the Revolving Credit Facility.

113

Appgate, Inc.

Notes to Consolidated Financial Statements

PIK Notes

On February 1, 2023, Legacy Appgate issued approximately $2.1 million in PIK Notes with respect to a single interest payment date.

114

Item 9. Changes in and Disagreements with Accountants on Accounting and Financial Disclosure

Not applicable.

Item 9A. Controls and Procedures

Evaluation of Disclosure Controls and Procedures

Our management, with the participation of our Chief Executive Officer and our Chief Financial Officer, have evaluated the effectiveness of the Company’s disclosure controls and procedures (as defined in Rules 13a-15(e) and 15d-15(e) under the Exchange Act) as of December 31, 2022. Our disclosure controls and procedures are designed to provide reasonable assurance that information required to be disclosed by us in the reports that we file or submit under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the rules and forms of the Securities and Exchange Commission. Disclosure controls and procedures include, without limitation, controls and procedures designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is accumulated and communicated to the company’s management, including its principal executive and principal financial officers, as appropriate to allow timely decisions regarding required disclosure. Based on that evaluation, management concluded that, as of December 31, 2022, the Company’s disclosure controls and procedures were not effective at the reasonable assurance level as a result of the material weaknesses discussed below.

Management’s Report on Internal Control over Financial Reporting

Management is responsible for the preparation, integrity and fair presentation of the consolidated financial statements, related notes and other information included in this Annual Report. The consolidated financial statements were prepared in accordance with accounting principles generally accepted in the United States of America and include certain amounts based on management’s estimates and assumptions. Other financial information presented in the Annual Report is derived from the consolidated financial statements.

Management is also responsible for establishing and maintaining adequate internal control over financial reporting, as such term is defined in Rules 13a-15(e) and 15d-15(e) under the Exchange Act, and for performing an assessment of the effectiveness of internal control over financial reporting as of December 31, 2022 as required by Section 404 of the Sarbanes-Oxley Act. Our internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. Our system of internal control over financial reporting includes those policies and procedures that (i) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the Company; (ii) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the Company are being made only in accordance with authorizations of management and directors of the Company; and (iii) provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the Company’s assets that could have a material effect on the consolidated financial statements.

Management performed an assessment of the effectiveness of the Company’s internal control over financial reporting as of December 31, 2022 based on criteria established in Internal Control — Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Based on our assessment and those criteria, management determined that, as of December 31, 2022, the Company’s internal control over financial reporting was not effective at the reasonable level of assurance as a result of the material weaknesses discussed below.

We had previously reported that although our management had not yet conducted a 404 Assessment, in connection with the preparation of Legacy Appgate’s consolidated financial statements as of and for the year ended December 31, 2020, Legacy Appgate’s management and its independent registered public accounting firm identified material weaknesses in internal control over financial reporting with respect to the design of our information technology general controls related to user access and change management, as well as certain financial reporting transaction level controls, including account reconciliations, related party transactions and journal entries.

In connection with the material weaknesses previously identified and discussed above, the Company continues to undertake a number of procedures and continues to institute a number of controls to help ensure the proper collection, evaluation and disclosure of the information included in the Company’s SEC reports and will implement additional analytical tools and verification procedures to address such material weaknesses. We have engaged outside consultants to assist in these efforts.

115

In connection with the preparation of the restatement of our financial statements for the years ended December 31, 2021 and 2020, and the interim periods ended March 31, 2022 and June 30, 2022, our management identified the following additional material weaknesses in internal control over financial reporting:

1.We did not design and maintain effective controls related to the estimation of the relationship between the term license and the support and maintenance for establishing their respective stand-alone sales prices in multi-year contracts related to revenue for our sales of software through multi-year term-based license agreements. This material weakness resulted in the material misstatement of our revenue, contract assets and deferred revenue, and the related financial statement disclosures in our consolidated financial statements for the years ended December 31, 2021 and 2020, and the interim periods within those years.

2.We did not design and maintain effective controls related to the recognition of commission expense in a manner consistent to the performance for the underlying performance obligation. This material weakness resulted in the material misstatement of our commissions expense and deferred contract acquisition costs, and the related financial statement disclosures in our consolidated financial statements for the years ended December 31, 2021 and 2020, and the interim periods within those years.

3.Our management review controls over the financial statement disclosures did not operate at a sufficient level of precision to detect nor prevent the error in our diluted loss per share of common stock calculation for the year ended December 31, 2021. This material weakness resulted in the material misstatement of our loss per share financial statement disclosures in our consolidated financial statements for the year ended December 31, 2021.

4.We did not design and maintain effective controls related to the evaluation of our awards under our 2021 Plan. This material weakness resulted in the material error in our reported equity-based compensation expense and additional paid-in capital, and the related financial statement disclosures in our unaudited condensed consolidated financial statements as of and for the three and six months ended March 31, 2022 and June 30, 2022. For further information with respect to this error, see Note 1 to the unaudited condensed consolidated financial statements for the three months ended March 31, 2022 included in Amendment No. 1 to our Quarterly Report on Form 10-Q for the quarter ended March 31, 2022 and Note 1 to the unaudited condensed consolidated financial statements for the three and six months ended June 30, 2022 included in Amendment No. 1 to our Quarterly Report on Form 10-Q for the quarter ended June 30, 2022.

Our management is responsible for the internal control over financial reporting of the Company and in addition to remediation items noted above, management has taken steps to address the material weaknesses, which include engaging external advisors to assist in the design, documentation and implementation of the Company’s internal controls, including the evaluation of the operating effectiveness of these internal controls. We also continue to expend significant resources, including accounting-related costs, training and management oversight on the continued design, improvement and implementation of our process-level internal controls. If any of these new or improved controls and systems do not perform as expected, then we may experience additional deficiencies and material weaknesses in our controls.

Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.

Changes in Internal Control over Financial Reporting

There have been no changes in our internal control over financial reporting that occurred during the last fiscal quarter that have materially affected, or are reasonably likely to materially affect, our internal control over financial reporting.

Item 9B. Other Information

Compensatory Arrangements of Certain Officers

In connection with Mr. Taddeo’s appointment as Chief Executive Officer and President, on March 28, 2023, Mr. Taddeo and the Company entered into an employment agreement (the “Taddeo Employment Agreement”), which sets forth the terms and conditions of his employment and is effective as of January 4, 2023.

116

Pursuant to the Taddeo Employment Agreement, Mr. Taddeo serves as our Chief Executive Officer and President and is entitled to an annual base salary of $325,000 and is eligible to participate in the Company’s annual incentive program with a target annual bonus opportunity of 50% of his annual base salary of $300,000 with respect to calendar year 2022 and 60% of his annual base salary with respect to calendar year 2023 and thereafter. The Taddeo Employment Agreement may be terminated by either party at any time, provided that Mr. Taddeo is required to give the Company at least 45 days advance notice of termination.

In the event Mr. Taddeo resigns for “Good Reason” or the Company terminates his employment without “Cause” (each as defined in the Taddeo Employment Agreement) in either case outside of the Change in Control Period (as defined in the Taddeo Employment Agreement), he is entitled to receive the following payments and benefits, in addition to any accrued obligations and subject to his timely execution and non-revocation of a general release of claims in the Company’s favor and continued compliance with the restrictive covenants contained in the Taddeo Employment Agreement: (i) an amount of cash equal to 12 months of his then-current annual base salary, payable in the form of salary continuation in regular installments, in accordance with our normal payroll practices, over a period of 12 months from the termination date, and (ii) reimbursement for his healthcare insurance premiums for a period of up to 12 months.

In the event of Mr. Taddeo’s termination due to his death or disability, in addition to accrued obligations, he or his estate, as applicable, shall be entitled to receive a prorated portion of his annual bonus, based on actual performance, for the fiscal year in which the termination occurs. Such bonus shall be paid in the following fiscal year as soon as practicable after the completion of the audited financial statements for the year in which the termination or resignation occurs, but not later than 45 days after the completion of such audited financial statements. In addition, under the Taddeo Employment Agreement, Mr. Taddeo’s outstanding awards under 2021 Plan will vest in a pro-rata amount up to the date of termination, subject to applicable terms and conditions set forth in the Taddeo Employment Agreement related to any performance awards that are outstanding at such time. Mr. Taddeo shall also receive any accrued annual bonus amounts with respect to the year prior to the year in which the termination occurs, to the extent unpaid at such time, paid as soon as practicable after the completion of the audited financial statements for the year prior to the year in which the termination occurs, but not later than 45 days after the completion of such audited financial statements.

In the event Mr. Taddeo resigns for “Good Reason” or we terminate his employment without “Cause” in either case during the Change in Control Period, he is entitled to receive the following payments and benefits, in addition to any accrued obligations and subject to his timely execution and non-revocation of a general release of claims in our favor and continued compliance with the restrictive covenants contained in the Taddeo Employment Agreement: (i) an amount of cash equal to the sum of (a) 12 months of his then-current annual base salary and (b) his target bonus, (ii) an amount of cash equal to a prorated portion of his annual bonus, based on actual performance, for the fiscal year in which the termination occurs, (iii) an amount equal to 12 months multiplied by the total applicable monthly premium cost for continued healthcare insurance, and (iv) an amount equal to any accrued annual bonus amounts with respect to the year prior to the year in which the termination occurs, to the extent unpaid at such time, each payable in a lump sum payment within thirty (30) days following his separation from the Company. In addition, under the Taddeo Employment Agreement, 100% of Mr. Taddeo’s outstanding awards under the 2021 Plan will vest, subject to applicable terms and conditions set forth in the Taddeo Employment Agreement related to any performance awards that are outstanding at such time.

The Taddeo Employment Agreement contains a non-disclosure covenant, a mutual non disparagement covenant and non-competition, customer non-solicitation, and employee non-solicitation covenants.

The foregoing description of the Taddeo Employment Agreement is qualified in its entirety by reference to the full text of the Taddeo Employment Agreement, a copy of which is filed as Exhibit 10.15 to this Annual Report, and incorporated herein by reference.

Item 9C. Disclosure Regarding Foreign Jurisdictions That Prevent Inspections

None.

117

PART III

Item 10. Directors, Executive Officers and Corporate Governance

Executive Officers, Directors and Director Nominees

The table below lists our directors and executive officers along with each person’s age as of the date of this Annual Report and any other position that such person holds.

Name	Age	Position
Executive Officers:
Leo Taddeo	57	Chief Executive Officer, President and Director
Manuel D. Medina	70	Executive Chairman and Chairman of the Board
Rene A. Rodriguez	46	Chief Financial Officer
Jeremy M. Dale	37	General Counsel and Secretary
Non-Employee Directors:
Jonathan J. Ledecky	65	Director
Fahim Ahmed	44	Director
Benjamin Phillips	37	Director
Lisa Sibenac	42	Director

Executive Officers

Leo Taddeo was appointed as the Chief Executive Officer, President and a Director of the Company on January 4, 2023. Prior to that, Mr. Taddeo served as Chief Information Security Officer of the Company and President of Appgate Federal, a wholly-owned subsidiary of the Company, positions he had held since February 2022. Previously, Mr. Taddeo was Chief Information Security Officer and President of Cyxtera Federal Group, a wholly-owned subsidiary of Cyxtera Technologies, Inc., a data center company and Legacy Appgate’s former parent company, from January 2019 to February 2022, and Chief Information Security Officer of Cyxtera Technologies, Inc. from May 2017 to January 2019. From 1995 to 2015, Mr. Taddeo served as a Special Agent with the Federal Bureau of Investigation, including most recently as the Special Agent in Charge of the Cyber/Special Operations Division, the top FBI executive in New York City in charge of investigating cyber-attacks against private and government networks. Mr. Taddeo received his B.S. in Applied Physics from Rensselaer Polytechnic Institute and J.D. from St. John’s University. Mr. Taddeo’s qualifications to serve on the Board include his familiarity with the Company’s business and operations, as well as his leadership, management and technology experience, particularly in the Company’s industry.

Manuel D. Medina was appointed as the Executive Chairman and Chairman of the Board at Closing. Prior to the Closing, Mr. Medina served as Executive Chairman of Legacy Appgate, a wholly-owned subsidiary of the Company, a position he held since January 2020. Prior to that, Mr. Medina was Executive Chairman of Cyxtera Technologies, Inc., a data center company and Legacy Appgate’s former parent company, from January 2020 to August 2021, Chief Executive Officer from May 2017 to December 2019 and President from May 2017 to February 2018. Mr. Medina is also the Founder and Managing Partner of Medina Capital, a private equity investment firm that he founded in 2012. Mr. Medina has more than 30 years of experience as a highly successful businessman and entrepreneur in the IT infrastructure and cybersecurity industries. Mr. Medina was the Founder, Chairman of the Board and CEO of Terremark Worldwide, Inc. (“Terremark”) until April of 2011, when Terremark was acquired by Verizon Communications Inc. (NYSE: VZ). Under his leadership, Terremark distinguished itself as a leading global provider of managed IT infrastructure services for Fortune 500 enterprises and federal government agencies. At Terremark, Mr. Medina brought his vision to deliver a comprehensive set of best-of-breed IT infrastructure services from purpose-built, carrier-neutral data center facilities to fruition. Mr. Medina is also the founder and chairman of the board of eMerge Americas, the premier B2B technology event connecting the U.S., Latin America, and Europe. Mr. Medina currently serves on the board of Cyxtera Technologies, Inc. (Nasdaq: CYXT). He received his B.S. in Accounting from Florida Atlantic University. Mr. Medina’s qualifications to serve on the Board include his extensive business and entrepreneurial experience in the technology sector, as well as his strong executive leadership experience and in-depth knowledge of Appgate.

Rene A. Rodriguez was appointed as the Chief Financial Officer of the Company at Closing. Prior to the Closing, Mr. Rodriguez served as Chief Financial Officer of Legacy Appgate, a wholly-owned subsidiary of the Company, a position he

118

held since March 2020. Previously, Mr. Rodriguez was Chief Financial Officer of Cyxtera Technologies, Inc., a data center company and Legacy Appgate’s former parent company, from May 2017 to January 2020. Mr. Rodriguez has also been the Chief Financial Officer and a partner of Medina Capital, a private equity investment firm, since July 2011. Before that, Mr. Rodriguez served as VP of Financial Planning and Corporate Controller of Terremark, a publicly traded data center company that was sold in 2011, where Mr. Rodriguez was responsible for accounting, financial and regulatory reporting, compliance, cash management, mergers and acquisitions and integration. Mr. Rodriguez has more than 20 years of experience as a finance executive with expertise in managing financial operations, capital markets, investor relations, financial analysis, and mergers and acquisitions. He received his B.B.A. in Accounting from the University of Notre Dame and his MBA in Finance from the University of Miami.

Jeremy M. Dale was appointed as the General Counsel and Secretary of the Company at Closing. Prior to the Closing, Mr. Dale served as General Counsel and Secretary of Legacy Appgate, a wholly-owned subsidiary of the Company, a position he held since January 2020. Previously, Mr. Dale was Associate General Counsel of Cyxtera Technologies, Inc., a data center company and Legacy Appgate’s former parent company, from May 2017 to January 2020, and Associate General Counsel of 3Cinteractive from July 2014 to April 2017. Prior to that, Mr. Dale was a corporate and securities associate at Greenberg Traurig, LLP from September 2010 to June 2014. He received his B.S. in Finance, B.A. in Economics, and M.S. in Finance from the University of Florida, and his Juris Doctorate from the University of Virginia.

Non-Employee Directors

Jonathan J. Ledecky has served as a Director of the Company since October 2015. Mr. Ledecky previously served as the Company’s president from October 2015 through the Closing, where he resigned upon Closing. Mr. Ledecky has been a co-owner of the National Hockey League’s (“NHL”) New York Islanders franchise since October 2014. He also serves as an Alternate Governor on the Board of Governors of the NHL and as President of NY Hockey Holdings LLC. Mr. Ledecky has served as chairman of Ironbound Partners Fund, LLC, a private investment management fund, since March 1999. He served as the President and Chief Operating Officer of Northern Star Acquisition Corp. from September 2020 until it consummated an initial business combination with Barkbox, Inc., an omnichannel brand serving dogs across the four key categories of play, food, health and home, in June 2021 (NYSE: BARK). He continued to serve as a director of the company (now Bark, Inc.) from such date until November 2022. Since November 2020, he has served as the President, Chief Operating Officer and a director of each of Northern Star Investment Corp. II (NYSE: NSTB), Northern Star Investment Corp. III (NYSE: NSTC) and Northern Star Investment Corp. IV (NSTD). Since October 2020, he has also served as Chairman of the Board of Pivotal Investment Corporation III (NYSE: PICC). Each of the foregoing companies is a blank check company that is currently searching for an initial business combination. From July 2019 to December 2020, he was also the Chief Executive Officer and Chairman of the Board of Directors of Pivotal Investment Corporation II (NYSE: PIC), a blank check company that consummated an initial business combination with Spruce Power (previously XL Fleet) (NYSE: SPRU), which is a leading owner and operator of distributed solar energy assets across the United States. He has continued to serve as a director of Spruce Power since its merger. From August 2018 to December 2019, he served as Chairman and Chief Executive Officer of Pivotal Acquisition Corp. (NYSE: PVT), a blank check company that consummated an initial business combination with KLDiscovery Inc., a leading global provider of eDiscovery, information governance and data recovery solutions to corporations, law firms, insurance companies and individuals, in December 2019. Mr. Ledecky continued to serve as a member of the board of KLDiscovery from its merger until June 2021. Mr. Ledecky previously founded U.S. Office Products, one of the fastest start-up entrants in the history of the Fortune 500 with sales in excess of $3 billion within its first three years of operation. Mr. Ledecky was also previously vice chairman of Lincoln Holdings, owners of the Washington sports franchises in the National Basketball Association, NHL and Women’s National Basketball Association. He has served as a trustee of George Washington University and the U.S. Olympic and Paralympic Foundation, director of the U.S. Chamber of Commerce, and as a commissioner on the National Commission on Entrepreneurship. In 2004, Mr. Ledecky was elected the Chief Marshal of the 2004 Harvard University Commencement, an honor bestowed by his alumni peers for a 25th reunion graduate deemed to have made exceptional contributions to Harvard and the greater society while achieving outstanding professional success. Mr. Ledecky received a B.A. (cum laude) from Harvard University in 1979 and an M.B.A. from the Harvard Business School in 1983. We believe Mr. Ledecky’s qualifications to serve on the Board include his extensive executive leadership and business and entrepreneurial experience, including experience in the technology sector.

Fahim Ahmed was appointed as a Director of the Company at Closing. Mr. Ahmed currently serves as Partner and Chief Operating Officer of BC Partners and is a member of the Management Committee of BC Partners. BC Partners is a leading international investment firm that specializes in the investment of assets under management in private equity. Before joining BC Partners in 2006, from 2004 to 2006 and from 2000 to 2002, Mr. Ahmed served as a consultant of the Boston Consulting Group. Mr. Ahmed currently serves on the boards of Chewy, Inc. (NYSE: CHWY), an online pet retailer company, Cyxtera Technologies, Inc. (Nasdaq: CYXT), a data center company, Presidio Inc., an IT solutions provider, and PetSmart, Inc., a specialty pet retailer. Mr. Ahmed previously served as a director of Suddenlink Communications, and was involved in investments in Office Depot, Inc., Intelsat S.A., Dometic Corporation, and Foxtons. Mr. Ahmed holds a Master of Philosophy degree in economics from Oxford University, where he was a Rhodes Scholar, and a B.A. from Harvard

119

University. Mr. Ahmed’s qualifications to serve on the Board include his outside board experience as a director of public and private entities, his extensive finance expertise and his in-depth knowledge of the technology sector.

Benjamin Phillips was appointed as a Director of the Company on May 10, 2022. Mr. Phillips currently serves as a Managing Director of BC Partners, a leading international investment firm that specializes in private equity, where he covers the Technology, Media and Telecommunications sector. Before joining BC Partners in 2018, Mr. Phillips served as a Principal of Hill Path Capital, an alternative asset manager investing in debt and equity of private and publicly traded companies, where he was a founding member in 2015. Mr. Phillips currently serves on the boards of Cyxtera Technologies, Inc. (Nasdaq: CYTX), a data center company, GardaWorld Security Corporation, a private security firm, and Madison Logic, an account based marketing company. Mr. Phillips holds a B.A. from Washington University in St. Louis and an MBA from Harvard Business School. Mr. Phillips’ qualifications to serve on the Board include his outside board experience, extensive finance expertise and in-depth knowledge of the technology sector.

Lisa Sibenac was appointed as a director of the Company on May 10, 2022. Ms. Sibenac currently serves as a Managing Director at BC Partners, a leading international investment firm that specializes in private equity, in Portfolio Operations. Ms. Sibenac has also served on the board of directors of Chewy Inc. (NYSE: CHWY), an online pet retailer company, since 2019. Before joining BC Partners in 2017, from 2012 to 2017, Ms. Sibenac served in various management positions at Amazon, Inc., and, from 2003 to 2010, she served in technical and commercial leadership roles at Lockheed Martin Corporation. Ms. Sibenac holds a Bachelor of Science degree in mechanical engineering from the University of Notre Dame and an MBA from Harvard Business School. Ms. Sibenac’s individual qualifications and background as a director include her knowledge of business operations and technology and public company board experience.

Family Relationships

There are no family relationships between any of our officers or directors.

Composition of our Board of Directors

Our business and affairs are managed under the direction of our Board of Directors. Currently, our Board of Directors is composed of six directors. Currently, our A&R Bylaws set forth the procedures by which our stockholders may recommend nominees to the Board of Directors.

When considering whether directors have the experience, qualifications, attributes or skills, taken as a whole, to enable our Board of Directors to effectively satisfy its oversight responsibilities in light of our business and structure, the Board of Directors focuses primarily on each person’s background and experience as reflected in the information discussed in the directors’ respective biographies set forth above. We believe that our directors provide an appropriate mix of experience and skills relevant to the size and nature of our business.

In accordance with the term of our A&R Charter and A&R Bylaws, the Board is divided into three classes, each serving staggered, three-year terms:

•our Class I directors are Manuel D. Medina and Benjamin Phillips, and their terms will expire at the annual meeting of stockholders to be held in 2025;

•our Class II directors are Fahim Ahmed and Leo Taddeo, and their terms will expire at the annual meeting of stockholders to be held in 2023; and

•our Class III directors are Jonathan J. Ledecky and Lisa Sibenac, and their terms will expire at the annual meeting of stockholders to be held in 2024.

As a result of the staggered Board, only one class of directors will be elected at each annual meeting of stockholders, with the other classes continuing for the remainder of their respective terms. This classification of the Board may have the effect of delaying or preventing changes in our control or management. See “Item 1A—Risk Factors—Risks Related to the Ownership of Our Common Stock—Anti-takeover provisions in our governing documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.”

120

Director Independence

Our Board of Directors undertook a review of the independence of our directors and considered whether any director had a material relationship with us that could compromise that director’s ability to exercise independent judgment in carrying out that director’s responsibilities. Our Board of Directors has affirmatively determined that each of Fahim Ahmed, Benjamin Phillips and Lisa Sibenac is an “independent director,” as defined under the rules of both Nasdaq and the NYSE. In making these determinations, our Board of Directors considered the current and prior relationships that each director has with our Company and all other facts and circumstances our Board of Directors deemed relevant in determining their independence, including the beneficial ownership of our capital stock by each director, and the transactions involving them described in Item 13 of this Annual Report titled “Certain Relationships and Related Transactions, and Director Independence.”

Board Committees

As a “controlled company,” the Company currently does not have separate or independent audit, nominating or compensation committees. In the future, our Board may establish other committees, as it deems appropriate, to assist it with its responsibilities.

Role of the Board of Directors in Risk Oversight

Our Board of Directors is responsible for overseeing our risk management process. Our Board of Directors focuses on our general risk management strategy, the most significant risks facing us, and oversees the implementation of risk mitigation strategies by management. Our Board of Directors is also apprised of particular risk management matters in connection with its general oversight and approval of corporate matters and significant transactions.

Compensation Committee Interlocks and Insider Participation

None of our executive officers serves as a member of the Board of Directors or compensation committee (or other committee performing equivalent functions) of any entity that has one or more executive officers serving on our Board of Directors.

Indemnification of Directors and Officers

Our A&R Charter and A&R Bylaws provide that we will indemnify our directors and officers to the fullest extent permitted by the DGCL, subject to certain limited exceptions.

Code of Business Conduct and Ethics

We have adopted a written code of business conduct and ethics that applies to our directors, officers and employees, including our principal executive officer, principal financial officer, principal accounting officer or controller, or persons performing similar functions. A copy of the code is posted on our website, www.appgate.com. In addition, we intend to post on our website all disclosures that are required by law or any applicable listing standards concerning any amendments to, or waivers from, any provision of the code. The information contained on or accessible through our website does not form a part of this Annual Report and is not incorporated by reference herein.

Section 16(a) Beneficial Ownership Reporting Compliance

Section 16(a) of the Exchange Act requires that our directors and executive officers and all persons who beneficially own more than 10% of our common stock file initial reports of ownership and reports of changes in ownership of our common stock with the SEC. As a practical matter, we assist our directors and executive officers by monitoring transactions and completing and filing Section 16 reports on their behalf.

Based solely upon our review of copies of filings or written representations from the reporting persons, we believe that all reports for our executive officers and directors and persons who beneficially own more than 10% of our common stock that were required to be filed under Section 16(a) of the Exchange Act during the year ended December 31, 2022 were filed on a timely basis.

121

Item 11. Executive Compensation

Overview

This section discusses the material components of our executive compensation program for our named executive officers (“Named Executive Officers”) during our fiscal years ended December 31, 2022 and December 31, 2021. As a “smaller reporting company,” we are required to provide executive compensation information for the following individuals: (i) all individuals who served as the Company’s principal executive officer (“PEO”), during the last completed fiscal year, regardless of compensation; (ii) the two most highly compensated executive officers (other than the PEO) who were serving as executive officers of the Company at the end of the last completed fiscal year and whose total compensation was greater than $100,000; and (iii) up to two additional persons who served as executive officers (other than as the PEO) during the last completed fiscal year but were not serving in that capacity at the end of the fiscal year if their total compensation is higher than any of the other two Named Executive Officers in the preceding group.

In 2022, our Named Executive Officers and their positions were as follows:

• Barry Field, our former Chief Executive Officer;

• Manuel D. Medina, our Executive Chairman; and

• Rene A. Rodriguez, our Chief Financial Officer.

This discussion may contain forward-looking statements that are based on the Company’s current plans, considerations, expectations and determinations regarding future compensation programs. The actual compensation programs that the Company adopts following the filing of this Annual Report may differ materially from the currently planned programs summarized in this discussion.

Summary Compensation Table

The following table sets out the compensation for the Named Executive Officers for the years ended December 31, 2022 and 2021:

Name and Principal Position	Fiscal Year	Salary (US$)(1)	Bonus (US$)(2)	Stock Awards (US$)(3)	All Other Compensation (US$)(4)	Total Compensation (US$)
Barry Field, former Chief Executive Officer	2022	410,000	—	16,159,884	5,851	16,575,735
	2021	402,308	503,000	—	5,247	910,555
Manuel D. Medina, Executive Chairman	2022	200,000	45,000	14,328,821	257,128	14,830,949
	2021	200,000	120,000	—	179,569	499,569
Rene A. Rodriguez, Chief Financial Officer	2022	295,000	66,375	6,297,117	5,254	6,663,746
	2021	279,615	247,000	—	2,722	529,337

(1)Salary amounts represent actual amount of base salary paid to each Named Executive Officer in the applicable year.

(2) Bonus amounts for 2021 and 2022 represent the actual amount of cash bonuses earned during 2021 and 2022, as applicable, under Legacy Appgate’s or the Company’s, as applicable, annual bonus program. 2021 bonuses were paid to the Named Executive Officers in cash in the first half of 2022. Bonus amounts for 2021 for Messrs. Field and Rodriguez also include special bonuses of $175,000 and $70,000, respectively, awarded in 2021 in recognition of the completion of the sale of Brainspace. 2022 bonuses are expected to be paid to the Named Executive Officers in cash in the first half of 2023.

(3) Represents the aggregate grant date fair value of restricted stock units (“RSUs”) granted to each Named Executive Officer, calculated in accordance with Financial Accounting Standards Board (“FASB”) ASC Topic 718. The assumptions used in calculating the grant date fair value of the awards reported in this column are set forth in Note 15 to our audited consolidated financial statements included in this Annual Report. On December 23, 2022, Mr. Medina and the Company entered into an agreement pursuant to which all of Mr. Medina’s RSUs were terminated. Mr. Medina did not receive any compensation from the Company in connection with such termination of his RSUs.

122

(4) Amounts represent matching contributions paid in the applicable year to 401(k) retirement savings plans and the dollar value of premiums paid in the applicable year for life and disability insurance. In the case of Mr. Medina for 2021, this column includes $80,662 paid by Legacy Appgate for Mr. Medina’s personal assistant and $98,289 paid by Legacy Appgate for Mr. Medina’s personal driver. In the case of Mr. Medina for 2022, this column includes $113,313 paid or, with respect to bonuses relating to calendar year 2022, payable, by the Company for Mr. Medina’s personal assistant and $144,171 paid or, with respect to bonuses relating to calendar year 2022, payable, by the Company for Mr. Medina’s personal driver. For Messrs. Field and Rodriguez, the amount for 2021 includes a $50 gift card purchased by Legacy Appgate for all employees except Mr. Medina.

Narrative to the Summary Compensation Table

Cyxtera Spin-Off Transaction

Prior to December 31, 2019, Legacy Appgate was a wholly-owned subsidiary of Cyxtera. On December 31, 2019, Cyxtera completed the Cyxtera Spin-Off of Legacy Appgate into a separate, standalone company. On October 12, 2021, Legacy Appgate became a wholly-owned subsidiary of the Company in connection with the Merger. For 2021 and 2022, amounts disclosed in the Summary Compensation Table include all compensation paid to our Named Executive Officers by Legacy Appgate or the Company, as applicable. Amounts disclosed for 2021 and 2022 do not include any compensation paid to the Named Executive Officers by Cyxtera and its affiliates, as Legacy Appgate was no longer a subsidiary of Cyxtera.

Base Salaries

We use base salaries to recognize the experience, skills, knowledge, and responsibilities required of all our employees, including our Named Executive Officers. Base salaries are reviewed annually, typically in connection with our annual performance review process, and adjusted from time to time to realign salaries with market levels after taking into account individual responsibilities, performance, and experience. For 2021 until October 12, 2021, the annual base salaries of our Named Executive Officers were: $400,000 for Mr. Field; $200,000 for Mr. Medina and $275,000 for Mr. Rodriguez. Effective October 12, 2021 for the remainder of 2021 and all of 2022, the annual base salaries of our Named Executive Officers were: $410,000 for Mr. Field; $200,000 for Mr. Medina and $295,000 for Mr. Rodriguez.

Annual Bonus/Non-Equity Incentive Plan Compensation

During fiscal years 2021 and 2022, our Named Executive Officers were eligible to earn a cash bonus under Legacy Appgate’s or the Company’s, as applicable, annual bonus program based upon achievement of both corporate and individual goals determined by the Board of Directors based on a target percentage of annual base salary. For 2021 and 2022, the bonus targets as a percentage of base salaries were 80% for Mr. Field and 60% for Messrs. Medina and Rodriguez. The actual amounts of cash bonuses earned under Legacy Appgate’s annual bonus program for 2021 were 100% of their bonus targets, totaling $328,000 for Mr. Field, $120,000 for Mr. Medina, and $177,000 for Mr. Rodriguez. The cash bonuses for 2021 were paid during the first half of 2022. For Mr. Field, the actual amount of cash bonus earned under the Company’s annual bonus program for 2022 was $0. For Messrs. Medina and Rodriguez, the actual amounts of cash bonuses earned under the Company’s annual bonus program for 2022 were 37.5% of their bonus targets, totaling $45,000 for Mr. Medina and $66,375 for Mr. Rodriguez. The cash bonuses for 2022 are expected to be paid during the first half of 2023.

Equity-Based Compensation

None of the Company’s Named Executive Officers received awards or grants of equity or equity-based compensation during 2021. Each of the Company’s Named Executive Officers received grants of RSUs under the 2021 Plan during 2022. See “Equity-Based Compensation - 2022 Special RSUs and Year-One RSUs” and “Equity-Based Compensation - Additional 2022 RSUs” below for details regarding such grants.

2021 Plan

On September 6, 2021, the Company adopted the 2021 Plan, which became effective upon the Closing, under which equity-based incentive awards may be granted in the future. The material terms of the Company’s 2021 Plan are described below.

The 2021 Plan is designed to allow the Company to make equity-based incentive awards to officers, employees, directors and other key persons (including consultants). The Board anticipates that providing such persons with a direct stake in the

123

Company, following the Merger, will assure a closer alignment of the interests of such individuals with those of the Company and its stockholders, thereby stimulating their efforts on the Company’s behalf and strengthening their desire to remain with the Company.

The 2021 Plan provides for a share issuance pool equal to 11,022,170 shares of common stock as of the effective date of the 2021 Plan, which we refer to as the Share Pool Limit. The Share Pool Limit is subject to adjustment in the event of a stock split, stock dividend or other change in the Company’s capitalization. The maximum aggregate number of shares of common stock that may be issued upon exercise of incentive stock options under the 2021 Plan shall not exceed the Share Pool Limit.

If any award under the 2021 Plan is forfeited, expires or otherwise terminates without issuance of the shares of common stock in respect of such award, or if any award is settled for cash, then the shares to which those awards were subject, shall, to the extent of such forfeiture, expiration, termination, non-issuance or cash settlement, again be available for delivery with respect to awards under the 2021 Plan. It should be noted that Shares used to pay the exercise price or tax withholding associated with awards will count against and, therefore, will not be returned to the pool.

The 2021 Plan contains a limitation whereby the value of all awards under the 2021 Plan granted to any non-employee director for services as a non-employee director in any fiscal year may not exceed $750,000.

The 2021 Plan is administered by the Compensation Committee of the Board, or, if at any such time there is no Compensation Committee, the 2021 Plan will be administered by the Board. For purposes of this description of the 2021 Plan, references to the Compensation Committee shall instead refer to the Board in the event that there is no Compensation Committee. The Compensation Committee will have full power to select, from among the individuals eligible for awards, the individuals to whom awards will be granted, to make any combination of awards to participants, and to determine the specific terms and conditions of each award, subject to the provisions of the 2021 Plan. The Compensation Committee may delegate to the chief executive officer or any other officer the authority to grant stock options and other awards to employees who are not subject to the reporting and other provisions of Section 16 of the Exchange Act, subject to certain limitations and guidelines. Persons eligible to participate in the 2021 Plan will be those full or part-time employees, non-employee directors and other key service providers (including consultants) as selected from time to time by the Compensation Committee in its discretion.

Under the 2021 Plan, the Compensation Committee is authorized to grant stock options, stock appreciation rights, restricted stock, restricted stock units, other equity-based awards and cash incentive awards as described below. Awards may be subject to a combination of time and performance-based vesting conditions, as may be determined by the Compensation Committee.

The 2021 Plan permits the granting by the Compensation Committee of both options to purchase common stock intended to qualify as incentive stock options under Section 422 of the Code and options that do not so qualify. Options granted under the 2021 Plan will be non-qualified options if they fail to qualify as incentive options or exceed the annual limit on incentive stock options. Incentive stock options may only be granted to employees of the Company and its subsidiaries. Non-qualified options may be granted to any persons eligible to receive incentive options and to non-employee directors and key persons. The option exercise price of each option will be determined by the Compensation Committee but may not be less than 100% of the fair market value of the common stock on the date of grant unless the option is granted (i) pursuant to a transaction described in, and in a manner consistent with, Section 424(a) of the Code or (ii) to individuals who are not subject to U.S. income tax. The term of each option will be fixed by the Compensation Committee and may not exceed ten years following the date of grant. The Compensation Committee will determine at what time or times each option may be exercised, including whether the vesting of such options may be accelerated under any given circumstances.

Upon exercise of options, the option exercise price must be paid in full either in cash, by certified or bank check or other instrument acceptable to the Compensation Committee or by delivery (or attestation to the ownership) of shares of common stock that are beneficially owned by the optionee for at least six months or were purchased in the open market. Subject to applicable law, the exercise price may also be delivered by a broker pursuant to irrevocable instructions to the broker from the optionee. In addition, the Compensation Committee may permit non-qualified options to be exercised using a net exercise feature, which reduces the number of shares issued to the optionee by the number of shares with a fair market value equal to the aggregate exercise price.

The Compensation Committee may award stock appreciation rights subject to such conditions and restrictions as it may determine. Stock appreciation rights entitle the recipient to shares of common stock, or cash, equal to the value of the

124

appreciation in our stock price over the exercise price. The exercise price may not be less than 100% of the fair market value of common stock on the date of grant. The term of each stock appreciation right will be fixed by the Compensation Committee and may not exceed ten years following the date of grant. The Compensation Committee will determine at what time or times each stock appreciation right may be exercised.

The Compensation Committee may award restricted shares of common stock and restricted stock units to participants subject to such conditions and restrictions as it may determine. These conditions and restrictions may include the achievement of certain performance goals and/or continued employment with the Company through a specified vesting period. The Compensation Committee may also grant shares of common stock that are free from any restrictions under the 2021 Plan. Unrestricted stock may be granted to a participant in recognition of past services or for other valid consideration and may be issued in lieu of cash compensation due to such participant. The Compensation Committee may grant dividend equivalent rights to participants that entitle the recipient to receive credits for dividends that would be paid if the recipient had held a specified number of shares of common stock.

The 2021 Plan provides that upon the effectiveness of a “change in control,” as defined in the 2021 Plan, an acquirer or successor entity may assume, continue or substitute outstanding awards under the 2021 Plan or cash-out awards. The Compensation Committee has the discretion to accelerate vesting of awards.

Participants in the 2021 Plan are responsible for the payment of any federal, state or local taxes that the Company is required by law to withhold upon the exercise of options or stock appreciation rights or vesting of other awards. Subject to approval by the Compensation Committee, participants may elect to have up to the maximum tax withholding obligations satisfied by authorizing the Company to withhold shares of common stock to be issued pursuant to the exercise or vesting of such award.

The Compensation Committee may make such adjustments to awards as it considers appropriate to preserve their value in the event of an extraordinary dividend, recapitalization, stock split, spin-off or any other event that constitutes an equity restructuring, including adjustments to the terms of (i) the number of shares with respect to which awards may be granted under the 2021 Plan and (ii) outstanding awards (including adjustments to exercise prices of options and other affected terms of awards).

The Compensation Committee may (i) cause the cancellation of any award, (ii) require reimbursement of any award by a participant or beneficiary, and (iii) effect any other right of recoupment of equity or other compensation provided under the 2021 Plan or otherwise in accordance with any company policies that currently exist or that may from time to time be adopted or modified in the future by the Board or the Compensation Committee and/or applicable law, each of which is referred to as a “clawback policy.” In addition, a participant may be required to repay to the Company certain previously paid compensation, whether provided under the 2021 Plan or an award agreement or otherwise, in accordance with any clawback policy. By accepting an award, a participant is also agreeing to be bound by any existing or future clawback policy adopted by the Board or the Compensation Committee, or any amendments that may from time to time be made to the clawback policy in the future by the Board or the Compensation Committee in its discretion (including without limitation any clawback policy adopted or amended to comply with applicable laws or stock exchange requirements) and is further agreeing that all of the participant’s award agreements may be unilaterally amended by the Compensation Committee, without the participant’s consent, to the extent that Compensation Committee in its discretion determines to be necessary or appropriate to comply with any clawback policy.

Except as otherwise provided by the Compensation Committee or set forth in an award agreement, awards will not be transferable except by will or by laws of descent and distribution. In no event may any award be transferred to a third party in exchange for value without the consent of the Company’s stockholders prior to vesting.

The Board may amend or discontinue the 2021 Plan, and the Compensation Committee may amend or cancel outstanding awards for purposes of satisfying changes in law or any other lawful purpose, but no such action may adversely affect rights under an award without the holder’s consent. Certain amendments to the 2021 Plan require the approval of the Company’s stockholders.

2022 Special RSUs and Year-One RSUs

On January 1, 2022, the Board of Directors of the Company approved the grant of long-term incentive awards to Messrs. Field, Medina and Rodriguez under the 2021 Plan. With respect to Messrs. Field and Rodriguez, the long-term incentive awards included two grants of restricted stock units, each with a grant date of January 1, 2022. With respect to Mr. Medina,

125

the long-term incentive awards included one grant of restricted stock units with a grant date of January 1, 2022. Upon vesting, the restricted stock units will settle in shares of the Company’s Common Stock.

Subject to satisfaction of the Vesting Event (as defined below), the first grant of restricted stock units (the “Special RSUs”) for Messrs. Field and Rodriguez vest 25% on January 1, 2022 and 6.25% thereafter on the first day of each calendar quarter starting on April 1, 2022. Subject to satisfaction of the Vesting Event, the second grant of restricted stock units (the “Year-One RSUs”) for Messrs. Field and Rodriguez vest 25% on January 1, 2023 and 6.25% thereafter on the first day of each calendar quarter starting on April 1, 2023. In each case, however, vesting will not be effective until the earliest to occur of (a) the listing of the Company’s Common Stock on either Nasdaq or the NYSE and (b) a Change in Control as defined in the 2021 Plan (the “Vesting Event”). Any restricted stock units that would have otherwise vested prior to the Vesting Event, but did not vest because the Vesting Event had not occurred as of such time, shall, immediately be vested on the date of the Vesting Event (and the date of such Vesting Event shall be deemed the vesting date for such restricted stock units) regardless of whether Mr. Field or Rodriguez was in continuous service with the Company as of the date of the Vesting Event.

Subject to satisfaction of the Medina Vesting Event (as defined below), Mr. Medina’s Special RSUs would have vested 100% on January 1, 2022; provided, however, that vesting would not have become effective until the earliest to occur of (a) the listing of the Company’s Common Stock on either Nasdaq or the NYSE, (b) a Change in Control as defined in the 2021 Plan and (c) December 31, 2022 (the first to occur of (a), (b) or (c), the “Medina Vesting Event”). Any restricted stock units that would have otherwise become vested prior to the Medina Vesting Event, but did not vest because the Medina Vesting Event had not occurred as of such time, would have, immediately vested on the date of the Medina Vesting Event (and the date of such Medina Vesting Event would have been deemed the vesting date for such restricted stock units) regardless of whether Mr. Medina was in continuous service with the Company as of the date of the Medina Vesting Event. However, on December 23, 2022, Mr. Medina and the Company entered into an agreement pursuant to which all of Mr. Medina’s Special RSUs were terminated before any such vesting had occurred.

The following table sets forth the total Special RSUs and Year-One RSUs awarded to Messrs. Medina, Field and Rodriguez:

Name and Title	Special RSUs	Year-One RSUs
Manuel D. Medina, Executive Chairman	1,102,217(1)	N/A
Barry Field, former Chief Executive Officer	461,278	395,381
Rene A. Rodriguez, Chief Financial Officer	131,794	131,794

(1) As described above, on December 23, 2022, Mr. Medina and the Company entered into an agreement pursuant to which all of Mr. Medina’s Special RSUs were terminated. Mr. Medina did not receive any compensation from the Company in connection with such termination of his RSUs.

Additional 2022 RSUs

On August 8, 2022, the Board approved the grant of long-term incentive awards to Messrs. Field and Rodriguez under the 2021 Plan. Such long-term incentive awards included one grant of RSUs, each with a grant date of August 8, 2022. Upon vesting, the RSUs will settle in shares of the Company’s common stock.

Subject to satisfaction of the Vesting Event (as defined above), the RSUs (the “Additional 2022 RSUs”) for Messrs. Field and Rodriguez vest 25% on January 1, 2023 and 6.25% thereafter on the first day of each calendar quarter starting on April 1, 2023. However, vesting will not be effective until the Vesting Event. In the event the Vesting Event does not occur within three (3) years of August 8, 2022, the Additional 2022 RSUs shall be forfeited immediately following such three (3) year period. Subject to the immediately preceding sentence, any Additional 2022 RSUs that would have otherwise vested prior to the Vesting Event, but did not vest because the Vesting Event had not occurred as of such time, shall immediately be vested on the date of the Vesting Event (and the date of such Vesting Event shall be deemed the vesting date for such Additional 2022 RSUs) regardless of whether Mr. Field or Rodriguez was in continuous service with the Company as of the date of the Vesting Event.

126

The following table sets forth the total Additional 2022 RSUs awarded to Messrs. Field and Rodriguez:

Name and Title	Additional 2022 RSUs
Barry Field, former Chief Executive Officer	691,917
Rene A. Rodriguez, Chief Financial Officer	395,382

SIS Holdings PIUs

Messrs. Field, Medina and Rodriguez were previously granted PIUs in SIS Holdings, which at the time owned 100% of the then outstanding common stock of Cyxtera, pursuant to the Cyxtera Stockholder Class B Unit Plan and the Amended and Restated Limited Partnership Agreement of SIS Holdings, dated May 1, 2017. Messrs. Field and Medina were granted PIUs in 2017 and Mr. Rodriguez was granted PIUs in 2017 and 2019. Mr. Rodriguez forfeited all of the PIUs granted in 2019 prior to vesting upon his transition from an employee of Cyxtera to an employee of Legacy Appgate in 2020. The PIUs are intended to align the interests of such Named Executive Officers with those of SIS Holdings, Cyxtera’s equity sponsor, and provide a retention incentive for such Named Executive Officers.

The PIUs were intended to constitute profits interests for U.S. federal income tax purposes that allow Messrs. Field, Medina and Rodriguez to participate in the increase in value of SIS Holdings from and after the date of grant of such interests based on SIS Holding’s ownership of Legacy Appgate and Cyxtera. The PIUs are subject to time-vesting provisions and generally vest as to 25% of such PIUs on the first anniversary of the date of grant and as to 75% of such PIUs in substantially equal monthly installments over 42 months thereafter, subject generally to continued employment and subject to accelerated vesting upon certain liquidity events, which did not include the Merger.

Notwithstanding the foregoing, under the Cyxtera Stockholder Class B Unit Plan, if Mr. Field, Medina or Rodriguez’s employment terminates other than (i) by SIS Holdings or its subsidiaries for “Cause” (as defined in the Cyxtera Stockholder Class B Unit Plan) or (ii) by Mr. Field, Medina or Rodriguez without “Good Reason” (as defined in the Cyxtera Stockholder Class B Unit Plan) and a third-party adjudication makes a final binding determination that the applicable Named Executive Officer breached applicable restrictive covenants (such event, a “Specified Termination”), then vested PIUs with respect to such Named Executive Officer will be subject to a repurchase right at fair market value. In the event that Mr. Field, Medina or Rodriguez’s employment is terminated by SIS Holdings or its subsidiaries for Cause or by the applicable Named Executive Officer upon a Specified Termination, then the vested PIUs will be subject to a repurchase right at the lower of fair market value or the purchase price paid by the applicable Named Executive Officer. In all such instances, unvested PIUs are forfeited.

Retirement Plans

Effective January 1, 2021, Legacy Appgate established a 401(k) retirement savings plan for its U.S. employees, and the Company’s Named Executive Officers were eligible to participate in the 401(k) plan in 2021 and 2022 on the same terms as other full-time employees. Under this plan, Legacy Appgate provides employer matching contributions equal to 100% of the first 1% of eligible compensation contributed by employees and 50% of the next 5% of eligible compensation contributed by employees.

The Company does not maintain, sponsor, contribute to or otherwise have any liability with respect to any single or multiemployer defined benefit pension plan or nonqualified deferred compensation plan.

Employee Benefits

Effective January 1, 2021, Legacy Appgate established its own employee benefit plans and programs. For 2021 and 2022, the Named Executive Officers were eligible to participate in such employee benefit plans and programs to the same extent as the Company’s other full-time employees, subject to the terms and eligibility requirements of those plans.

Outstanding Equity Awards at 2022 Fiscal Year-End

Messrs. Field and Rodriguez held RSUs in the Company as of December 31, 2022 and Messrs. Field, Medina and Rodriguez held PIUs in SIS Holdings as of December 31, 2022. The following table summarizes the number of outstanding

127

RSUs in the Company held by Messrs. Field and Rodriguez at 2022 fiscal year-end and the number of outstanding PIUs in SIS Holdings held by Messrs. Field, Medina and Rodriguez at 2022 fiscal year-end.

		Option Awards			Stock Awards
Name	Grant Date	Number of Securities Underlying Unexercised Options (#) Unexercisable	Option exercise price ($)	Option expiration date (1)	Number of Shares or Units of Stock That Have Not Vested (#)	Market Value of Shares or Units of Stock That Have Not Vested ($)(2)(3)
Barry Field	5/1/2017	62,500	—	—	—	—
	1/1/2022	—	—	—	856,659	5,568,284
	8/8/2022	—	—	—	691,917	4,497,461
Manuel D. Medina	5/1/2017	184,197	—	—	—	—
Rene A. Rodriguez	5/1/2017	31,875	—	—	—	—
	1/1/2022	—	—	—	263,588	1,713,322
	8/8/2022	—	—	—	395,382	2,569,983

(1)    The outstanding PIUs are most similar to option awards in that they share in equity value appreciation from and after the date of grant. However, they do not have an exercise price or an expiration date.

(2)    The market value of unvested stock awards is based on the closing market price of our common stock on December 30, 2022 of $6.50.

(3)    Of the 856,659 RSUs granted to Mr. Field and 263,588 RSUs granted to Mr. Rodriguez on January 1, 2022, (a) 461,278 and 131,794, respectively, were the Special RSUs granted to Mr. Field and Mr. Rodriguez, respectively, and (b) 395,381 and 131,794, respectively, were the Year-One RSUs granted to Mr. Field and Mr. Rodriguez, respectively, with each such grant vesting and being subject to the Vesting Event as more fully described above under “2022 Special RSUs and Year-One RSUs”. All of the 691,917 RSUs granted to Mr. Field and 395,382 RSUs granted to Mr. Rodriguez on August 8, 2022 are considered the Additional 2022 RSUs which vest and are subject to the Vesting Event as more fully described above under “Additional 2022 RSUs”.

Other Elements of Compensation

Employment Agreements

On October 12, 2021, the Company entered into employment agreements with each of Messrs. Field and Rodriguez, each effective upon Closing. Mr. Medina entered into an employment agreement with Legacy Appgate effective as of January 1, 2020. On October 12, 2021, Mr. Medina’s employment agreement was amended and assigned by Legacy Appgate to the Company. On January 4, 2023, the Company entered into a separation agreement and release (the “Separation Agreement”) with Mr. Field.

The following discussion contains a summary of the terms of the Named Executive Officer employment agreements and the Separation Agreement.

Field Employment Agreement and Separation Agreement

The Company entered into an employment agreement with Mr. Field on October 12, 2021, which set forth the terms and conditions of his employment (the “Field Agreement”). Pursuant to the Field Agreement, Mr. Field served as our Chief Executive Officer and was entitled to an annual base salary of $410,000 and eligible to participate in the Company’s annual incentive program with a target annual bonus opportunity of 80% of his annual base salary.

The Field Agreement contained a non-disclosure covenant, a mutual non disparagement covenant and non-competition, customer non-solicitation, and employee non-solicitation covenants.

On January 4, 2023, Mr. Field tendered his resignation as both a director and as the Company’s Chief Executive Officer, with such resignation becoming effective on such date. In connection with Mr. Field’s resignation, on January 4, 2023, the

128

Company and Mr. Field entered into the Separation Agreement, pursuant to which Mr. Field is entitled to the following benefits: (a) a cash severance payment equal to Mr. Field’s annual base salary and corresponding one-year target bonus, paid ratably over a twelve month period following January 4, 2023 (the “Field Separation Period”), for a total gross amount equal to $738,000; (b) payment of Mr. Field’s premiums for continued health benefits provided under COBRA for the Field Separation Period; and (c) payment of Mr. Field’s annual bonus, if any, for the fiscal year 2022 and his employment period during the fiscal year 2023, at the same time the applicable bonus payments are paid in the ordinary course to actively employed senior executives in accordance with the terms of the Separation Agreement. The Separation Agreement additionally includes a customary general release of claims by Mr. Field in favor of the Company and certain related persons and parties.

The foregoing description of the Field Agreement and the Separation Agreement is qualified in its entirety by reference to the full text of the Field Agreement and the Separation Agreement, copies of which are filed as Exhibits 10.11 and 10.16, respectively, to this Annual Report, and incorporated herein by reference.

Medina Employment Agreement

Legacy Appgate entered into an employment agreement with Mr. Medina on November 18, 2019, which became effective as of January 1, 2020 and set forth the terms and conditions of his employment (the “Prior Medina Agreement”). On October 12, 2021, Legacy Appgate, the Company and Mr. Medina entered into an amended and restated employment agreement, which became effective the same day (the “Medina Agreement”). Among other things, the Medina Agreement amended and restated the Prior Medina Agreement in its entirety and assigned all rights and obligations of Legacy Appgate to the Company. Pursuant to the Medina Agreement, Mr. Medina serves as the Company’s Executive Chairman and is entitled to, among other things (i) an annual base salary of $200,000, (ii) participate in the annual incentive program with a target annual bonus opportunity of 60% of his annual base salary, (iii) personal office space and administrative support, (iv) a personal driver, and (v) subject to approval of the Board and other conditions, a restricted stock unit award for 2021 in the amount of 1,102,217 shares of the Company’s common stock (the “RSU Award”), with such RSUs to vest, in full, on the later of (a) January 1, 2022 and (b) the date of grant of such RSUs. In connection with the grant of Mr. Medina’s Special RSUs, as discussed above, the Company and Mr. Medina agreed to amend the vesting conditions to reflect the Medina Vesting Event described above. The RSU Award is in consideration for Mr. Medina’s agreement to waive certain rights to equity awards under the Prior Medina Agreement. The Medina Agreement may be terminated by either party at any time, provided that Mr. Medina is required to give the Company at least 45 days advance notice of termination.

In the event Mr. Medina resigns for “Good Reason” or the Company terminates his employment without “Cause” (each as defined in the Medina Agreement), in either case during the period beginning ninety (90) days prior to and ending on the first (1st) anniversary of the effective date of a Change in Control (as defined in the 2021 Plan) (the “Change in Control Period”), he is entitled to receive the following payments and benefits, in addition to any accrued obligations and subject to his timely execution and non-revocation of a general release of claims in the Company’s favor and continued compliance with the restrictive covenants contained in the Medina Agreement: (i) an amount of cash equal to the sum of (a) 12 months of his then-current annual base salary and (b) his target bonus, payable in the form of salary continuation in regular installments, in accordance with our normal payroll practices, over a period of 12 months from the termination date, (ii) an amount of cash equal to a prorated portion of his annual bonus, based on actual performance, for the fiscal year in which the termination or resignation occurs, paid when bonuses for such fiscal year are paid in the ordinary course to actively employed senior executives of the Company (but in no event later than the date that is two and half months into the following fiscal year), (iii) reimbursement for his healthcare insurance premiums for a period of up to 12 months and (iv) any accrued annual bonus amounts with respect to the year prior to the year in which the termination occurs, to the extent unpaid at such time, paid as soon as practicable after the end of the year for which it is earned (and, in all events, prior to the later of (i) date that is two and a half months after the end of the year for which it is earned or (ii) 30 days after the completion of the audited financial statements for such year but not later than 120 days after the end of the year).

In the event of Mr. Medina’s termination due to his death or disability, in addition to accrued obligations, he or his estate, as applicable, shall be entitled to receive a prorated portion of his annual bonus, based on actual performance, for the fiscal year in which the termination occurs. Such bonus shall be paid when bonuses for such fiscal year are paid in the ordinary course to actively employed senior executives of the Company (but in no event later than the date that is two and half months into the following fiscal year). In addition, under the Medina Agreement, Mr. Medina’s outstanding awards under the 2021 Plan will vest in a pro-rata amount up to the date of termination, subject to applicable terms and conditions set forth in the Medina Agreement related to any performance awards that are outstanding at such time. Mr. Medina shall also receive any accrued annual bonus amounts with respect to the year prior to the year in which the termination occurs, to the extent unpaid at such time, paid as soon as practicable after the end of the year for which it is earned (and, in all events,

129

prior to the later of (i) date that is two and a half months after the end of the year for which it is earned or (ii) 30 days after the completion of the audited financial statements for such year but not later than 120 days after the end of the year). Finally, in the event of Mr. Medina’s termination due to his disability, Mr. Medina shall be entitled to reimbursement for his healthcare insurance premiums for a period of up to 12 months.

In the event Mr. Medina resigns for “Good Reason” or the Company terminates his employment without “Cause” in either case during the Change in Control Period, he is entitled to receive the following payments and benefits, in addition to any accrued obligations and subject to his timely execution and non-revocation of a general release of claims in our favor and continued compliance with the restrictive covenants contained in the Medina Agreement: (i) an amount of cash equal to the sum of (a) 18 months of his then-current annual base salary and (b) his target bonus, (ii) an amount of cash equal to a prorated portion of his annual bonus, based on actual performance, for the fiscal year in which the termination occurs, (iii) an amount equal to 18 months multiplied by the total applicable monthly premium cost for continued healthcare insurance, and (iv) an amount equal to any accrued annual bonus amounts with respect to the year prior to the year in which the termination occurs, to the extent unpaid at such time, each payable in a lump sum payment within thirty (30) days following his separation from the Company. In addition, under the Medina Agreement, 100% of Mr. Medina’s outstanding awards under the 2021 Plan will vest, subject to applicable terms and conditions set forth in the Medina Agreement related to any performance awards that are outstanding at such time.

The Medina Agreement contains a non-disclosure covenant, a mutual non disparagement covenant and non-competition, customer non-solicitation, and employee non-solicitation covenants.

The foregoing description of the Medina Agreement is qualified in its entirety by reference to the full text of the Medina Agreement, a copy of which is filed as Exhibit 10.10 to this Annual Report, and incorporated herein by reference.

Rodriguez Employment Agreement 

The Company entered into an employment agreement with Mr. Rodriguez on October 12, 2021, which sets forth the terms and conditions of his employment (the “Rodriguez Agreement”). Pursuant to the Rodriguez Agreement, Mr. Rodriguez serves as our Chief Financial Officer and is entitled to an annual base salary of $295,000 and is eligible to participate in the Company’s annual incentive program with a target annual bonus opportunity of 60% of his annual base salary. The Rodriguez Agreement may be terminated by either party at any time, provided that Mr. Rodriguez is required to give the Company at least 45 days advance notice of termination.

In the event Mr. Rodriguez resigns for “Good Reason” or the Company terminates his employment without “Cause” (each as defined in the Rodriguez Agreement) in either case outside of the Change in Control Period, he is entitled to receive the following payments and benefits, in addition to any accrued obligations and subject to his timely execution and non-revocation of a general release of claims in the Company’s favor and continued compliance with the restrictive covenants contained in the Rodriguez Agreement: (i) an amount of cash equal to 12 months of his then-current annual base salary, payable in the form of salary continuation in regular installments, in accordance with our normal payroll practices, over a period of 12 months from the termination date, and (ii) reimbursement for his healthcare insurance premiums for a period of up to 12 months.

In the event of Mr. Rodriguez’s termination due to his death or disability, in addition to accrued obligations, he or his estate, as applicable, shall be entitled to receive a prorated portion of his annual bonus, based on actual performance, for the fiscal year in which the termination occurs. Such bonus shall be paid in the following fiscal year as soon as practicable after the completion of the audited financial statements for the year in which the termination or resignation occurs, but not later than 45 days after the completion of such audited financial statements. In addition, under the Rodriguez Agreement, Mr. Rodriguez’s outstanding awards under the 2021 Plan will vest in a pro-rata amount up to the date of termination, subject to applicable terms and conditions set forth in the Rodriguez Agreement related to any performance awards that are outstanding at such time. Mr. Rodriguez shall also receive any accrued annual bonus amounts with respect to the year prior to the year in which the termination occurs, to the extent unpaid at such time, paid as soon as practicable after the completion of the audited financial statements for the year prior to the year in which the termination occurs, but not later than 45 days after the completion of such audited financial statements.

In the event Mr. Rodriguez resigns for “Good Reason” or we terminate his employment without “Cause” in either case during the Change in Control Period, he is entitled to receive the following payments and benefits, in addition to any accrued obligations and subject to his timely execution and non-revocation of a general release of claims in our favor and continued compliance with the restrictive covenants contained in the Rodriguez Agreement: (i) an amount of cash equal to

130

the sum of (a) 12 months of his then-current annual base salary and (b) his target bonus, (ii) an amount of cash equal to a prorated portion of his annual bonus, based on actual performance, for the fiscal year in which the termination occurs, (iii) an amount equal to 12 months multiplied by the total applicable monthly premium cost for continued healthcare insurance, and (iv) an amount equal to any accrued annual bonus amounts with respect to the year prior to the year in which the termination occurs, to the extent unpaid at such time, each payable in a lump sum payment within thirty (30) days following his separation from the Company. In addition, under the Rodriguez Agreement, 100% of Mr. Rodriguez’s outstanding awards under the 2021 Plan will vest, subject to applicable terms and conditions set forth in the Rodriguez Agreement related to any performance awards that are outstanding at such time.

The Rodriguez Agreement contains a non-disclosure covenant, a mutual non disparagement covenant and non-competition, customer non-solicitation, and employee non-solicitation covenants.

The foregoing description of the Rodriguez Agreement is qualified in its entirety by reference to the full text of the Rodriguez Agreement, a copy of which is filed as Exhibit 10.12 to this Annual Report, and incorporated herein by reference.

Director Compensation

Fiscal Year 2022

The following individuals served on the Company’s board in 2022:

• Fahim Ahmed, Director

• Barry Field, former Director and Chief Executive Officer

• Jonathan J. Ledecky, Director

• Manuel D. Medina, Chairman of the Board and Executive Chairman

• Raymond Svider, former Director

• Benjamin Phillips, Director

• Lisa Sibenac, Director

As Named Executive Officers of the Company, information regarding the compensation for Messrs. Field and Medina for their services as executive officers in 2022 is set forth in the section titled “Summary Compensation Table” above. Messrs. Field and Medina did not receive additional compensation for their service as a director.

The following table provides summary information concerning compensation paid or accrued by us to or on behalf of our directors for services rendered to us during the last fiscal year.

Name	Fees Earned or Paid in Cash ($)	Stock Awards ($)	Option Awards ($)	Non-Equity Incentive Plan Compensation ($)	Nonqualified Deferred Compensation Earnings ($)	All Other Compensation ($)	Total ($)
Fahim Ahmed(1)	—	—	—	—	—	—	—
Jonathan J. Ledecky(1)	—	—	—	—	—	—	—
Raymond Svider(1)	—	—	—	—	—	—	—
Benjamin Phillips(1)	—	—	—	—	—	—	—
Lisa Sibenac(1)	—	—	—	—	—	—	—
Barry Field(2)	—	—	—	—	—	—	—
Manuel D. Medina(2)	—	—	—	—	—	—	—

131

(1)Messrs. Ahmed, Ledecky, Svider, Phillips and Sibenac did not receive any compensation for their service as directors of the Company for 2022. Mr. Svider resigned from the Board effective May 10, 2022.

(2)Messrs. Field and Medina are Named Executive Officers of the Company for 2022. The table does not include compensation paid to them in connection with their services as executive officers. Messrs. Field and Medina did not receive additional compensation for their service as directors in 2022. As Named Executive Officers of the Company, information regarding compensation for Messrs. Field and Medina for their services as executive officers in 2022 is set forth in the section titled “Summary Compensation Table” above. On January 4, 2023, Mr. Field resigned as an executive officer and from the Board.

Compensation of Current Company Directors

None of the Company’s current directors receive any compensation for their service as directors.

Item 12. Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters

Security Ownership of Certain Beneficial Owners and Management

The following table sets forth information known to us regarding beneficial ownership of common stock as of March 24, 2023 by:

•each person known by us to be the beneficial owner of more than 5% of outstanding common stock;

•each of our executive officers and directors; and

•all of our executive officers and directors as a group.

Beneficial ownership is determined according to the rules of the SEC, which generally provide that a person has beneficial ownership of a security if he, she or it possesses sole or shared voting or investment power over that security, including options and warrants that are currently exercisable or exercisable within 60 days. In computing the number of shares beneficially owned by a person or entity and the percentage ownership of that person or entity in the table below, all shares subject to options, warrants and restricted stock units held by such person or entity were deemed outstanding if such securities are currently exercisable, or exercisable or would vest based on service-based vesting conditions within 60 days of March 24, 2023. These shares were not deemed outstanding, however, for the purpose of computing the percentage ownership of any other person or entity.

The beneficial ownership of our common stock is based on 131,793,660 shares of our common stock outstanding as of March 24, 2023.

132

Unless otherwise indicated, we believe that each person named in the table below has sole voting and investment power with respect to all shares of common stock beneficially owned by him.

Name and Address of Beneficial Owner(1)	Number of shares of common stock	Percent of class
Directors and Executive Officers
Manuel D. Medina(2)	117,149,920	88.9	%
Jonathan J. Ledecky(3)	9,290,803	7.0	%
Fahim Ahmed	—	—
Leo Taddeo	—	—
Benjamin Phillips	—	—
Lisa Sibenac
Rene A. Rodriguez	—	—
Jeremy M. Dale	—	—
All Directors and Executive Officers as a Group (8 individuals)	126,440,723	95.9	%
Five Percent Holders:
SIS Holdings LP(4)	117,149,920	88.9	%
Ironbound Partners Fund, LLC(3)	9,290,803	7.0	%
Entities affiliated Magnetar Financial LLC(5)	11,284,833	7.9	%

____________

(1) Unless otherwise noted, the address of each beneficial owner is c/o Appgate, Inc., 2 Alhambra Plaza, Suite PH-1-B, Coral Gables, FL 33134.                            

(2) Represents 117,149,920 shares held by SIS. Medina Capital Fund II — SIS Holdco, L.P. (the “Medina Stockholder”) has the right to nominate certain members of the board of directors of SIS Holdings GP, LLC (“SIS GP”) subject to majority control of the board by BCEC — SIS Holdings L.P. Medina Capital Fund II — SIS Holdco GP, LLC, which is ultimately controlled by Manuel D. Medina, is the general partner of the Medina Stockholder. As a result, Mr. Medina and each of the foregoing entities may be deemed to share beneficial ownership over securities owned by the Medina Stockholder, through its interest in SIS Holdings. Mr. Medina disclaims beneficial ownership of all shares of Common Stock owned by the Medina Stockholder, through its interest in SIS Holdings, except to the extent of his pecuniary interest therein.

(3) Represents 9,290,803 shares held by Ironbound. Jonathan J. Ledecky, the Company’s former president and a current director, controls Ironbound and therefore is the beneficial owner of the shares held by this entity. The business address of Ironbound is c/o Graubard Miller, 405 Lexington Avenue, 44th Floor, New York, NY 10174.

(4) SIS Holdings is the record holder of 117,149,920 shares of common stock. The general partner of SIS Holdings is SIS GP, which is managed by a board of directors, a majority of which is appointed by BCEC - SIS Holdings L.P. (“BC Partners”). The general partners of BC Partners are CIE Management IX Limited and BCEC Management X Limited, which are controlled by their boards of directors, which are appointed by BC Partners Group Holdings Limited, which is a majority-owned subsidiary of BC Partners Holdings Limited, which is controlled by Lee Clark, Karen Jamieson and Mark Rodliffe. As a result, each of the foregoing entities may be deemed to share voting and investment power over the shares of Common Stock held by SIS Holdings, but each disclaims beneficial ownership of such securities, except to the extent of their pecuniary interest, if any, therein. The business address of SIS Holdings and SIS GP is 2333 Ponce De Leon Boulevard, Suite 900, Coral Gables, Florida 33134. The business address of BC Partners Holdings Ltd. and BC Partners Group Holdings Ltd. is West Wing, Floor 2, Trafalgar Court, Les Banques, St. Peter, Port Guernsey GY1 4LY. The business address of BC Partners, BCEC Management X Ltd. and CIE Management IX Ltd. is Arnold House P.O. Box 273, St. Julian’s Avenue, St. Peter, Port Guernsey GY1 3RD.

(5) Represents 11,284,833 shares of common stock underlying the Convertible Senior Notes held by certain investors affiliated with Magnetar Financial, LLC (the “Magnetar Investors”) that is convertible at any time at the option of the Magnetar Investors prior to the maturity of the Convertible Senior Notes. The business address of the Magnetar Investors is c/o Magnetar Financial LLC, 1603 Orrington Avenue, 13th Floor, Evanston, Illinois 60201.

133

Securities Authorized for Issuance under Equity Compensation Plans

The following table provides information as of December 31, 2022 with respect to our common stock that may be issued under the 2021 Plan.

Plan Category	Number of Securities To Be Issued Upon Exercise Of Outstanding Options, Warrants and Rights	Weighted Average Exercise Price Of Outstanding Options, Warrants And Rights	Number Of Securities Remaining Available For Future Issuance Under Equity Compensation Plans (Excluding Securities Reflected in the first column)
Equity Compensation Plans Approved by Shareholders(1)	9,260,058	N/A	1,762,112
Equity Compensation Plans Not Approved by Shareholders	N/A	N/A	N/A
Total	9,260,058	N/A	1,762,112

(1) The 2021 Plan, which was approved by our stockholders on October 12, 2021, authorizes the granting of awards in any of the following forms: options, stock appreciation rights, restricted stock, restricted stock units, other equity-based awards and cash incentive awards. Comprised of 9,210,180 RSUs and 49,878 PSUs, which PSUs settle, if at all, in cash.

See “Executive Compensation - Narrative to the Summary Compensation Table - Equity Based Compensation” above for a description of the 2021 Plan.

Item 13. Certain Relationships and Related Transactions, and Director Independence

Certain Relationships and Related Person Transactions

In addition to the compensation arrangements with directors and executive officers described under “Executive Compensation”, the following is a description of each transaction since January 1, 2021 and each currently proposed transaction in which:

•Appgate has been or is to be a participant;

•the amount involved exceeds or will exceed $120,000; and

•any of Appgate’s directors, executive officers or beneficial holders of more than 5% of Appgate’s capital stock, or any immediate family member of, or person sharing the household with, any of these individuals (other than tenants or employees), had or will have a direct or indirect material interest.

Legacy Cyxtera Related Party Transactions

Prior to December 31, 2019, Legacy Appgate was wholly-owned by Cyxtera. On December 31, 2019, Cyxtera consummated several transactions (the “Cyxtera Spin-Off”), following which Legacy Appgate became a separate, stand-alone entity. The transaction separated Cyxtera’s data center business from Legacy Appgate’s cybersecurity business. Over time, Legacy Appgate has entered into several agreements and transactions with Cyxtera (and/or one or more of its subsidiaries), SIS Holdings, which beneficially owns approximately 89% of our common stock, and certain equity owners of SIS Holdings. These agreements, relationships and transactions are described below.

Service Provider Fee

In connection with the formation of Cyxtera in 2017, certain equity owners of SIS Holdings and/or affiliates thereof (collectively, the “Service Providers”) entered into a Services Agreement (the “Services Agreement”), dated May 1, 2017, with Cyxtera and all of Cyxtera’s subsidiaries and controlled affiliates as of such date, including Legacy Appgate (collectively, the “Company Group”). The Service Providers include BC Partners, Inc. (“BC Partners”), Medina Capital Advisors, LLC (“MCA”), LDEF Series B-1 LLC — Series 17 (“LDEF”) and Star Series LLC — Series 38 (“Star” and,

134

together with LDEF, “Longview”). Raymond Svider, who served as an Appgate director from the Closing through May 10, 2022, and Fahim Ahmed, who serves as an Appgate director, also serve as partners of BC Partners. In addition, Benjamin Phillips and Lisa Sibenac, who have served as Appgate directors since May 10, 2022 are employed by BC Partners. BC Partners indirectly owns an approximately 62.2% equity interest in SIS Holdings. MCA is indirectly owned and controlled by Manuel D. Medina, Appgate’s Executive Chairman and Chairman of the Board, and is an affiliate of Medina Capital Partners, LP (“Medina Capital”), which indirectly owns an approximately 20.9% equity interest in SIS Holdings. In addition, (i) Barry Field, who served as Appgate’s Chief Executive Officer and as a director until January 4, 2023, is a partner at Medina Capital and (ii) Rene A. Rodriguez, who serves as Appgate’s Chief Financial Officer, is the Chief Financial Officer and partner at Medina Capital. Longview owns an approximately 5.7% equity interest in SIS Holdings.

Under the Services Agreement, the Service Providers agreed to provide members of the Company Group with certain executive and management, financial, consulting, human resources and advisory services as requested by members of the Company Group from time to time. Pursuant to the Services Agreement, the Company group also agreed to pay the Service Providers an annual service fee in the aggregate amount of $1.0 million in equal quarterly installments. The Service Providers waived all fees under the Services Agreement for 2021. The Services Agreement was terminated on July 29, 2021.

Intercompany Master Services Agreement Fee

In connection with the formation of Cyxtera in 2017, the Company Group entered into the Intercompany Master Services Agreement. Under the Intercompany Master Services Agreement, Cyxtera Management, Inc., a wholly-owned subsidiary of Cyxtera (the “Management Company”), agreed to provide certain services to the other members of the Company Group from time to time, including financial, accounting, administrative, facilities and other services. No amounts were allocated to Legacy Appgate under the Intercompany Master Services Agreement in 2021. The Intercompany Master Services Agreement was terminated on July 29, 2021.

Transition Services Agreement

Upon consummation of the Cyxtera Spin-Off, Legacy Appgate and the Management Company entered into a transition services agreement (the “Transition Services Agreement”), pursuant to which the Management Company provided certain transition services to Legacy Appgate, and Legacy Appgate provided certain transition services to the Management Company. The term under the Transition Services Agreement commenced on January 1, 2020 and ended on June 30, 2021. Substantially all of the obligations under the Transition Services Agreement ceased on December 31, 2020.

During 2021, charges under the Transition Services Agreement between Legacy Appgate and the Management Company were less than $120,000.

Promissory Notes

On March 31, 2019, Legacy Appgate issued promissory notes to each of Cyxtera and the Management Company (collectively, the “Promissory Notes”) evidencing funds borrowed at such time by Legacy Appgate from each of Cyxtera and the Management Company, as well as potential future borrowings. The Promissory Notes had a combined initial aggregate principal amount of $95.2 million and provided for additional borrowings during the term of the Promissory Notes for additional amounts not to exceed approximately $52.5 million in the aggregate (approximately $147.7 million including the initial aggregate principal amount). Interest accrued on the unpaid principal balance of the Promissory Notes at a rate per annum equal to 3%; provided, that with respect to any day during the period from the date of the Promissory Notes through December 31, 2019, interest was calculated assuming that the unpaid principal balance of the Promissory Notes on such day was the unpaid principal amount of the notes on the last calendar day of the quarter in which such day occurs. Interest was payable upon the maturity date of the Promissory Notes. Each of the Promissory Notes had an initial maturity date of March 30, 2020 and was extended through March 30, 2021 by amendments entered into effective as of March 30, 2020.

On February 8, 2021, Legacy Appgate repaid Cyxtera the full amount of the Promissory Note held by Cyxtera and made a partial repayment to the Management Company on the then accumulated principal and interest under the Promissory Note held by the Management Company. On that same date, the Management Company issued a payoff letter to Legacy Appgate extinguishing the balance remaining unpaid following such repayment.

135

Related Party Transactions related to the Merger

The Merger

On February 8, 2021, Newtown Lane entered into the Merger Agreement with Merger Sub and Legacy Appgate. Mr. Ledecky, who is an Appgate director, served as President and sole director and held a 69.1% indirect equity ownership interest in Newtown Lane at the time the Merger Agreement was executed. Pursuant to the Merger Agreement, on October 12, 2021, Merger Sub merged with and into Legacy Appgate, with Legacy Appgate being the surviving entity of the Merger and a wholly-owned subsidiary of the Company. Following the Merger, Newtown Lane changed its name to Appgate, Inc.

Merger Registration Rights Agreement

On October 12, 2021, in connection with, and as a condition to, the Closing, Newtown Lane entered into a registration rights agreement (the “Merger Registration Rights Agreement”) with SIS Holdings and Ironbound Partners Fund, LLC, the owner of the majority of the outstanding common stock of Newtown Lane prior to the Closing (“Ironbound,” and together with SIS Holdings, the “Holders”), and, solely with respect to Section 3.1 of the Merger Registration Rights Agreement, Medina Capital Fund II — SIS Holdco, LP. Pursuant to the Merger Registration Rights Agreement, the Holders have the right to require us to file one or more registration statements with the SEC for the sale of our common stock held by the holders, subject to certain exceptions. The Company is obligated to use its commercially reasonable efforts to have a resale “shelf” registration statement declared effective with the SEC by February 9, 2022 (or May 10, 2022 if the SEC notifies the Company that it will “review” the registration statement). The Company will also be required to facilitate “takedown” offerings from the shelf upon demand by the Holders, provided that (i) the Company is eligible to use Form S-3 and (ii) the offering (x) has an anticipated offering price, net of the underwriters’ discount, in excess of $50.0 million or (y) constitutes the total aggregate registrable securities then held by all the Holders. The Holders may also require the Company to file an S-1 or S-3 registration statement for any registrable securities not included in the aforementioned “shelf” registration statement, provided the offering (i) has an anticipated offering price, net of the underwriters’ discount, in excess of $50.0 million or (ii) constitutes the total aggregate registrable securities then held by all the Holders. All holders of registrable securities party to the Merger Registration Rights Agreement are entitled to certain “piggyback” registration rights in subsequent offerings. Such holders are entitled to notice of a registered offering by the Company or by stockholders other than the Holders and to have their shares included on a pro rata basis. The Merger Registration Rights Agreement also provides that the Company will pay certain expenses of the Holders relating to the registrations and indemnify them against certain liabilities which may arise under the Securities Act and other federal or state securities laws.

On March 12, 2022, the Holders agreed to waive their registration rights under the Merger Registration Rights Agreement until the earlier of (i) ten (10) business days after the Company becomes eligible to register the Holders’ shares of the Company’s common stock with the SEC on Form S-3 and (ii) October 31, 2022. On October 30, 2022, the Holders agreed to further waive their registration rights under the Merger Registration Rights Agreement until January 31, 2024 (such date, the “Extension Date”), provided, that, SIS Holdings reserved the right to revoke such waiver and reinstate all such waived rights (on behalf of all of the Holders) upon at least ninety (90) days’ advance written notice to the Company. Notwithstanding any provision in the Merger Registration Rights Agreement to the contrary, all time periods set forth in the Merger Registration Rights Agreement relating to the effectiveness of an initial shelf registration statement shall commence on the earlier to occur of (a) the Extension Date and (b) the 90th day following the date on which the Company receives a notice of revocation referenced in the immediately preceding sentence.

Commercial Related Person Transactions with Cyxtera

Appgate maintains a number of ordinary course commercial relationships, both as a customer and service provider, with Cyxtera. For instance, in 2021 and 2022, Cyxtera purchased certain cybersecurity products and services from Legacy Appgate, including licenses for Legacy Appgate cybersecurity software and training. For each of 2021 and 2022, Legacy Appgate charged Cyxtera $0.2 million for those products and services. In 2021 and 2022, Cyxtera provided Legacy Appgate certain data center colocation and CXD services. For 2021 and 2022, Cyxtera charged Legacy Appgate $0.3 million and $0.5 million, respectively, for those services. Messrs. Phillips, Ahmed and Medina serve, as of February 27, 2023, on the boards of directors of the Company and Cyxtera and, as of March 23, 2022, SIS Holdings owned approximately 61.5% of Cyxtera’s outstanding common stock.

136

Related Party Transactions with SIS Holdings

Revolving Credit Facility

On April 26, 2022, Legacy Appgate, Appgate, the other guarantors party thereto and SIS Holdings entered into a revolving credit agreement (the “Revolving Credit Agreement”) which provides for a $50.0 million unsecured, revolving credit facility (the “Revolving Credit Facility”). This indebtedness is contractually subordinated to the Convertible Senior Notes and matures on the earlier to occur of (a) June 30, 2023, (b) the closing of a registered offering of Capital Stock (as defined in the Revolving Credit Agreement) of the Company in an aggregate amount equal to $50.0 million or more and (c) the date of which the Loans (as defined in the Revolving Credit Agreement) are accelerated upon an Event of Default (as defined in the Revolving Credit Agreement). Interest accrues on amounts drawn under the Revolving Credit Facility at a rate of 10.0% per annum, payable in cash on the Final Maturity Date (as defined in the Revolving Credit Agreement). The Revolving Credit Agreement is subject to customary terms, covenants and conditions. All obligations under the Revolving Credit Agreement are guaranteed by Appgate and Legacy Appgate’s domestic subsidiaries. As of December 31, 2022, we had $46.5 million in aggregate principal amount of debt outstanding under the Revolving Credit Facility.

Director Related Party Transactions

Transactions with Director Affiliated Companies

Messrs. Ahmed and Sibenac, who serve as directors of the Company, are also, as of February 27, 2023, members of the board of directors of Chewy, Inc. (“Chewy”), an American online retailer of pet food and other pet-related products. Mr. Ahmed, who serves as a director of the Company is also, as of February 27, 2023, a member of the board of directors of PetSmart, Inc. (“PetSmart”). During 2021 and 2022, Legacy Appgate charged Chewy (or the channel partner reselling certain cybersecurity products provided to Chewy) $0.4 million and $0.5 million, respectively, under contracts by Legacy Appgate or a channel partner for certain cybersecurity products provided to Chewy. During 2022, Legacy Appgate charged PetSmart $0.1 million under its contract with PetSmart.

Related Party Transactions related to Newtown Lane

From May 2013 to August 2020, Mr. Ledecky, the prior controlling shareholder of Newtown Lane and now a member of our board, entered into multiple promissory notes with Newtown Lane whereby Mr. Ledecky provided working capital to Newtown Lane totaling an aggregate outstanding amount of $367,000. All the outstanding principal amount of promissory notes were repaid in full in connection with the Closing.

Other Related Party Transactions

CenturyLink Communications, LLC (“CenturyLink”), an approximate 10.4% owner of SIS Holdings and, as a result, an indirect beneficial owner of the Company, is a reseller of certain of Legacy Appgate’s products and services. During 2021 and 2022, Legacy Appgate charged CenturyLink $0.8 million and $0.9 million, respectively, under contracts for certain cybersecurity products provided by Legacy Appgate to CenturyLink for resale by CenturyLink to end users.

Director and Officer Indemnification

Our A&R Charter and A&R Bylaws provide indemnification for our directors and officers to the fullest extent permitted by the DGCL, subject to certain limited exceptions. We have entered into separate indemnification agreements with each of our directors and executive officers. We have also purchased directors’ and officers’ liability insurance for each of our directors and executive officers.

Item 14. Principal Accountant Fees and Services

Audit Fees:

With respect to the years ended December 31, 2021 and December 31, 2022, we were billed $1,177,300 and $1,091,500, respectively, by BDO USA, LLP, our independent registered public accountants, for professional services rendered for the audits of our annual financial statements and review of financial statements included in our reports with the SEC.

137

Prior to the Merger, Liggett & Webb P.A. (“Liggett & Webb”) served as Newtown Lane’s independent registered public accounting firm. During the year ended December 31, 2021, Newtown Lane was billed $14,000 by Liggett & Webb for professional services rendered for the audits of Newtown Lane’s annual financial statements and review of financial statements included in its reports with the SEC.

Audit-Related Fees:

We were not billed audit-related fees by BDO USA, LLP during the years ended December 31, 2022 or 2021.

During the year ended December 31, 2021, Newtown Lane was billed $1,876 by Liggett & Webb for professional services rendered for work performed in connection with registration statements and other regulatory filings and the issuance of consent related thereto.

Tax Fees:

We were not billed tax fees by BDO USA, LLP during the years ended December 31, 2022 or 2021.

Newtown Lane was not billed tax fees by Liggett & Webb during the year ended December 31, 2021.

All Other Fees:

We were not billed other fees by BDO USA, LLP during the years ended December 31, 2022 or 2021.

Newtown Lane was not billed other fees by Liggett & Webb during the year ended December 31, 2021.

AUDIT COMMITTEE POLICIES AND PROCEDURES:

We do not currently have a standing audit committee. For periods prior to the Merger, all fees of Liggett & Webb set forth above were approved by Newtown Lane’s board of directors. Following the Merger, all fees of BDO USA, LLP set forth above were approved by the Company’s Board of Directors.

138

PART IV

Item 15. Exhibits, Financial Statement Schedules

		Incorporated by Reference
Exhibit Number	Description	Form	Exhibit	Filing Date
2.1†	Agreement and Plan of Reorganization, dated as of February 8, 2021, by and among Newtown Lane, Merger Sub and Legacy Appgate	8-K	2.1	2/9/2021
3.1	Second Amended and Restated Certificate of Incorporation	8-K	3.1	10/15/2021
3.2	Amended and Restated Bylaws	8-K	3.2	10/15/2021
4.1	Description of Registrant's Securities Registered Pursuant to Section 12 of the Securities Exchange Act of 1934	10-K	4.1	3/31/2022
10.1	Registration Rights Agreement, dated as of October 12, 2021 by and among Newtown Lane, SIS Holdings, Ironbound and, solely with respect to Section 3.1 thereof, Medina Capital Fund II – SIS Holdco, LP	8-K	10.1	10/15/2021
10.2	Note Purchase Agreement, dated as of February 8, 2021, by and among Legacy Appgate and the lenders named on the Schedule of Lenders attached thereto	8-K	10.5	10/15/2021
10.3	Note Issuance Agreement, dated as of February 8, 2021, by and among Legacy Appgate, the Guarantors and Magnetar	8-K	10.6	10/15/2021
10.4	Amendment to Note Purchase Agreement and Note Issuance Agreement and Waiver to Note Purchase Agreement and Registration Rights Agreement, dated as of February 9, 2022, by and among Appgate, Legacy Appgate, the holders of Convertible Senior Notes and Magnetar	8-K	10.1	2/15/2022
10.5	Supplemental Agreement, dated as of October 12, 2021, by and between Newtown Lane, Legacy Appgate and Magnetar Financial, LLC as representative of the Holders	8-K	10.7	10/15/2021
10.6	Lease dated November 19, 2021 between DGE Alhambra, LP and Appgate Cybersecurity, Inc.	S-1	10.18	1/28/2022
10.7	Registration Rights Agreement, dated as of February 8, 2021, by and among Legacy Appgate and the investors named therein	8-K	10.8	10/15/2021
10.8	Form of Director and Officer Indemnification Agreement	8-K	10.9	10/15/2021
10.9#	2021 Incentive Compensation Plan	8-K	10.11	10/15/2021
10.10#	Amended and Restated Employment Agreement dated October 12, 2021 among Legacy Appgate, the Company and Manuel D. Medina	8-K	10.12	10/15/2021
10.11#	Employment Agreement dated October 12, 2021 between the Company and Barry Field	8-K	10.13	10/15/2021
10.12#	Employment Agreement dated October 12, 2021 between the Company and Rene A. Rodriguez	8-K	10.14	10/15/2021
10.13#	Employment Agreement dated October 12, 2021 between the Company and Jawahar Sivasankaran	8-K	10.15	10/15/2021
10.14#	Employment Agreement dated October 12, 2021 between the Company and Jeremy M. Dale	8-K	10.16	10/15/2021
10.15#	Employment Agreement dated March 28, 2023 between the Company and Leo Taddeo
10.16#	Separation Agreement and Release, dated January 4, 2023, by and between the Company and Barry Field	8-K	10.1	1/9/2023
10.17#	Separation Agreement and Release, dated January 4, 2023, by and between the Company and Jawahar Sivasankaran	8-K	10.2	1/9/2023
10.18#	Form of Award Agreement for Restricted Stock Units	8-K	10.1	1/3/2022
10.19†	Revolving Credit Agreement, dated April 26, 2022, by and among Appgate Cybersecurity, Inc., Appgate, Inc., the other guarantors party thereto and SIS Holdings	8-K	10.1	4/26/2022
21.1	Subsidiaries of the Company	10-K	21.1	3/31/2022
23.1	Consent of Independent Registered Public Accounting Firm
31.1	Certification of Principal Executive Officer of Appgate, Inc. pursuant to Section 302 of the Sarbanes-Oxley Act of 2002

139

31.2	Certification of Principal Financial Officer of Appgate, Inc. pursuant to Section 302 of the Sarbanes-Oxley Act of 2002
32*	Certification of Principal Executive Officer and Principal Financial Officer of Appgate, Inc. pursuant to Section 906 of the Sarbanes-Oxley Act of 2002
101	Inline Interactive Data File
104	Cover Page Interactive Data File

#    Indicates management contract or compensatory plan or arrangement.

*    Furnished herewith.

†Pursuant to Item 601(a)(5) of Regulation S-K, schedules and similar attachments to this exhibit have been omitted because they do not contain information material to an investment or voting decision and such information is not otherwise disclosed in such exhibit. The Company will supplementally provide a copy of any omitted schedule or similar attachment to the U.S. Securities and Exchange Commission or its staff upon request.

ITEM 16. FORM 10-K SUMMARY

None.

140

SIGNATURES

Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.

Dated: March 31, 2023		Appgate, Inc.
	By:	/s/ Leo Taddeo
		Leo Taddeo
		Chief Executive Officer and President

Pursuant to the requirements of the Securities Exchange Act of 1934, this report has been signed below by the following persons on behalf of the registrant and in the capacities and on the dates indicated.

Dated: March 31, 2023	By:	/s/ Leo Taddeo
		Leo Taddeo
		Chief Executive Officer (principal executive officer), President and Director
Dated: March 31, 2023	By:	/s/ Rene A. Rodriguez
		Rene A. Rodriguez
		Chief Financial Officer (principal financial and accounting officer)
Dated: March 31, 2023	By:	/s/ Manuel D. Medina
		Manuel D. Medina
		Executive Chairman and Chairman of the Board
Dated: March 31, 2023	By:	/s/ Jonathan J. Ledecky
		Jonathan J. Ledecky
		Director
Dated: March 31, 2023	By:	/s/ Fahim Ahmed
		Fahim Ahmed
		Director
Dated: March 31, 2023	By:	/s/ Benjamin Phillips
		Benjamin Phillips
		Director
Dated: March 31, 2023	By:	/s/ Lisa Sibenac
		Lisa Sibenac
		Director

141