Document

DRS 1 filename1.htm Document

Confidential draft submitted on March 17, 2021

This draft registration statement has not been publicly filed with the Securities and Exchange Commission and all information

herein remains strictly confidential.

Registration No. 333-

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

FORM S-1

REGISTRATION STATEMENT

UNDER

THE SECURITIES ACT OF 1933

SENTINEL LABS, INC.

(Exact name of registrant as specified in its charter)

Delaware

7372

99-0385461

(State or other jurisdiction of

incorporation or organization)

(Primary Standard Industrial

Classification Code Number)

(I.R.S. Employer

Identification Number)

444 Castro Street, Suite 400

Mountain View, California 94041

(855) 868-3733

(Address, including zip code, and telephone number, including area code, of registrant’s principal executive offices)

Tomer Weingarten

Chairman of the Board of Directors, President, and Chief Executive Officer

Sentinel Labs, Inc.

444 Castro Street, Suite 400

Mountain View, California 94041

(855) 868-3733

(Name, address, including zip code, and telephone number, including area code, of agent for service)

Cynthia Hess

Steven Levine

Ran Ben-Tzur

David A. Bell

Fenwick & West LLP

801 California Street

Mountain View, California 94041

(650) 988-8500

Efraim Harari

Chief Legal and Trust Officer

Sentinel Labs, Inc.

444 Castro Street, Suite 400

Mountain View, California 94041

(855) 868-3733

Richard Kline

Brian Paulson

Latham & Watkins LLP

140 Scott Drive

Menlo Park, California 94025

(650) 328-4600

Approximate date of commencement of proposed sale to the public:

As soon as practicable after the effective date of this registration statement.

If any of the securities being registered on this Form are to be offered on a delayed or continuous basis pursuant to Rule 415 under the Securities Act of 1933, as amended, or Securities Act, check the following box: ☐

If this Form is filed to register additional securities for an offering pursuant to Rule 462(b) under the Securities Act, please check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering. ☐

If this Form is a post-effective amendment filed pursuant to Rule 462(c) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering. ☐

If this Form is a post-effective amendment filed pursuant to Rule 462(d) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering. ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Securities Exchange Act of 1934, as amended.


Large accelerated filer ☐						Accelerated filer ☐
Non-accelerated filer ☒						Smaller reporting company ☐
						Emerging growth company ☒

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 7(a)(2)(B) of the Securities Act. ☐

CALCULATION OF REGISTRATION FEE


Title of Each Class of Securities to be Registered	Proposed Maximum Aggregate Offering Price(1)(2)	Amount of Registration fee
Common stock, $0.0001 par value per share	$	$

(1)Estimated solely for the purpose of calculating the amount of the registration fee in accordance with Rule 457(o) of the Securities Act.

(2)Includes the aggregate offering price of additional shares that the underwriters have the option to purchase to cover over-allotments, if any.

The registrant hereby amends this registration statement on such date or dates as may be necessary to delay its effective date until the registrant shall file a further amendment which specifically states that this registration statement shall thereafter become effective in accordance with Section 8(a) of the Securities Act or until the registration statement shall become effective on such date as the Securities and Exchange Commission, acting pursuant to said Section 8(a), may determine.

The information in this preliminary prospectus is not complete and may be changed. We may not sell these securities until the registration statement filed with the Securities and Exchange Commission is effective. This preliminary prospectus is not an offer to sell these securities and we are not soliciting offers to buy these securities in any jurisdiction where the offer or sale is not permitted.

Preliminary Prospectus (Subject to Completion)

Issued , 2021

Sentinel Labs, Inc.

Common Stock

Sentinel Labs, Inc. is offering shares of its common stock. This is our initial public offering and no public market currently exists for our shares. We anticipate that the initial public offering price per share of our common stock will be between $ and $ .

We intend to apply to list our common stock on the under the symbol “ .”

We are an “emerging growth company” as defined under the federal securities laws and, as such, we have elected to comply with certain reduced reporting requirements for this prospectus and may elect to do so in future filings.

Investing in our common stock involves risks. See the section titled “Risk Factors” beginning on page 15.

PRICE $ A SHARE

Price to Public

Underwriting Discounts and Commissions(1)

Proceeds to SentinelOne

Per Share

Total

_______________

(1)See the section titled “Underwriters” for a description of the compensation payable to the underwriters.

We have granted the underwriters the right to purchase up to an additional shares of our common stock to cover over-allotments, if any, at the initial public offering price less the underwriting discount.

The Securities and Exchange Commission and state securities regulators have not approved or disapproved these securities, or determined if this prospectus is truthful or complete. Any representation to the contrary is a criminal offense.

The underwriters expect to deliver the shares of common stock to purchasers on , 2021.


MORGAN STANLEY						GOLDMAN SACHS & CO. LLC

Prospectus dated , 2021

TABLE OF CONTENTS


			PAGE
PROSPECTUS SUMMARY			1
RISK FACTORS			15
SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS			51
INDUSTRY, MARKET, AND OTHER DATA			53
USE OF PROCEEDS			54
DIVIDEND POLICY			55
CAPITALIZATION			56
DILUTION			58
SELECTED CONSOLIDATED FINANCIAL AND OTHER DATA			61
MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS			64
BUSINESS			82
MANAGEMENT			104


			PAGE
EXECUTIVE COMPENSATION			111
CERTAIN RELATIONSHIPS AND RELATED PARTY TRANSACTIONS			122
PRINCIPAL STOCKHOLDERS			125
DESCRIPTION OF CAPITAL STOCK			127
SHARES ELIGIBLE FOR FUTURE SALE			132
MATERIAL U.S. FEDERAL INCOME TAX CONSIDERATIONS FOR NON-U.S. HOLDERS OF OUR COMMON STOCK			134
UNDERWRITERS			139
LEGAL MATTERS			147
EXPERTS			147
WHERE YOU CAN FIND ADDITIONAL INFORMATION			147
INDEX TO CONSOLIDATED FINANCIAL STATEMENTS			F-1

Through and including , 2021 (the 25th day after the date of this prospectus), all dealers effecting transactions in these securities, whether or not participating in this offering, may be required to deliver a prospectus. This is in addition to a dealer’s obligation to deliver a prospectus when acting as an underwriter and with respect to an unsold allotment or subscription.

Neither we nor the underwriters have authorized anyone to provide any information or to make any representations other than those contained in this prospectus or in any free writing prospectuses prepared by or on behalf of us or to which we have referred you. Neither we nor the underwriters take any responsibility for, and can provide no assurance as to the reliability of, any other information that others may give you. We are offering to sell, and seeking offers to buy, shares of common stock only in jurisdictions where offers and sales are permitted. The information contained in this prospectus is accurate only as of the date of this prospectus, regardless of the time of delivery of this prospectus or of any sale of the shares of common stock.

For investors outside the United States: Neither we nor any of the underwriters have taken any action that would permit this offering or possession or distribution of this prospectus in any jurisdiction where action for that purpose is required, other than in the United States. You are required to inform yourselves about and to observe any restrictions relating to this offering and the distribution of this prospectus.

PROSPECTUS SUMMARY

The following summary highlights selected information that is presented in greater detail elsewhere in this prospectus. This summary does not contain all the information you should consider before investing in our common stock. You should carefully read this prospectus in its entirety before investing in our common stock, including the sections titled “Risk Factors,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” “Special Note Regarding Forward-Looking Statements,” and our consolidated financial statements and the accompanying notes included elsewhere in this prospectus. Our fiscal year end is January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2020 and 2021 are referred to herein as fiscal 2020 and fiscal 2021, respectively.

SENTINEL LABS, INC.

Overview

Cy·ber·at·tack - Any unauthorized attempt to expose, alter, disable, destroy, steal, or gain data.

Cyberattacks have become the output of military-grade, highly resourced, and automated nation-state and cybercrime operations. We envisioned a revolutionary data and artificial intelligence, or AI, paradigm where technology alone could autonomously prevent, detect, and respond to cyberattacks. It is time to fight machine with machine.

We pioneered the world’s first purpose-built AI-powered extended detection and response, or XDR, platform to make cybersecurity defense truly autonomous, from the endpoint and beyond. Our Singularity Platform instantly defends against cyberattacks - performing at a faster speed, greater scale, and higher accuracy than possible from any single human or even a crowd.

Modern society is digital. With digital transformation changing everything, accelerated by the COVID-19 pandemic, organizations have become increasingly susceptible to cyberattacks. Every place where data resides is vulnerable from device to server to the cloud. From healthcare to commerce, education to infrastructure, transportation to manufacturing, financial institutions to government agencies, cyberattacks are one of the biggest threats to global stability and progress. Within milliseconds, services we rely on can cease to operate. Our growing reliance on technology creates an accelerating risk cycle: more devices generate and process more data which result in more opportunities for cybercriminals to attack. Cybersecurity is foundational to preserving our digital way of life.

Cyberattacks are a daily occurrence in every part of the world. Accepted defense mechanisms are failing. Legacy antivirus, powered by human-generated signatures, remains the most widely deployed security technology, despite proving ineffective and reactive. Human-powered endpoint detection and response, or EDR, emerged as the alternative in which people became the detection and response crew. This approach evangelized the “1-10-60” rule which claimed the best achievable cybersecurity outcome was capped at one minute to detect an attack, ten minutes to investigate, and 60 minutes to respond. Recent ransomware attacks prove it only takes milliseconds to breach an organization, exfiltrate data, and force a complete shutdown. The central problem with legacy antivirus and human-powered EDR is that both rely on linear human effort to defend against the exponential growth of cyber threats. This is akin to bringing a knife to a gunfight.

It is time for a new cybersecurity paradigm.

day attacks,” with extreme precision in milliseconds. Our Behavioral AI model maps, monitors, and links all behaviors on the endpoint to create rich, contextual narratives that we call Storylines. These high-fidelity Storylines are continuously evaluated by our Behavioral AI model. When activity is deemed a threat, our software autonomously takes action to kill the attack. Because Storylines contain a complete record of unauthorized changes made during an attack, we are ready to remediate or roll back these changes. The power to turn back time on a device is unique in the market. It is the ultimate safety net and exemplifies autonomous cybersecurity. Thus, our software eliminates manual, expensive, and time-consuming incident cleanup.

In the cloud, our platform aggregates Storylines. Our Streaming AI detects anomalies that surface when multiple data feeds are correlated with additional external and internal data. By providing full visibility into the Storyline of every secured device across the organization through one console, our platform makes it very fast for analysts to easily search through petabytes of data to investigate incidents and proactively hunt threats. We have extended our control and visibility planes beyond the traditional endpoint to cloud workloads, unmanaged devices, and IoT devices. This empowers security analysts of all skill levels to hunt, investigate, and remediate even the most sophisticated threats across the network leveraging automated context provided by our Storylines. Our proprietary data stack and cloud architecture enable us to retain this rich, contextual data on behalf of our customers for up to three years in a highly cost-efficient manner. All of this threat intelligence is fed back into our AI model and further strengthens our algorithms, creating a strong flywheel effect and deepening our competitive moat.

Our Singularity Platform can be flexibly deployed on the environments that our customers choose, including public, private, or hybrid clouds. Our feature parity across Windows, macOS, Linux, and Kubernetes offers best-of-breed protection, visibility, and control across today’s heterogeneous IT environments. Together, these capabilities make our platform the logical choice for organizations of all sizes, industry verticals, and compliance requirements. Our platform offers true multi-tenancy, which enables the world’s largest organizations and our managed security providers and incident response partners the best management experience. Our customers realize improved cybersecurity outcomes with fewer people, producing an attractive return on investment.

Cybersecurity has always been a game of cat and mouse. The attacker only needs to be successful once whereas the defender must be correct each and every time. It is asymmetrical and simply impossible for humans alone to win. Our data and AI-powered XDR platform changes this paradigm, shifting the advantage to our customers. The results speak for themselves: in the world’s most recent mass-scale cyberattack, SolarWinds Sunburst, we kept each and every one of our customers safe. This is but one of numerous examples where our technology paradigm was battle tested. And, our customers won.

Our Singularity Platform can be used globally by organizations of all sizes across a broad range of industries. As of January 31, 2021, we had over 3,900 customers, increasing from over 2,400 as of January 31, 2020. Our AI and automation driven approach to cybersecurity has been adopted by some of the world’s largest and most demanding organizations. As a result, we have grown rapidly since our inception. Our revenue was $46.5 million for fiscal 2020 and $ million for fiscal 2021, representing growth of %. We continue to invest in growing our business to capitalize on our market opportunity. As a result, our net loss was $76.6 million for fiscal 2020 and $ million for fiscal 2021.

Industry Background

Cybersecurity is fundamentally a data problem. Advances in AI, specifically machine learning are revolutionizing cybersecurity. To achieve fully autonomous cyber defense, organizations need to leverage the petabytes of data being generated from their rapidly growing devices, applications, and IT infrastructure, then ingest, normalize, correlate, and apply powerful AI models on this high-fidelity contextual data and automatically detect and autonomously remediate anomalies.

Stakes are high for organizations and cybercriminals. The exponential growth of sensitive customer and business data has simultaneously made many organizations the target of highly sophisticated cybercriminals that are looking for opportunities to exfiltrate data and to disrupt operations, or for political or financial gain. According to Cybersecurity Ventures, cybercrime is a massive $6 trillion business. Powered by very large networks of individual attackers distributed worldwide, cybercrime is practically infinite in scale and transcends geographical boundaries.

•Rapid adoption of cloud computing. According to IDC, worldwide spending on cloud services is expected to grow at 15.7% annually from 2020 to 2024, to over $1 trillion. While public cloud services continue to be the largest engine of growth, private clouds are indispensable for mid to large organizations, in particular government agencies and companies in regulated industries, that seek enhanced control over their business-critical operations and data.

•The operating system landscape is more complex than ever before. The diversification of IT and bring-your-own-device, or BYOD, policies brought Macs and other devices into today’s organizations. While Windows remains the dominant operating system for computers, Linux has become widely adopted among organizations to power their business applications and servers.

•Proliferation of connected devices. According to IDC, an estimated 41.4 billion IoT devices will be online in 2025. Many of these devices will have little to no built-in security capabilities. As a result, the attack surface has exploded. Visibility across connected devices and continuous assessment of their risk profile has become a top priority for organizations.

•Remote work is here to stay. The COVID-19 pandemic changed the way most organizations operate, accelerating technology’s role in supporting remote work. Gartner found that 82% of company leaders say their organizations plan to let employees continue to work from home at least some of the time, while 47% plan to allow employees to do so all of the time.

Sophisticated cyberattacks circumvent existing security controls. Cyberattacks have evolved into highly sophisticated, organized, and large-scale attacks that seek to circumvent existing security controls and undermine critical societal functions through a variety of attacks that are:

•Fast acting. Many attacks take only seconds for adversaries to breach organizations. They bypass security controls that are based on the “1-10-60” rule which evangelizes that organizations have one minute to detect, ten minutes to investigate, and 60 minutes to remediate a security breach.

•Stealthy, with long dwell times. Some attacks are designed to breach the organization and stealthily infiltrate across assets to steal data, facilitate future attacks, or cause other harm over a long period of time, all while operating undetected. The average time to identify and contain a breach is 280 days, according to IBM Security’s Cost of a Data Breach Report 2020, giving threat actors plenty of time to inflict damage.

Cybersecurity teams are unable to scale. Organizations are facing an acute shortage of skilled cybersecurity talent. (ISC)2 estimates that approximately three million additional professionals are needed today to adequately defend organizations against cyberattacks worldwide. To keep up with the exponentially increasing number of connected devices, applications, and cyber threats, organizations are demanding a technology-powered, data-driven approach that does not require human intervention to prevent, detect, and remediate cyber threats.

Limitations of Existing Solutions

Organizations must deploy solutions that enable them to stay one step ahead of attackers and address intrusion attempts in real-time. As attackers up the ante, developing new skills and deploying new tactics and techniques, existing tools are often unable to prevent and respond effectively to breaches. The result is a rising number of successful high-profile attacks.

Key limitations of existing tools are that they:

•Cover a limited spectrum of cyber threats. Existing tools, such as signature-based approaches, human-powered monitoring, application whitelisting, and sandboxing, are each effective under limited circumstances, but lack the ability to detect the full spectrum of threats organizations are dealing with.

•Utilize AI approaches that rely on humans to power protection mechanisms. First generation AI tools cannot handle the volume, variety, and velocity of data that must be ingested and analyzed, in real-time, to be effective in preventing breaches. These tools often rely on ineffective pattern-matching algorithms in the cloud that generate so much “noise” that human intervention is required to extract useful “signals.” Due to their dependency on the cloud, they cannot take action at machine speed and are thus unable to detect and prevent or stop many fast-acting attacks.

•Lack long-term data visibility to proactively investigate advanced threats. Existing EDR tools lack the capability to store large sets of historical data cost efficiently. This makes full incident investigation challenging for security personnel, as they are unable to go back in time and see how the attack breached the organization and progressed.

•Lack deployment flexibility for organizations. Organizations struggle with the limited deployment methods mandated by existing tools. On-premise tools impose complexity and maintenance burdens on organizations and lack the ability to quickly adapt to organizations’ rapidly evolving IT environments. Cloud-only cybersecurity vendors are unsuitable for many large and complex enterprises and governments that need private or hybrid cloud solutions to meet their security, regulatory and compliance requirements.

•Inhibit technology workflow automation. Many existing tools lack out-of-the box APIs. Their lack of flexible workflow integrations limits organizations’ ability to reduce overhead by automating processes, and to improve their security by ensuring that process steps are done quickly, consistently, and according to their predefined requirements.

A new paradigm for cybersecurity is needed to autonomously protect organizations and their heterogeneous IT footprints from highly sophisticated, machine-based attacks in a holistic, seamless, and automated manner.

Our Revolutionary XDR Approach to Cybersecurity

Our AI-powered Singularity Platform defines and delivers XDR. Our platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of disparate external and internal sources in real-time. We build rich context by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous. Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform. Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud. In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated. Furthermore, our platform provides visibility across an organization’s digital assets through one console, making it easy and very fast for analysts to search through petabytes of data to investigate incidents and hunt threats. Our Singularity Platform offers multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds.

Key Benefits of our Singularity Platform

Key benefits of our platform include:

•Provides full forensic recall for complete remediation. We offer our customers the ability to retain rich, contextual data for up to three years in a highly cost efficient manner. This forensic data helps our customers to investigate breaches that have stealthily infiltrated their organization and operated undetected for many months. It gives them the ability to ensure that any incident has been fully remediated without the need to reimage or replace elements of their IT infrastructure.

•Provides a superior customer experience. The combination of our intuitive and clean user interface, our ability to provide context with one click, and our high degree of automation empowers our customers to use our platform independent of their expertise level. As a result, our customers report a 97% Customer Satisfaction Score.

•Delivers rapid time to value. By deploying our Singularity Platform, customers can receive a return on investment of 353% over three years, and a payback period of less than three months according to a 2020 Total Economic Impact study that we commissioned and that was conducted by Forrester Consulting. Our Singularity Platform can be quickly and easily deployed on the diverse IT environments of our customers, and without extensive configuration or maintenance.

Competitive Strengths

Our platform has the following key competitive strengths:

•Recognized market leadership. Our platform provides leading threat protection and visibility capabilities. The following industry and customer recognition is a testament to our capabilities:

◦In the MITRE ATT&CK®2020 assessment, our solution achieved the lowest number of missed detections and the highest number of high-quality correlated detections amongst a study of 20 other vendors in our category.

◦In the 2020 Gartner Peer Insights ‘Voice of the Customer’: Endpoint Detection and Response Solutions, we had the highest overall rating (4.8/5) and most verified reviews (123).

•Flexible deployment model. Our Singularity Platform can be deployed on a diverse range of environments that our customers choose, including the public, private, or hybrid cloud, making it relevant for organizations of all sizes with varying compliance and regulatory requirements.

•Proprietary data stack. Our modern, innovative, and extensible data stack enables us to ingest, process and analyze massive amounts and a wide variety of data types efficiently. Our independent, component-driven architecture allows us to evolve rapidly leveraging continued innovations of public cloud infrastructure, while controlling every aspect of our innovation roadmap and customer experience.

•Deeply embedded within our customers’ IT stacks. Our API-first approach and Singularity Marketplace allow our customers to easily integrate intelligence, analytics, automation, and other third-party business applications with our platform.

•Rich partner ecosystem. We have deep partnerships with many of the leading independent software vendors, or ISVs, alliance partners whom we engage with on joint technology and go-to-market strategies; and channel partners, such as distributors, resellers, managed service providers, or MSPs, managed security service providers, or MSSPs, managed detection and response providers, or MDRs, original equipment manufacturers, or OEMs, and incident response firms, or IR firms. As we empower our partners through technology, many of our partners act as force multipliers and broaden our market reach.

•Quality and access of cybersecurity and AI talent. Our thought leadership in security and AI, combined with our award winning culture, allows us to attract and retain the best talent at a global scale. It allows us to develop state-of-the-art solutions, to innovate faster, and to solve many of the industry’s most complex problems.

Our Market Opportunity

According to IDC, the addressable market addressed by our solutions today is expected to reach $40.2 billion in 2024, growing at a compound annual growth rate, or CAGR, of 11.9% between 2021 and 2024. Our addressable market today represents revenue from the following markets:

•Corporate Endpoint Security. A $9.7 billion market in 2021 and growing to $12.0 billion in 2024; comprising Modern Endpoint Security, Server Security (physical servers and cloud workload security), Information Protection and Control, and Endpoint Management.

•Cybersecurity Analytics, Intelligence, Response, and Orchestration. A $13.1 billion market in 2021 and growing to $17.1 billion in 2024; comprising Device Vulnerability Assessment, Forensics and Incident Investigation, Policy and Compliance, Security Device Systems Management, Security Information and Event Management, or SIEM, and Software Vulnerability Assessment.

•IT Operations Management. A $5.9 billion market in 2021 and growing to $11.1 billion in 2024.

By empowering MSPs, MSSPs, MDRs, and IR firms with our technology and through our deep partnerships with them, we benefit from the market penetration of those entities. In addition to these markets, we believe several adjacent markets, including Threat Intelligence and Data Loss Prevention will be addressable by us in the future as we continue to innovate and build out our capabilities and offerings.

We believe our XDR capabilities position us well to consolidate and unify spend across these categories. Over time, we believe this unification and re-architecture of the prevention, detection, and response paradigm will create new opportunities for additional products and features for us.

Growth Strategy

Key elements of our growth strategy include:

•Continue to innovate and enhance our cybersecurity and data platform. We will continue to expand our platform and XDR capabilities and develop new modules to include greater functionality and address

additional use cases. Through our convergence of cybersecurity and data, we intend to bring our customers and prospects a variety of differentiated cybersecurity-first and enhanced data analytics offerings. Having access to some of the world’s top cybersecurity and AI talent allows us to conduct extensive research and development to maintain our leading position.

•Drive new customer acquisition. We intend to continue to add new customers through a product-first approach to customer acquisition. This approach enables us to build trusted relationships with a large and rapidly growing group of highly influential managed service and incident response providers, as opposed to creating a dynamic of competition that creates friction between product vendors and service providers. We intend to continue to build our relationships with our channel partners, including MSPs, MSSPs, MDRs, OEMs, and IR firms, as well as our alliance partners to expand our market reach.

•Increase adoption within our customer base. As we enhance our platform functionality and value proposition, we expect many of our customers to adopt additional platform functionalities and Singularity Modules to address all of their cybersecurity use cases through the same platform and agent.

•Expand our global footprint. We intend to continue to grow our international customer base by increasing our investments in our international operations.

•Expand our total addressable market through acquisitions. We intend to complement our organic investments with acquisitions to successfully execute on our XDR strategy.

Risk Factors Summary

Our business is subject to numerous risks and uncertainties, including those in the section titled “Risk Factors” immediately following this prospectus summary. These risks include the following:

•We have a limited operating history, which makes it difficult to evaluate our current business and future prospects and increases the risks associated with your investment.

•We have a history of losses, anticipate increases in our operating expenses in the future, and may not achieve or sustain profitability. If we cannot achieve and sustain profitability, our business, financial condition, and operating results will be adversely affected.

•We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition.

•Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations.

•A network or data security incident against us, whether actual, alleged, or perceived, may harm our reputation, create liability and regulatory exposure, and adversely impact our financial results.

•Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely impact our business, operating results, and financial condition.

•If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future.

•If our platform is not effectively interoperated within our customers’ IT infrastructure, deployments could be delayed or canceled, which would adversely impact our business, operating results, and financial condition.

•Disruptions or other business interruptions that affect the availability of our platform could adversely impact our customer relationships and overall business.

•We may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements.

Channels for Disclosure of Information

Following the effectiveness of the registration statement of which this prospectus forms a part, we intend to announce material information to the public through filings with the Securities and Exchange Commission, or the SEC, the investor relations page on our website (www.sentinelone.com), press releases, public conference calls, public webcasts, our Twitter account (@SentinelOne), our Facebook page, our LinkedIn page, and our corporate blog (www.sentinelone.com/blog/).

The information disclosed by the foregoing channels could be deemed to be material information. As such, we encourage investors, the media, and others to follow the channels listed above and to review the information disclosed through such channels.

Any updates to the list of disclosure channels through which we will announce information will be posted on the investor relations page on our website.

Corporate Information

We were incorporated in the State of Delaware as Sentinel Labs, Inc. in January 2013. Our principal executive offices are located at 444 Castro Street, Suite 400, Mountain View, California 94041. Our telephone number is (855) 868-3733. Our website address is www.sentinelone.com. The information contained on, or that can be accessed through, our website is not a part of this prospectus. Investors should not rely on any such information in deciding whether to purchase our common stock. Unless otherwise indicated, the terms “SentinelOne,” “Sentinel Labs,” the “Company,” “we,” “us,” and “our” refer to Sentinel Labs, Inc. and our subsidiaries.

SentinelOne, the SentinelOne logo, and other registered or common law trade names, trademarks, or service marks of SentinelOne appearing in this prospectus are the property of SentinelOne. This prospectus contains additional trade names, trademarks, and service marks of ours and of other companies. We do not intend our use or display of other companies’ trade names, trademarks, or service marks to imply a relationship with these other companies, or endorsement or sponsorship of us by these other companies. Other trademarks appearing in this prospectus are the property of their respective holders. Solely for convenience, our trademarks and trade names referred to in this prospectus appear without the ® and ™ symbols, but those references are not intended to indicate, in any way, that we will not assert, to the fullest extent under applicable law, our rights, or the right of the applicable licensor, to these trademarks and trade names.

Implications of Being an Emerging Growth Company

As a company with less than $1.07 billion in revenue during our most recently completed fiscal year, we qualify as an “emerging growth company” as defined in Section 2(a) of the Securities Act of 1933, as amended, or the Securities Act, as modified by the Jumpstart Our Business Startups Act of 2012, or the JOBS Act. As an emerging growth company, we may take advantage of specified reduced disclosure and other requirements that are otherwise applicable, in general, to public companies that are not emerging growth companies. These provisions include:

•being permitted to present only two years of audited financial statements and only two years of related “Management’s Discussion and Analysis of Financial Condition and Results of Operations” disclosure in this prospectus;

•an exemption from compliance with the auditor attestation requirement on the effectiveness of our internal control over financial reporting pursuant to the Sarbanes-Oxley Act of 2002, or the Sarbanes-Oxley Act;

•an exemption from the requirement that critical audit matters be discussed in our independent auditor’s reports on our audited financial statements or any other requirements that may be adopted by the Public Company Accounting Oversight Board unless the SEC determines that the application of such requirements to emerging growth companies is in the public interest;

•reduced disclosure about our executive compensation arrangements;

•exemptions from the requirements to obtain a non-binding advisory vote on executive compensation or a stockholder approval of any golden parachute arrangements; and

•extended transition periods for complying with new or revised accounting standards.

We will remain an emerging growth company until the earliest to occur of: (i) the last day of the fiscal year in which we have more than $1.07 billion in annual revenue; (ii) the date we qualify as a “large accelerated filer,” as defined in the rules under the Securities Exchange Act of 1934, as amended, or the Exchange Act, with at least $700 million of equity securities held by non-affiliates; (iii) the date on which we have issued, in any three-year period, more than $1.0 billion in non-convertible debt securities; and (iv) the last day of the fiscal year ending after the fifth anniversary of the completion of this offering.

We may take advantage of these exemptions until such time that we are no longer an emerging growth company. Accordingly, the information contained herein may be different than the information you receive from other public companies. Further, pursuant to Section 107 of the JOBS Act, as an emerging growth company, we have elected to take advantage of the extended transition period for complying with new or revised accounting standards until those standards would otherwise apply to private companies. As a result, our operating results and financial statements may not be comparable to the operating results and financial statements of other companies who have adopted the new or revised accounting standards. It is possible that some investors will find our common stock less attractive as a result, which may result in a less active trading market for our common stock and higher volatility in our stock price.

THE OFFERING


Common stock offered			shares

Common stock to be outstanding after this offering			shares ( shares if the underwriters exercise their over-allotment option in full)

Underwriters’ over-allotment option			shares

Use of proceeds			We estimate that the net proceeds from the sale of shares of our common stock in this offering will be approximately $ , or approximately $ if the underwriters’ over-allotment option is exercised in full, based upon the assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses. We primarily intend to use the net proceeds from this offering for working capital and other general corporate purposes. We may also use a portion of the proceeds for the acquisition of, or investment in, technologies, solutions, or businesses that complement our business. However, we do not have agreements or commitments for any acquisitions or investments outside the ordinary course of business at this time. See the section titled “Use of Proceeds” for additional information.

Concentration of ownership			Upon completion of this offering, our executive officers, directors, and holders of 5% or more of our common stock will beneficially own, in the aggregate, approximately % of the outstanding shares of our common stock.

Risk factors			See the section titled “Risk Factors” and other information included in this prospectus for a discussion of some of the factors you should consider before deciding to purchase shares of our common stock.

Proposed trading symbol			“ ”

The number of shares of our common stock that will be outstanding after this offering is based on shares of our common stock outstanding (after giving effect to the automatic conversion of all outstanding shares of redeemable convertible preferred stock into an aggregate of shares of common stock immediately prior to the completion of this offering) as of January 31, 2021, and excludes:

• shares of our common stock issuable upon the exercise of stock options outstanding as of January 31, 2021 under our 2013 Equity Incentive Plan, or our 2013 Plan, with a weighted-average exercise price of $ per share;

• shares of our common stock issuable upon the exercise of stock options granted after January 31, 2021 under our 2013 Plan with a weighted-average exercise price of $ per share;

• shares of our common stock issued in connection with our acquisition of Scalyr, Inc., or Scalyr, in February 2021;

• shares of our common stock issuable upon the exercise of stock options outstanding under our 2011 Stock Incentive Plan, or our 2011 Plan, that we assumed in connection with our acquisition of Scalyr in February 2021, with a weighted-average exercise price of $ per share;

• shares of our common stock issuable upon the exercise of warrants to purchase shares of common stock outstanding as of January 31, 2021 with a weighted-average exercise price of $ per share; and

• shares of our common stock reserved for future issuance under our equity compensation plans, consisting of (i) shares of our common stock reserved for future issuance under our 2013 Plan, as of January 31, 2021 (which number of shares is prior to the stock options to purchase shares of our common stock granted after January 31, 2021), (ii) shares of our common stock reserved for future issuance under our 2021 Equity Incentive Plan, or the 2021 Plan, which will become effective on the date immediately prior to the date of this prospectus, and (iii) shares of our common stock reserved for issuance under our 2021 Employee Stock Purchase Plan, or the 2021 ESPP, which will become effective on the date of this prospectus.

On the date of this prospectus, any remaining shares available for issuance under our 2013 Plan will be added to the shares of our common stock reserved for issuance under our 2021 Plan, and we will cease granting awards under the 2013 Plan. Our 2021 Plan and 2021 ESPP also provide for automatic annual increases in the number of shares reserved thereunder. For additional information, see the section titled “Executive Compensation—Employee Benefit and Stock Plans.”

Unless otherwise noted, the information in this prospectus reflects and assumes the following:

•a 1-to-3 forward stock split of our outstanding capital stock, that was effected in February 2020, or the Forward Stock Split;

•the automatic conversion of all outstanding shares of our redeemable convertible preferred stock as of January 31, 2021 into an aggregate of shares of common stock immediately prior to the completion of this offering, or the Capital Stock Conversion;

•the filing of our restated certificate of incorporation and the effectiveness of our restated bylaws, each of which will occur immediately prior to the completion of this offering;

•no exercise of outstanding stock options or warrants subsequent to January 31, 2021; and

•no exercise by the underwriters of their over-allotment option to purchase additional shares of our common stock in this offering.

SUMMARY CONSOLIDATED FINANCIAL AND OTHER DATA

The following tables summarize our consolidated financial and other data. We derived our summary consolidated statements of operations data for the years ended January 31, 2020 and 2021 (except for pro forma basic and diluted net loss per share attributable to common stockholders and weighted-average shares used in computing pro forma basic and diluted net loss per share attributable to common stockholders) and our summary consolidated balance sheet data as of January 31, 2021 from our audited consolidated financial statements included elsewhere in this prospectus. Our historical results are not necessarily indicative of the results to be expected in the future. You should read the following summary consolidated financial and other data in conjunction with the sections titled “Selected Consolidated Financial and Other Data” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” and our consolidated financial statements, the accompanying notes, and other financial information included elsewhere in this prospectus. Our fiscal year end is January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31.

Consolidated Statements of Operations Data


	Year Ended January 31,
	2020		2021
	(in thousands, except share and per share data)
Revenue	$	46,474	$
Cost of revenue(1)	18,331
Gross profit	28,143
Operating expenses:
Research and development(1)	36,683
Sales and marketing(1)	51,322
General and administrative(1)	15,122
Total operating expenses	103,127
Loss from operations	(74,984)
Interest income	886
Interest expense	(2,015)
Other income (expense), net	(217)
Loss before provision for income taxes	(76,330)
Provision for income taxes	237
Net loss	$	(76,567)	$
Net loss per share attributable to common stockholders, basic and diluted(2)	$	(2.34)	$
Weighted-average shares used in computing net loss per share attributable to common stockholders, basic and diluted(2)	32,712,350
Pro forma net loss per share attributable to common stockholders, basic and diluted (unaudited)(3)			$
Weighted-average shares used in computing pro forma net loss per share attributable to common stockholders, basic and diluted (unaudited)(3)

__________________

(1)Includes stock-based compensation expense as follows:


	Year Ended January 31,
	2020		2021
	(in thousands)
Cost of revenue	$	138	$
Research and development	1,686
Sales and marketing	1,034
General and administrative	1,488
Total	$	4,346	$

(2)See Notes 2 and 11 to our consolidated financial statements included elsewhere in this prospectus for an explanation of the calculation of our basic and diluted net loss per share attributable to common stockholders.

(3)Basic and diluted pro forma net loss per share attributable to common stockholders for fiscal 2021 gives effect to .

Consolidated Balance Sheet Data

As of January 31, 2021

Actual

Pro Forma(1)

Pro Forma

as Adjusted(2)(3)

(in thousands)

Cash, cash equivalents, and short-term investments

Working capital(4)

Total assets

Long-term debt

Redeemable convertible preferred stock

Additional paid-in capital

Accumulated deficit

Total stockholders’ (deficit) equity

__________________

(1)The pro forma column above reflects (i) the Capital Stock Conversion, as if such conversion had occurred on January 31, 2021, and (ii) the filing and effectiveness of our restated certificate of incorporation that will become effective immediately prior to the completion of this offering.

(2)The pro forma as adjusted column above gives effect to (i) the pro forma adjustments set forth above and (ii) the sale and issuance by us of shares of our common stock in this offering, based upon the assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses.

(3)Each $1.00 increase or decrease in the assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase or decrease the amount of our pro forma as adjusted cash, cash equivalents, and short-term investments, working capital, total assets, additional paid-in capital, and total stockholders’ (deficit) equity by $ million, assuming that the number of shares of our common stock offered, as set forth on the cover page of this prospectus, remains the same, after deducting estimated underwriting discounts and commissions. An increase or decrease of 1.0 million shares in the number of shares offered by us would increase or decrease, as applicable, the amount of our pro forma as adjusted cash, cash equivalents, and short-term investments, working capital, total assets, additional paid-in capital, and total stockholders’ (deficit) equity by $ million, assuming the assumed initial public offering price remains the same, and after deducting estimated underwriting discounts and commissions.

(4)Working capital is defined as current assets less current liabilities.

Key Business Metrics and Non-GAAP Financial Measures

We review a number of operating and financial metrics, including the following key metrics and non-GAAP financial measures to evaluate our business, measure our performance, identify trends affecting our business, formulate business plans, and make strategic decisions. See the sections titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Business Metrics” for additional information regarding our key business metrics and “Management’s Discussion and Analysis of Financial Condition and Results

of Operations—Non-GAAP Financial Measures” for additional information and reconciliations of our non-GAAP financial measures to the most directly comparable financial measures prepared in accordance with U.S. generally accepted accounting principles, or GAAP.


	As of or For the Year Ended January 31,
	2020			2021
	(dollars in thousands)
Annualized recurring revenue (ARR)	$	66,764
Customers with ARR of $100,000 or more	104
Dollar-based net retention rate	119		%
Gross profit	$	28,143
Non-GAAP gross profit	$	28,281
Gross margin	61		%
Non-GAAP gross margin	61		%
Loss from operations	$	(74,984)
Non-GAAP loss from operations	$	(70,638)
Operating margin	(161)		%
Non-GAAP operating margin	(152)		%
Net cash used in operating activities	$	(44,424)
Net cash used in investing activities	$	(3,187)
Net cash provided by financing activities	$	52,770
Free cash flow	$	(47,077)

RISK FACTORS

Investing in our common stock involves a high degree of risk. You should carefully consider the risks and uncertainties described below, together with all of the other information in this prospectus, including the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” and our consolidated financial statements and the accompanying notes included elsewhere in this prospectus before making a decision to invest in our common stock. Our business, financial condition, results of operations, or prospects could also be adversely affected by risks and uncertainties that are not presently known to us or that we currently believe are not material. If any of the risks actually occur, our business, financial condition, results of operations, and prospects could be adversely affected. In that event, the market price of our common stock could decline, and you could lose all or part of your investment.

Risks Related to Our Business and Industry

We have a limited operating history, which makes it difficult to evaluate our current business and future prospects and increases the risks associated with your investment.

We were founded in January 2013 and released our first endpoint security solution in February 2015. Our limited operating history may make it difficult to evaluate our current business and future prospects. We have encountered, and will continue to encounter risks and uncertainties frequently experienced by growing companies in rapidly changing industries, such as the risks and uncertainties described herein. Further, we have limited historical financial data, and we operate in a rapidly evolving market. As a result, any predictions about our future revenue and expenses may not be as accurate as they would be if we had a longer operating history or operated in a more predictable or established market. If our assumptions regarding these risks and uncertainties are incorrect or change due to changes in our markets or otherwise, or if we do not address these risks successfully, our operating and financial results could differ materially from our expectations and our business and operating results would be adversely affected. We cannot assure you that we will be successful in addressing these and other challenges we may face in the future.

We have a history of losses, anticipate increases in our operating expenses in the future, and may not achieve or sustain profitability. If we cannot achieve and sustain profitability, our business, financial condition, and operating results will be adversely affected.

We have incurred net losses in all periods since our inception, and we may not achieve or maintain profitability in the future. We experienced a net loss of $76.6 million in fiscal 2020. As of January 31, 2020, we had an accumulated deficit of $233.0 million. While we have experienced significant growth in revenue in recent periods, we cannot predict when or whether we will reach or maintain profitability. We also expect our operating expenses to increase in the future as we continue to invest for our future growth, including expanding our research and development function to drive further development of our platform, expanding our sales and marketing activities, developing the functionality to expand into adjacent markets, and reaching customers in new geographic locations, which will negatively affect our operating results if our total revenue does not increase. In addition to the anticipated costs to grow our business, we also expect to incur significant additional legal, accounting, and other expenses as a newly public company. These efforts and additional expenses may be more costly than we expect, and we cannot guarantee that we will be able to increase our revenue to offset our operating expenses. Our revenue growth may slow or our revenue may decline for a number of other reasons, including reduced demand for our platform, increased competition, a decrease in the growth or reduction in size of our overall market, or if we cannot capitalize on growth opportunities. Any failure to increase our revenue or to manage our costs as we invest in our business would prevent us from achieving or maintaining profitability.

We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition.

The market for cybersecurity products and services is intensely competitive, fragmented and characterized by rapid changes in technology, customer requirements, industry standards, increasingly sophisticated attackers and by frequent introductions of new or improved products and services. We expect to continue to face intense competition from current competitors, as well as from new entrants into the market. If we are unable to anticipate or react to

these challenges, our competitive position would weaken, and we would experience a decline in revenue or reduced revenue growth, and loss of market share that would adversely affect our business, financial condition and operating results.

Our competitors and potential competitors include the following:

•endpoint security providers, such as CrowdStrike Holdings, Inc. and VMware, Inc.;

•legacy anti-virus providers such as McAfee Corp., Symantec (a subsidiary of Broadcom, Inc.), and Microsoft Corporation; and

•providers of general network security products and services who offer a broad portfolio of solutions, such as Palo Alto Networks, Inc.

Our ability to compete effectively depends upon numerous factors, many of which are beyond our control, including, but not limited to:

•our ability to attract and retain new customers, expand our platform or sell additional products and services to our existing customers;

•the budgeting cycles, seasonal buying patterns, and purchasing practices of our customers, including any slowdown in technology spending due to the COVID-19 pandemic and market downturns;

•changes in customer, distributor or reseller requirements or market needs;

•price competition;

•the timing and success of new product and service introductions by us or our competitors or any other change in the competitive landscape of our industry, including consolidation among our competitors or customers and strategic partnerships entered into by and between our competitors;

•changes in our mix of products, subscriptions and services sold, including changes in the average contract length for subscriptions and support;

•our ability to successfully and continuously expand our business domestically and internationally;

•changes in the growth rate of the endpoint security market;

•deferral of orders from customers in anticipation of new or enhanced products and services announced by us or our competitors;

•significant security breaches of, technical difficulties with or interruptions to, the use of our platform;

•the timing and costs related to the development or acquisition of technologies or businesses or strategic partnerships;

•our ability to execute, complete or integrate efficiently any acquisitions that we may undertake;

•increased expenses, unforeseen liabilities, or write-downs and any impact on our operating results from any acquisitions we consummate;

•our ability to increase the size and productivity of our distribution channels;

•decisions by potential customers to purchase security solutions from larger, more established security vendors or from their primary network equipment vendors;

•timing of revenue recognition and revenue deferrals;

•insolvency or credit difficulties confronting our customers, which could increase due to the effects of the COVID-19 pandemic and adversely affect their ability to purchase or pay for our platform, products, and services in a timely manner or at all;

•the cost and potential outcomes of litigation, which could have a material adverse effect on our business;

•future accounting pronouncements or changes in our accounting policies;

•increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates; and

•general macroeconomic conditions, both domestically and in our foreign markets that could impact some or all regions where we operate.

Many of our competitors have greater financial, technical, marketing, sales, and other resources, greater name recognition, longer operating histories, and a larger base of customers than we do. Our competitors may be able to devote greater resources to the development, promotion and sale of their products and services than we can, and they may offer lower pricing than we do. Further, they may have greater resources for research and development of new technologies, customer support and to pursue acquisitions, or they may have other financial, technical, or other resource advantages. Our larger competitors have substantially broader and more diverse product and service offerings and more mature distribution and go-to-market strategies, which allows them to leverage their existing customer and distributor relationships to gain business in a manner that discourages potential customers from purchasing our platform. Also, in connection with the travel restrictions and shelter-in-place policies resulting from the COVID-19 pandemic, we have seen a significant increase in usage and subscriptions from smaller customers, many of whom are small or medium sized businesses. Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering or acquisitions by our competitors or continuing market consolidation. Some of our competitors have recently made or could make acquisitions of businesses or have established cooperative relationships that may allow them to offer more directly competitive and comprehensive products and services than were previously offered and adapt more quickly to new technologies and customer needs. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, increased net losses and loss of market share. Even if there is significant demand for endpoint security solutions like ours, if our competitors include functionality that is, or is perceived to be, equivalent to or better than ours in legacy products that are already generally accepted as necessary components of an organization’s IT security architecture, we will have difficulty increasing the market penetration of our platform. Furthermore, even if the functionality offered by other cybersecurity providers is different and more limited than the functionality of our platform, organizations may elect to accept such limited functionality in lieu of purchasing products and services from additional vendors like us. If we are unable to compete successfully, or if competing successfully requires us to take aggressive action with respect to pricing or other actions, our business, financial condition and operating results would be adversely affected.

Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations.

Our operating results may vary significantly from period to period, which could adversely affect our business, operating results and financial condition. Our operating results have varied significantly from period to period in the past, and we expect that our operating results will continue to vary significantly in the future such that period-to-period comparisons of our operating results may not be meaningful. Accordingly, our financial results in any one quarter should not be relied upon as indicative of future performance. Our quarterly financial results may fluctuate as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:

•the impact of the COVID-19 pandemic on our operations, financial results, and liquidity and capital resources, including on customers, sales, expenses, and employees;

•our ability to attract new and retain existing customers;

•the budgeting cycles, seasonal buying patterns, and purchasing practices of customers;

•the timing and length of our sales cycles;

•changes in customer or channel partner requirements or market needs;

•changes in the growth rate of the cybersecurity market generally and market for endpoint security;

•the timing and success of new product and service introductions by us or our competitors or any other competitive developments, including consolidation among our customers or competitors;

•the level of awareness of cybersecurity threats, particularly advanced cyberattacks, and the market adoption of our platform;

•our ability to successfully expand our business domestically and internationally;

•decisions by organizations to purchase security solutions from larger, more established security vendors or from their primary IT equipment vendors;

•changes in our pricing policies or those of our competitors;

•any disruption in our relationship with channel partners;

•insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our solution;

•significant security breaches of, technical difficulties with or interruptions to, the use of our platform;

•extraordinary expenses such as litigation or other dispute-related settlement payments or outcomes;

•general economic conditions, both domestic and in our foreign markets;

•future accounting pronouncements or changes in our accounting policies or practices;

•negative media coverage or publicity;

•political events;

•the amount and timing of operating costs and capital expenditures related to the expansion of our business; and

•increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates.

In addition, we experience seasonal fluctuations in our financial results as we typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in our fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers.

Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. As a result of this variability, our historical operating results should not be relied upon as an indication of future performance. Moreover, this variability and unpredictability could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for the reasons described above or other reasons, our stock price could fall substantially, and we could face costly lawsuits, including securities class action suits.

Our platform represents a new approach to endpoint protection and, therefore, it is difficult to predict adoption and demand for our platform.

Our cloud-native, artificial intelligence-enabled endpoint security platform represents a new approach to endpoint protection. Accordingly, it is difficult to predict customer adoption and demand for our platform, the size

and growth rate of this market, the entry of competitive products and services or the success of existing competitive products and services.

Any expansion in our market depends on a number of factors, including the cost, performance and perceived value associated with, and customer adoption of, our platform. If the market for our services does not achieve widespread adoption or there is a reduction in demand for our software or our services in our market caused by a lack of customer acceptance, implementation challenges for deployment, technological challenges, competing technologies and services, decreases in corporate spending, weakening economic conditions, or otherwise, it could result in reduced customer orders and decreased revenue, which would adversely affect our business operations and financial condition.

Our platform interoperates with, but does not necessarily replace, other security products. Businesses that use other cybersecurity products and services may be hesitant to purchase our platform if they believe their existing products and services provide a level of security that is sufficient to meet their needs. If we do not succeed in convincing customers that our platform should be an integral part of their overall approach to security, our sales will not grow as quickly as anticipated, or at all, which would have an adverse impact on our business, operating results and financial condition.

If businesses do not continue to adopt our platform for any of the reasons discussed above or for other reasons not contemplated, our sales would not grow as quickly as anticipated, or at all, and our business, operating results and financial condition would be adversely affected.

A network or data security incident against us, whether actual, alleged, or perceived, would harm our reputation, create liability, and regulatory exposure, and adversely impact our business, operating results, and financial condition.

Increasingly, companies are subject to a wide variety of attacks on their networks on an ongoing basis. Traditional computer “hackers,” malicious code (such as viruses and worms), phishing attempts, employee theft or misuse, denial of service attacks, and sophisticated nation-state and nation-state supported actors engage in intrusions and attacks that create risks for our internal networks and cloud deployed products and the information they store and process. Cybersecurity companies face particularly intense attack efforts, and we have faced and will continue to face cyber threats and attacks from a variety of sources. Although we have implemented security measures to prevent such attacks, our networks and systems may be breached due to the actions of outside parties, employee error, malfeasance, a combination of these, or otherwise, and as a result, an unauthorized party may obtain access to our systems, networks, or data. We may face difficulties or delays in identifying or otherwise responding to any attacks or actual or potential security breaches or threats. A breach in our data security or an attack against our platform could impact our networks or the networks of our customers that are secured by our platform, creating system disruptions or slowdowns and providing access to malicious parties to information stored on our networks or the networks of our customers, resulting in data being publicly disclosed, altered, lost, or stolen, which could subject us to liability and adversely impact our financial condition.

Any actual, alleged or perceived security breach in our systems or networks, or any other actual, alleged or perceived data security incident we suffer, could result in damage to our reputation, negative publicity, loss of customers and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise respond to any incident, regulatory investigations and enforcement actions, costly litigation, and other liability. We would also be exposed to a risk of loss or litigation and potential liability under laws, regulations and contracts that protect the privacy and security of personal information. For example, the California Consumer Privacy Act of 2018, or the CCPA, imposes a private right of action for security breaches that could lead to some form of remedy including regulatory scrutiny, fines, private right of action settlements, and other consequences. Where a security incident involves a breach of security leading to the accidental or unlawful destruction, loss, alternation, unauthorized disclosure of, or access to, personal data in respect of which we are a controller or processor under the GDPR or U.K. GDPR (as defined below), this could result in fines of up to €20 million or 4% of annual global turnover under the GDPR or £17 million and 4% of total annual revenue in the case of the U.K. GDPR. We may also be required to notify such breaches to regulators and/or individuals which may result in us incurring additional costs.

In addition, we may incur significant financial and operational costs to investigate, remediate, eliminate and put in place additional tools and devices designed to prevent actual or perceived security breaches and other security incidents, as well as costs to comply with any notification obligations resulting from any security incidents. Any of these negative outcomes could adversely impact the market perception of our platform and customer and investor confidence in our company, and would adversely impact our business, operating results, and financial condition.

Defects, errors, or vulnerabilities in our platform, the failure of our platform to block malware or prevent a security breach, misuse of our platform, or risks of product liability claims would harm our reputation and adversely impact our business, operating results, and financial condition.

Our platform is multi-faceted and may be deployed with material defects, software “bugs” or errors that are not detected until after their commercial release and deployment to our customers. From time to time, certain of our customers have reported defects in our platform related to performance, scalability, and compatibility. Our platform also provides our customers with the ability to customize a multitude of settings, and it is possible that a customer could misconfigure our platform or otherwise fail to configure our products in an optimal manner. Such defects and misconfigurations of our platform could cause our platform to operate at suboptimal efficacy, cause it to fail to secure customers’ computing environments and detect and block threats or temporarily interrupt the functionality of our customers’ endpoints. In addition, because the techniques used by computer hackers to access or sabotage target computing environments change frequently and generally are not recognized until launched against a target, there is a risk that an advanced attack could emerge that our platform is unable to detect or prevent. Furthermore, as a well-known provider of security solutions, our networks, platform, products, including cloud-based technology, and customers could be targeted by attacks specifically designed to disrupt our business and harm our reputation. In addition, defects or errors in our platform could result in a failure to effectively update customers’ cloud-based products. Our data centers and networks may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing customer base, any of which could temporarily or permanently expose our customers’ computing environments, leaving their computing environments unprotected against cyber threats. Any of these situations could result in negative publicity to us, damage our reputation, and increase expenses and customer relations issues, which would adversely impact our business, financial condition, and operating results.

Advances in computer capabilities, discoveries of new weaknesses and other developments with software generally used by the Internet community may increase the risk we will suffer a security breach. Furthermore, our platform may fail to detect or prevent malware, ransomware, viruses, worms or similar threats for any number of reasons, including our failure to enhance and expand our platform to reflect industry trends, new technologies and new operating environments, the complexity of the environment of our clients and the sophistication of malware, viruses and other threats. Our platform may fail to detect or prevent threats in any particular test for a number of reasons. We or our service providers may also suffer security breaches or unauthorized access to personal information, financial account information, and other confidential information due to employee error, rogue employee activity, unauthorized access by third parties acting with malicious intent or who commit an inadvertent mistake or social engineering. If we experience any breaches of security measures or sabotage or otherwise suffer unauthorized use or disclosure of, or access to, personal information, financial account information or other confidential information, we might be required to expend significant capital and resources to address these problems. We may not be able to remedy any problems caused by hackers or other similar actors in a timely manner, or at all. To the extent potential customers, industry analysts or testing firms believe that the failure to detect or prevent any particular threat is a flaw or indicates that our platform does not provide significant value, our reputation and business would be harmed. Any real or perceived defects, errors or vulnerabilities in our platform, or any other failure of our platform to detect an advanced threat, could result in:

•a loss of existing or potential customers;

•delayed or lost revenue and adverse impacts to our business, financial condition and operating results;

•a delay in attaining, or the failure to attain, market acceptance;

•the expenditure of significant financial and research and development resources in efforts to analyze, correct, eliminate, or work around errors or defects, and address and eliminate vulnerabilities;

•an increase in resources devoted to customer service and support, which could adversely affect our gross margin;

•harm to our reputation or brand; and

•claims and litigation, regulatory inquiries, or investigations, enforcement actions, and other claims and liabilities, all of which may be costly and burdensome and further harm our reputation.

Because techniques used to obtain unauthorized access or to sabotage systems change frequently and generally are not recognized until after they are launched against a target, we and our service providers may be unable to anticipate these techniques or to implement adequate preventative measures. Moreover, if a high-profile cybersecurity incident occurs with respect to another software as a service, or SaaS, provider, customers may lose trust in the security of the SaaS business model generally, which could adversely impact our ability to retain existing customers or attract new ones. In the last few years there have been many successful advanced cybersecurity incidents that have damaged several prominent companies in spite of strong information security measures. For example, SolarWinds Corporation, a provider of IT monitoring and management products and services, experienced a cyberattack that appears likely to be the result of a supply chain attack by an outside nation state, resulting in vulnerabilities being included in software updates related to its Orion Platform products delivered between March and June 2020. We expect that the risks associated with cybersecurity incidents and the costs of preventing such attacks will continue to increase in the future.

In addition, we cannot assure you that any limitation of liability provisions in our customer agreements, contracts with third-party vendors and service providers, or other contracts would be enforceable or adequate or would otherwise protect us from any liabilities or damages with respect to any particular claim relating to a security breach or other security-related matter as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the U.S. or other countries. We maintain insurance to protect against certain claims associated with the use of our platform, but our insurance coverage may not adequately cover any claim asserted against us. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation, divert management’s time and other resources, and harm our reputation. We also cannot be certain that our insurance coverage will be adequate for data handling or data security liabilities actually incurred, that insurance will continue to be available to us on economically reasonable terms, or at all, or that any future claim will not be excluded or otherwise be denied coverage by any insurer. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could adversely impact our business, operating results and financial condition.

If we are unable to retain our customers, renew and expand our relationships with them, and add new customers, we may not be able to sustain revenue growth, and we may not achieve or maintain profitability in the future.

In recent periods, we have experienced rapid growth in the adoption of our platform, customer base and revenue. However, we may not continue to grow in the future. Any success that we may experience in the future will depend, in large part, on our ability to, among other things:

•maintain, renew and expand our existing customer base;

•continue to attract new customers;

•induce customers to expand deployment of the initially adopted module(s) of our platform across their organizations and infrastructure, and to adopt additional modules of our platform and services;

•improve the capabilities of our platform through research and development;

•continue to successfully expand our business domestically and internationally; and

•successfully compete with other companies in the endpoint security industry.

Our customers have no obligation to renew their subscription for our platform after the expiration of their contractual subscription period, which is generally one to three years, and in the normal course of business, some customers have elected not to renew. In addition, our customers may renew for shorter contract subscription lengths or cease using certain features. Our customer retention and expansion may decline or fluctuate as a result of a number of factors, including our customers’ satisfaction with our services, our pricing, customer security and networking issues and requirements, our customers’ spending levels, decreases in the number of endpoints to which our customers deploy our solution, mergers and acquisitions involving our customers, industry developments, competition and general economic conditions. If our efforts to maintain and expand our relationships with our existing customers are not successful, our business, operating results and financial condition will materially suffer.

If our platform is not effectively interoperated within our customers’ IT infrastructure, deployments could be delayed or canceled, which would adversely impact our business, operating results, and financial condition.

Our platform must effectively interoperate with our customers’ existing IT infrastructure, which often has different specifications, utilizes multiple protocol standards, deploys products and services from multiple vendors, and contains multiple generations of products and services that have been added over time. As a result, our solutions can sometimes encounter interoperability issues on deployment or over time, which require additional support and problem solving with customers, in some cases, at a substantial cost to us. We may also have to modify our software so that our products will interoperate with a customer’s infrastructure. These issues would cause longer deployment and integration times for our platform and could cause order cancellations, either of which would adversely affect our business, operating results and financial condition. In addition, government and other customers may require our platform to comply with certain security or other certifications and standards. If we are unable to achieve, or are delayed in achieving, compliance with these certifications and standards, we may be disqualified from selling our platform to such customers, or may otherwise be at a competitive disadvantage, either of which could adversely impact our business, operating results and financial condition.

Disruptions or other business interruptions that affect the availability of our platform could adversely impact our customer relationships and overall business.

Our platform is hosted through Amazon Web Services, or AWS. Our software and systems are designed to use computing, storage capabilities, bandwidth, and other services provided by AWS, and currently our cloud service infrastructure is run on AWS. We have experienced, and expect in the future that we may experience from time to time, interruptions, delays or outages in service availability due to a variety of factors. Capacity constraints could arise from a number of causes such as technical failures, natural disasters, fraud or security attacks. The level of service provided by AWS, or regular or prolonged interruptions in that service, could also impact the use of, and our customers’ satisfaction with, our platform and could harm our business and reputation. In addition, hosting costs will increase as our customer base grows, which could adversely affect our business, operating results and financial condition.

Furthermore, AWS has discretion to change and interpret its terms of service and other policies with respect to us, including on contract renewal, and those actions may be unfavorable to our business operations. AWS may also take actions beyond our control that could seriously harm our business, including discontinuing or limiting our access to one or more AWS services, increasing pricing terms, terminating or seeking to terminate our contractual relationship altogether, or altering how we are able to process data on AWS in a way that is unfavorable or costly to us. Although we expect that we could obtain similar services from other third parties, if our arrangement with AWS were terminated, we could experience interruptions on our platform and in our ability to make our content available to customers, as well as delays and additional expenses in arranging for alternative cloud infrastructure services. Such a transition may require technical changes to our platform, including, but not limited to, our cloud service infrastructure which was designed to run on AWS. Making such changes could be costly in terms of time and financial resources.

Any of these factors could reduce our revenue, subject us to liability, and cause our customers to decline to renew their subscriptions, any of which would harm our business and operating results.

We may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements.

Our future growth is dependent upon our ability to continue to meet the needs of new customers and the expanding needs of our existing customers as their use of our solutions grows. As our customers gain more experience with our platform, the number of endpoints and events, the amount of data transferred, processed and stored by us, and the number of locations where our platform is being accessed, have in the past, and may in the future, expand rapidly. In order to meet the performance and other requirements of our customers, we intend to continue to make significant investments to increase capacity and to develop and implement new technologies in our service and cloud infrastructure operations. These technologies, which include databases, applications and server optimizations, network and hosting strategies and automation, are often advanced, complex, new and untested. We may not be successful in developing or implementing these technologies. In addition, it takes a significant amount of time to plan, develop and test improvements to our technologies and infrastructure, and we may not be able to accurately forecast demand or predict the results we will realize from such improvements. To the extent that we do not effectively scale our operations to meet the needs of our growing customer base and to maintain performance as our customers expand their use of our solution, we will not be able to grow as quickly as we anticipate, our customers may reduce or cancel use of our solutions and we will be unable to compete as effectively and our business and operating results will be adversely impacted.

If we do not accurately anticipate and promptly respond to changes in our customers’ technologies, business plans or security needs, our competitive position and prospects will be adversely impacted.

The cybersecurity market has grown quickly and is expected to continue to evolve rapidly. Moreover, many of our customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network-connected endpoints and adapt to increasingly complex IT environments, incorporating a variety of hardware, software applications, operating systems and networking protocols. As their technologies and business plans grow more complex, we expect these customers to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our platform effectively identifies and responds to these advanced and evolving attacks. As a result of the continued rapid innovations in the technology industry, including the rapid growth of smartphones, tablets and other devices, enterprise employees using personal devices for work, and the rapidly evolving Internet of Things, we expect the networks of our customers to continue to change rapidly and become more complex. There can be no assurance that we will be successful in developing and marketing, on a timely basis, enhancements to our platform that adequately address the changing needs of our customers. In addition, any enhancements to our platform could involve research and development processes that are more complex, expensive and time-consuming than we anticipate. We may experience unanticipated delays in the availability of enhancements to our platform and may fail to meet customer expectations with respect to the timing of such availability. If we do not quickly respond to the rapidly changing and rigorous needs of our customers by developing and releasing updates to our platform on a timely basis that can adequately respond to advanced threats and our customers’ evolving needs, our business, operating results and financial condition will be adversely affected.

If we are not able to maintain and enhance our brand and reputation, our business and operating results may be adversely affected.

We believe that maintaining and enhancing our brand and our reputation as a leading provider of endpoint security solutions is critical to our relationship with our existing customers, channel partners and alliance partners and our ability to attract new customers and partners. The successful promotion of our brand will depend on a number of factors, including our marketing efforts, our ability to continue to develop additional features for our platform, our ability to successfully differentiate our platform from competitive cloud-based or legacy security solutions and, ultimately, our ability to detect and stop breaches. Although we believe it is important for our growth, our brand promotion activities may not be successful or yield increased revenue.

In addition, independent industry or financial analysts and research firms often test our solutions and provide reviews of our platform, as well as the products of our competitors, and perception of our platform in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive as

compared to those of our competitors’ products, our brand may be adversely affected. Our solutions may fail to detect or prevent threats in any particular test for a number of reasons that may or may not be related to the efficacy of our solutions in real world environments. To the extent potential customers, industry analysts or testing firms believe that the occurrence of a failure to detect or prevent any particular threat is a flaw or indicates that our solutions or services do not provide significant value, we may lose customers, and our reputation, financial condition and business would be harmed. Additionally, the performance of our channel partners and alliance partners may affect our brand and reputation if customers do not have a positive experience with these partners. In addition, we have in the past worked, and continue to work, with high profile customers as well as assist in analyzing and remediating high profile cyberattacks. Our work with such customers has exposed us to publicity and media coverage. Negative publicity about us, including about our management, the efficacy and reliability of our platform, our products offerings, our professional services and the customers we work with, even if inaccurate, could adversely affect our reputation and brand.

If we are unable to maintain successful relationships with our channel partners and alliance partners, or if our channel partners or alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, operating results, and financial condition will be harmed.

Substantially all of our sales are fulfilled through our channel partners, including resellers, distributors, MSPs, MSSPs, MDRs, OEMs, and IR firms, and we expect that we will continue to generate a significant portion of our revenue from our channel partners for the foreseeable future. Additionally, we have entered, and intend to continue to enter, into alliance partnerships with third parties to support our future growth plans. The loss of a substantial number of our channel partners or alliance partners, or the failure to recruit additional partners, would adversely affect our business, operating results and financial condition.

To the extent our partners are unsuccessful in selling our platform, or if we are unable to enter into arrangements with and retain a sufficient number of high-quality partners in each of the regions in which we sell our platform, we are unable to keep them motivated to sell our platform, or our partners shift focus to other vendors and/or our competitors, our ability to sell our platform and operating results will be harmed. The termination of our relationship with any significant partner may adversely impact our sales and operating results. Our ability to achieve revenue growth in the future will depend in part on our ability to maintain successful relationships with our channel partners and in training our channel partners to independently sell and deploy our platform.

We are also exposed to credit and liquidity risks and our operating results will be harmed if our partners were to become unable or unwilling to pay us, terminated their relationships with us or went out of business. Although we have programs in place that are designed to monitor and mitigate such risks, we cannot guarantee these programs will be effective in reducing our risks. If we are unable to adequately control these risks, our business, operating results, and financial condition would be harmed. If partners fail to pay us under the terms of our agreements or we are otherwise unable to collect on our accounts receivable from these partners, we may be adversely affected both from the inability to collect amounts due and the cost of enforcing the terms of our contracts, including litigation. Our partners may seek bankruptcy protection or other similar relief and fail to pay amounts due to us, or pay those amounts more slowly, either of which would adversely affect our business, operating results and financial condition. We may be further impacted by consolidation of our existing channel partners. In such instances, we may experience changes to our overall business and operational relationships due to dealing with a larger combined entity, and our ability to maintain such relationships on favorable contractual terms may be more limited. We may also become increasingly dependent on a more limited number of channel partners, as consolidation increases the relative proportion of our business for which each channel partner is responsible, which may magnify the risks described in the preceding paragraphs.

Our business depends, in part, on sales to government organizations, and significant changes in the contracting or fiscal policies of such government organizations could have an adverse effect on our business and operating results.

Our future growth depends, in part, on increasing sales to government organizations. Demand from government organizations is often unpredictable, subject to budgetary uncertainty and typically involves long sales cycles. We have made significant investments to address the government sector, but we cannot assure you that these

investments will be successful, or that we will be able to maintain or grow our revenue from the government sector. Although we anticipate that they may increase in the future, sales to governmental organizations have not accounted for, and may never account for, a significant portion of our revenue. Sales to governmental organizations are subject to a number of challenges and risks that may adversely impact our business. Sales to such government entities include the following risks:

•selling to governmental agencies can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale;

•government certification requirements applicable to our platform may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the revised certification. For example, although we are currently certified under the Federal Risk and Authorization Management Program, or FedRAMP, such certification is costly to maintain and if we lost our certification in the future it would restrict our ability to sell to government customers;

•government demand and payment for our platform may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our platform;

•governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our platform, which would adversely impact our revenue and operating results, or institute fines or civil or criminal liability if the audit were to uncover improper or illegal activities; and

•governments may require certain products to be manufactured, produced, hosted or accessed solely in their country or in other relatively high-cost locations, and we may not produce or host all products in locations that meet these requirements, affecting our ability to sell these products to governmental agencies.

The occurrence of any of the foregoing could cause governmental organizations to delay or refrain from purchasing our solutions in the future or otherwise have an adverse effect on our business, operating results and financial condition.

Our long-term success depends, in part, on our ability to expand the sale of our platform to customers located outside of the United States and our current, and any further, expansion of our international operations exposes us to risks that could have a material adverse effect on our business, operating results, and financial condition.

We are generating a growing portion of our revenue outside of the United States, and conduct our business activities in various foreign countries, including some emerging markets where we have limited experience, where the challenges of conducting our business can be significantly different from those we have faced in more developed markets and where business practices may create internal control risks. There are certain risks inherent in conducting international business, including:

•fluctuations in foreign currency exchange rates, which could add volatility to our operating results;

•new, or changes in, regulatory requirements;

•uncertainty regarding regulation, currency, tax, and operations resulting from the United Kingdom’s, or the U.K. exit from the European Union, or the E.U., and possible disruptions in trade, the sale of our services and commerce, and movement of our people between the U.K., E.U., and other locations;

•tariffs, export and import restrictions, restrictions on foreign investments, sanctions, and other trade barriers or protection measures;

•we consider ourselves to be a processor under the GDPR/U.K. GDPR in some instances and a controller of personal data in other circumstances. For example, by expanding into the E.U. and U.K., we may also trigger Article 3(2) of the GDPR/U.K. GDPR as we may be considered to be monitoring data subjects. Additionally, where processing personal data on behalf of our E.U./U.K. customers or processing personal

data of E.U./U.K. end users, we may be required to sign data processing agreements which comply with Article 28 of the GDPR/U.K. GDPR. Likewise, to the extent any of our E.U./U.K. entities directly contract with E.U./U.K. customers for the provision of services, we will be directly subject to the GDPR/U.K. GDPR as a processor when processing this personal data;

•costs of localizing products and services;

•lack of acceptance of localized products and services;

•the need to make significant investments in people, solutions and infrastructure, typically well in advance of revenue generation;

•challenges inherent in efficiently managing an increased number of employees over large geographic distances, including the need to implement appropriate systems, policies, benefits and compliance programs;

•difficulties in maintaining our corporate culture with a dispersed and distant workforce;

•treatment of revenue from international sources, evolving domestic and international tax environments, and other potential tax issues, including with respect to our corporate operating structure and intercompany arrangements;

•different or weaker protection of our intellectual property, including increased risk of theft of our proprietary technology and other intellectual property;

•economic weakness or currency-related crises;

•compliance with multiple, conflicting, ambiguous or evolving governmental laws and regulations, including employment, tax, privacy, anti-corruption, import/export, antitrust, data transfer, storage and protection, and industry-specific laws and regulations, including rules related to compliance by our third-party resellers and our ability to identify and respond timely to compliance issues when they occur, and regulations applicable to us and our third-party data providers from whom we purchase and resell syndicated data;

•vetting and monitoring our third-party resellers in new and evolving markets to confirm they maintain standards consistent with our brand and reputation;

•generally longer payment cycles and greater difficulty in collecting accounts receivable;

•our ability to adapt to sales practices and customer requirements in different cultures;

•the lack of reference customers and other marketing assets in regional markets that are new or developing for us, as well as other adaptations in our market generation efforts that we may be slow to identify and implement;

•dependence on certain third parties, including resellers with whom we do not have extensive experience;

•natural disasters, acts of war, terrorism, or pandemics, including the ongoing COVID-19 pandemic;

•corporate espionage; and

•political instability and security risks in the countries where we are doing business and changes in the public perception of governments in the countries where we operate or plan to operate.

We have undertaken, and might undertake, additional corporate operating restructurings that involve our group of foreign country subsidiaries through which we do business abroad. We consider various factors in evaluating these restructurings, including the alignment of our corporate legal entity structure with our organizational structure and its objectives, the operational and tax efficiency of our group structure, and the long-term cash flows and cash

needs of our business. Such restructurings increase our operating costs, and if ineffectual, could increase our income tax liabilities and our global effective tax rate.

Tax laws are dynamic and subject to change as new laws are passed and new interpretations of the law are issued or applied. The U.S. enacted significant tax reform in December 2017, and we are continuing to evaluate its impact as new guidance and regulations are published. In addition, the Organization for Economic Co-operation and Development, or OECD, issued final action items or proposals related to its initiative to combat base erosion and profit shifting, or BEPS. The OECD urged its members to adopt the proposals to counteract the effects of taxpayers’ use of tax havens and preferential tax regimes globally. One BEPS proposal redefines a “permanent establishment” under treaty tax law, and changes how profits would be attributed to the permanent establishment. Some countries have incorporated the BEPS proposals into their laws and we expect other countries to follow suit, including the adoption of market-based, income sourcing provisions that assign a greater share of taxable income of a non-resident taxpayer to the country of its customer’s location than do traditional “arm’s length” income sourcing provisions. Some of the BEPS and related proposals, if enacted into law in the United States and in the foreign countries where we do business, could increase the burden and costs of our tax compliance. Moreover, such changes could increase the amount of taxes we incur in those jurisdictions, and in turn, increase our global effective tax rate.

We have experienced rapid growth in recent periods, and if we do not effectively manage our future growth, our business, operating results, and financial condition may be adversely affected.

We have experienced rapid revenue growth in recent periods, and we expect to continue to invest broadly across our organization to support our growth. For example, our headcount grew from over 450 employees as of February 1, 2020, to over 700 employees as of January 31, 2021. Although we have experienced rapid growth historically, we may not sustain our current growth rates, nor can we assure you that our investments to support our growth will be successful. The growth and expansion of our business will require us to invest significant financial and operational resources and the continuous dedication of our management team.

In addition, as we have grown, our number of customers has also increased significantly, and we have increasingly managed more complex deployments of our platform in more complex computing environments. The rapid growth and expansion of our business places a significant strain on our management, operational, and financial resources. To manage any future growth effectively, we must continue to improve and expand our information technology and financial infrastructure, our operating and administrative systems and controls, and our ability to manage headcount, capital, and processes in an efficient manner. Effectively managing our growth may also be more difficult to accomplish the longer that our employees must work remotely due to the COVID-19 pandemic.

We may not be able to successfully implement or scale improvements to our systems, processes, and controls in an efficient or timely manner. In addition, our existing systems, processes, and controls may not prevent or detect all errors, omissions, or fraud. We may also experience difficulties in managing improvements to our systems, processes, and controls or in connection with third-party software licensed to help us with such improvements. Any future growth will continue to add complexity to our organization and require effective coordination throughout our organization. Failure to manage any future growth effectively could result in increased costs, cause difficulty or delays in deploying new customers, reduce demand for our platform, cause difficulties in introducing new features or other operational difficulties, and any of these difficulties would adversely impact our business, operating results and financial condition.

Our sales cycles can be long and unpredictable, and our sales efforts require considerable time and expense.

Our revenue recognition is difficult to predict because of the length and unpredictability of the sales cycle for our platform, particularly with respect to large organizations and government entities. Customers often view the subscription to our platform as a significant strategic decision and, as a result, frequently require considerable time to evaluate, test and qualify our platform prior to entering into or expanding a relationship with us. Large enterprises and government entities in particular often undertake a significant evaluation process that further lengthens our sales cycle.

Our direct sales team develops relationships with our customers, and works with our channel partners on account penetration, account coordination, sales and overall market development. We spend substantial time and

resources on our sales efforts without any assurance that our efforts will produce a sale. Security solution purchases are frequently subject to budget constraints, multiple approvals and unanticipated administrative, processing and other delays. As a result, it is difficult to predict whether and when a sale will be completed. The failure of our efforts to secure sales after investing resources in a lengthy sales process would adversely affect our business, operating results and financial condition.

The sales prices of our platform may decrease, or the mix of our sales may change, which may reduce our gross profits and adversely impact our financial results.

We have limited experience with respect to determining the optimal prices for our platform. As the market for endpoint security matures, or as new competitors introduce new products or services that are similar to or compete with ours, we may be unable to attract new customers at the same price or based on the same pricing model as we have used historically. Further, competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product and service offerings may reduce the price of products or services that compete with ours or may bundle them with other products and services. This could lead customers to demand greater price concessions or additional functionality at the same price levels. As a result, in the future we may be required to reduce our prices or provide more features without corresponding increases in price, which would adversely affect our business, operating results, and financial condition.

Because we recognize revenue from subscriptions to our platform over the term of the subscription, downturns or upturns in new business will not be immediately reflected in our operating results.

We generally recognize revenue from customers ratably over the term of their subscription, which is generally one to three years. As a result, a substantial portion of the revenue we report in each period is attributable to the recognition of deferred revenue relating to agreements that we entered into during previous periods. Consequently, any increase or decrease in new sales or renewals in any one period will not be immediately reflected in our revenue for that period. Any such change, however, would affect our revenue in future periods. Accordingly, the effect of downturns or upturns in new sales and potential changes in our rate of renewals will not be fully reflected in our operating results until future periods. We may also be unable to timely reduce our cost structure in line with a significant deterioration in sales or renewals that would adversely affect our business, operating results and financial condition.

Adverse economic conditions or reduced information technology spending could adversely affect our business, operating results and financial condition.

Our business depends on the overall demand for information technology and on the economic health of our current and prospective customers. In addition, the purchase of our platform is often discretionary and may involve a significant commitment of capital and other resources. Weak global and regional economic conditions and spending environments, geopolitical instability and uncertainty, weak economic conditions in certain regions or a reduction in information technology spending regardless of macro-economic conditions, including the effects of the COVID-19 pandemic on the foregoing issues, could have adverse impacts on our business, operating results, and financial condition, including longer sales cycles, lower prices for our platform, higher default rates among our channel partners, reduced sales and slower or declining growth.

The COVID-19 pandemic could adversely affect our business, operating results, and financial condition.

We have experienced, and may continue to experience, a modest adverse impact on certain parts of our business following the implementation of shelter-in-place orders to mitigate the outbreak of COVID-19, including a lengthening of the sales cycle for some prospective customers and delays in the delivery of professional services and trainings to our customers.

We do not yet know the full extent of potential impacts on our business, operations or on the global economy as a whole, particularly if the COVID-19 pandemic continues and persists for an extended period of time. Potential impacts include:

•our customer prospects and our existing customers may experience slowdowns in their businesses, which in turn may result in reduced demand for our platform, lengthening of sales cycles, loss of customers, and difficulties in collections;

•substantially all of our employees are working from home and will likely continue to do so for the foreseeable future, which may result in decreased employee productivity and morale with increased unwanted employee attrition;

•we continue to incur fixed costs, particularly for real estate, and are deriving reduced or no benefit from those costs;

•we may continue to experience disruptions to our growth planning, such as for facilities and international expansion;

•we anticipate incurring costs in returning to work from our facilities around the world, including changes to the workplace, such as space planning, food service, and amenities;

•we may be subject to legal liability for safe workplace claims;

•our critical vendors could go out of business;

•substantially all of our in-person marketing events, including conferences, have been canceled and we may continue to experience prolonged delays in our ability to reschedule or conduct in-person events and other related activities; and

•our marketing, sales, and support organizations are accustomed to extensive face-to-face customer and partner interactions, and our ability to conduct business is largely unproven.

Any of the foregoing could adversely affect our business, financial condition, and operating results.

Moreover, due to the increasingly distributed nature of many workplaces as a result of shelter-in-place mandates, the demand for cybersecurity solutions like ours has increased during the COVID-19 pandemic. As a result, our business has experienced, and may continue to experience, a positive impact as a result of the COVID-19 pandemic. Moreover, we have seen slower growth in certain operating expenses due to reduced business travel, deferred hiring for some positions, and the virtualization or cancellation of customer and employee events. However, as a vaccine becomes widely available and people begin to return to offices and other workplaces, any positive impacts of the COVID-19 pandemic on our business may slow or decline once the impact of the pandemic tapers.

We provide service level commitments under some of our customer contracts. If we fail to meet these contractual commitments, we could be obligated to provide credits for future service and our business would suffer.

Certain of our customer agreements contain service level commitments, which contain specifications regarding the availability and performance of our platform. Any failure of or disruption to our infrastructure could impact the performance of our platform and the availability of services to customers. If we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our platform, we may be contractually obligated to provide affected customers with service credits for future subscriptions and, in certain cases, refunds. To date, there has not been a material failure to meet our service level commitments, and we do not currently have any material liabilities accrued on our consolidated balance sheet for such commitments. Our business, operating results and financial condition would be adversely affected if we suffer performance issues or downtime that exceeds the service level commitments under our agreements with our customers.

Our business is subject to the risks of warranty claims, product returns and product defects from real or perceived defects in our solutions or their misuse by our customers or third parties and indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement and other losses.

We may be subject to liability claims for damages related to errors or defects in our solution. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of our platform will harm our business and operating results. Although we generally have limitation of liability provisions in our terms and conditions of sale, they may not fully or effectively protect us from claims as a result of federal, state or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. The sale and support of our platform also entails the risk of product liability claims.

Additionally, our agreements with customers and other third parties typically include indemnification or other provisions under which we agree to indemnify or otherwise be liable to them for losses suffered or incurred as a result of claims regarding intellectual property infringement, breach of agreement, including confidentiality, privacy and security obligations, violation of applicable laws, damages caused by failures of our solutions or to property or persons, or other liabilities relating to or arising from our platform, or other acts or omissions. These contractual provisions often survive termination or expiration of the applicable agreement. We have not to date received any indemnification claims from third parties. However, as we continue to grow, the possibility of these claims against us will increase.

If our customers or other third parties we do business with make intellectual property rights or other indemnification claims against us, we will incur significant legal expenses and may have to pay damages, license fees and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology. Such license may not be available on reasonable terms, if at all, and may significantly increase our operating expenses or may require us to restrict our business activities and limit our ability to deliver certain solutions or features. We may also be required to develop alternative non-infringing technology, which could require significant effort and expense and/or cause us to alter our platform, which could harm our business. Large indemnity obligations, whether for intellectual property or other claims, would harm our business, operating results and financial condition.

Additionally, our platform may be used by our customers and other third parties who obtain access to our solutions for purposes other than for which our platform was intended. For example, our platform might be misused by a customer to monitor its employee’s activities in a manner that violates the employee’s privacy rights under applicable law.

During the course of performing certain solution-related services and our professional services, our teams may have significant access to our customers’ networks. An employee may take advantage of such access to conduct malicious activities. Any such misuse of our platform could result in negative press coverage and negatively affect our reputation, which could result in harm to our business, reputation and operating results.

We maintain insurance to protect against certain claims associated with the use of our platform, but our insurance coverage may not adequately cover any claim asserted against us. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation, divert management’s time and other resources, and harm our business and reputation. We have offered our customers a limited warranty, subject to certain conditions, and our potential liability under this warranty is provided by our insurance carrier to us. For example, we have provided ransom warranty coverage for customers who subscribe to our malware protection solutions that are affected by certain breaches (as specified in our warranty agreement). The ransom warranty coverage has provided that we will pay $1,000 per endpoint affected by a breach, and further capped at $1 million for every consecutive 12 months in which the customer subscribes to the solutions with respect to the affected endpoint. Any failure or refusal of our insurance providers to provide the expected insurance benefits to us after we have paid the warranty claims would cause us to incur significant expense or cause us to cease offering this warranty which could damage our reputation, cause us to lose customers, expose us to liability claims by our customers, negatively impact our sales and marketing efforts, and have an adverse effect on our business, financial condition and operating results.

We may be adversely affected by natural disasters, pandemics and other catastrophic events, and by man-made problems such as terrorism, that could disrupt our business operations, and our business continuity and disaster recovery plans may not adequately protect us from a serious disaster.

Natural disasters or other catastrophic events may cause damage or disruption to our operations, international commerce, and the global economy, and could have an adverse effect on our business, operating results, and financial condition. Our business operations are also subject to interruption by fire, power shortages, and other events beyond our control. In addition, our global operations expose us to risks associated with public health crises, such as pandemics and epidemics, which could harm our business and cause our operating results to suffer. For example, the ongoing effects of the COVID-19 pandemic and the measures that we, our customers and governmental authorities have adopted have resulted in, and could continue to result in, customers not purchasing or renewing our products or services, significant delays or lengthening of our sales cycles, and reductions in average transaction sizes, and could negatively affect our customer success and sales and marketing efforts, result in difficulties or changes to our customer support, or create operational or other challenges, any of which would harm our business and operating results. In addition, our growth rate may actually slow or decline once the impact of the COVID-19 pandemic tapers, particularly as a vaccine becomes widely available and people begin to return to offices and other workplaces. Further, acts of terrorism and other geopolitical unrest could cause disruptions in our business or the businesses of our partners or the economy as a whole. In the event of a natural disaster, including a major earthquake, blizzard, or hurricane, or a catastrophic event such as a fire, power loss, or telecommunications failure, we may be unable to continue our operations and may endure system interruptions, reputational harm, delays in development of our platform, lengthy interruptions in service, breaches of data security, and loss of critical data, all of which could have an adverse effect on our future operating results. For example, our corporate offices are located in California, a state that frequently experiences earthquakes and wildfires. Additionally, all the aforementioned risks will be further increased if we do not implement an effective disaster recovery plan or our partners’ disaster recovery plans prove to be inadequate.

Risks Related to our People

We rely on our management team and other key employees and will need additional personnel to grow our business, and the loss of one or more key employees or our inability to hire, integrate, train and retain qualified personnel, including members of our board of directors, could harm our business.

Our future success is dependent, in part, on our ability to hire, integrate, train, retain and motivate the members of our management team and other key employees throughout our organization. The loss of key personnel, including key members of our management team or members of our board of directors, as well as certain of our key marketing, sales, finance, support, product development, human resources, or technology personnel, could disrupt our operations and have an adverse effect on our ability to grow our business. In particular, we are highly dependent on the services of Tomer Weingarten, our co-founder, Chairman of the Board of Directors, President, and Chief Executive Officer, who is critical to the development of our technology, platform, future vision and strategic direction.

Competition for highly skilled personnel is intense, especially in the San Francisco Bay Area and in Israel, where we have a substantial presence and need for highly skilled personnel, and we may not be successful in hiring or retaining qualified personnel to fulfill our current or future needs. We have, from time to time, experienced, and we expect to continue to experience, difficulty in hiring and retaining highly skilled employees with appropriate qualifications. For example, in recent years, recruiting, hiring and retaining employees with expertise in the cybersecurity industry has become increasingly difficult as the demand for cybersecurity professionals has increased as a result of the recent cybersecurity attacks on global corporations and governments. Many of the companies with which we compete for experienced personnel have greater resources than we have. Our competitors also may be successful in recruiting and hiring members of our management team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. We have in the past, and may in the future, be subject to allegations that employees we hire have been improperly solicited, or that they have divulged proprietary or other confidential information or that their former employers own such employees’ inventions or other work product, or that they have been hired in violation of non-compete provisions or non-solicitation provisions.

In addition, job candidates and existing employees often consider the value of the equity awards they receive in connection with their employment. If the perceived value of our equity or equity awards declines, it may adversely affect our ability to retain highly skilled employees. If we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects would be severely harmed. Further, our competitors may be successful in recruiting and hiring members of our management team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. If we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects would be severely harmed.

If we do not effectively hire, integrate and train additional sales personnel, and expand our sales and marketing capabilities, we may be unable to increase our customer base and increase sales to our existing customers.

Our ability to increase our customer base and achieve broader market adoption of our platform will depend to a significant extent on our ability to continue to expand our sales and marketing operations. We plan to dedicate significant resources to sales and marketing programs and to expand our sales and marketing capabilities to target additional potential customers, but there is no guarantee that we will be successful in attracting and maintaining additional customers. If we are unable to find efficient ways to deploy our sales and marketing investments or if our sales and marketing programs are not effective, our business and operating results would be adversely affected.

Furthermore, we plan to continue expanding our sales force and there is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve revenue growth will depend, in part, on our success in hiring, integrating, training and retaining sufficient numbers of sales personnel to support our growth, particularly in international markets. New hires require significant training and may take significant time before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. If we are unable to hire and train a sufficient number of effective sales personnel, or the sales personnel we hire are not successful in obtaining new customers or increasing sales to our existing customer base, our business, operating results and financial condition will be adversely affected.

Any inability to maintain a high-quality customer support organization could lead to a lack of customer satisfaction, which could hurt our customer relationships and have a material adverse effect on our business, financial condition and operating results.

Once our platform is deployed within our customers’ computing environments, our customers rely on our technical support services to assist with service customization and optimization and to resolve certain issues relating to the implementation and maintenance of our platform. If we do not effectively assist our customers in deploying our platform, succeed in helping our customers quickly resolve technical issues, or provide effective ongoing support, our ability to sell additional products and services as part of our platform to existing customers would be adversely affected and our reputation with potential customers could be damaged.

In addition, our sales process is highly dependent on our product and business reputation and on positive recommendations from our existing customers. Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality support, could adversely affect our reputation, our ability to sell our services to existing and prospective customers, and our business, operating results and financial condition.

We believe that our corporate culture has contributed to our success, and if we cannot maintain this culture as we grow, we could lose the innovation, creativity, and teamwork fostered by our culture, and our business may be harmed.

We believe that our corporate culture has been a key contributor to our success. If we do not continue to develop our corporate culture as we grow and evolve, it could harm our ability to foster the innovation, creativity, and teamwork that we believe is important to support our growth. As our organization grows and we are required to implement more complex organizational structures, we may find it increasingly difficult to maintain the beneficial aspects of our corporate culture, which could negatively impact our future success.

Risks Related to Our Intellectual Property

Our proprietary rights may be difficult to enforce, which could enable others to copy or use aspects of our platform without compensating us.

We rely primarily on patent, trademark, copyright and trade secrets laws, and confidentiality procedures and contractual provisions to protect our technology. Valid patents may not issue from our pending applications, and the claims eventually allowed on any patents may not be sufficiently broad to protect our technology or platform. Any issued patents may be challenged, invalidated or circumvented, and any rights granted under these patents may not actually provide adequate defensive protection or competitive advantages to us. Patent applications in the United States are typically not published until at least 18 months after filing, or, in some cases, not at all, and publications of discoveries in industry-related literature lag behind actual discoveries. We cannot be certain that we were the first to make the inventions claimed in our pending patent applications or that we were the first to file for patent protection. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. In addition, recent changes to the patent laws in the United States may bring into question the validity of certain software patents and may make it more difficult and costly to prosecute patent applications. Such changes may lead to uncertainties or increased costs and risks surrounding the prosecution, validity, ownership, enforcement, and defense of our issued patents and patent applications and other intellectual property, the outcome of third-party claims of infringement, misappropriation, or other violation of intellectual property brought against us and the actual or enhanced damages (including treble damages) that may be awarded in connection with any such current or future claims, and could have a material adverse effect on our business, operating results, and financial condition.

Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our platform or obtain and use information that we regard as proprietary. We generally enter into confidentiality or license agreements with our employees, consultants, vendors and customers, and generally limit access to and distribution of our proprietary information. However, such agreements may not be enforceable in full or in part in all jurisdictions and any breach could have a negative effect on our business and our remedy for such breach may be limited. The contractual provisions that we enter into may not prevent unauthorized use or disclosure of our proprietary technology or intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or intellectual property rights. As such, we cannot guarantee that the steps taken by us will prevent misappropriation of our technology. Policing unauthorized use of our technology or platform is difficult. In addition, the laws of some foreign countries do not protect our proprietary rights to as great an extent as the laws of the United States, and many foreign countries do not enforce these laws as diligently as government agencies and private parties in the United States. For example, many foreign countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. Effective trade secret protection may also not be available in every country in which our products are available or where we have employees or independent contractors. The loss of trade secret protection could make it easier for third parties to compete with our products by copying functionality. In addition, any changes in, or unexpected interpretations of, the trade secret and employment laws in any country in which we operate may compromise our ability to enforce our trade secret and intellectual property rights. From time to time, legal action by us may be necessary to enforce our patents and other IP rights, to protect our trade secrets, to determine the validity and scope of the proprietary rights of others or to defend against claims of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, operating results and financial condition. If we are unable to protect our proprietary rights (including aspects of our software and platform protected other than by patent rights), we will find ourselves at a competitive disadvantage to others who need not incur the additional expense, time and effort required to create our platform and other innovative products that have enabled us to be successful to date. Moreover, we may need to expend additional resources to defend our intellectual property rights in foreign countries, and our inability to do so could impair our business or adversely affect our international expansion.

Third parties may claim that our platform infringes their intellectual property rights and this may create liability for us or otherwise adversely affect our business, operating results and financial condition.

Third parties may claim that our current or future products and services infringe their intellectual property rights, and such claims may result in legal claims against our channel partners, our alliance partners, our customers and us. These claims may damage our brand and reputation, harm our customer relationships, and create liability for us. We expect the number of such claims to increase as the number of products and services and the level of competition in our market grows, as the functionality of our platform overlaps with that of other products and services, and as the volume of issued software patents and patent applications continues to increase. We generally agree in our customer contracts to indemnify customers for expenses or liabilities they incur as a result of third-party intellectual property infringement claims associated with our platform. To the extent that any claim arises as a result of third-party technology we have licensed for use in our platform, we may be unable to recover from the appropriate third party any expenses or other liabilities that we incur.

Companies in the software and technology industries, including some of our current and potential competitors, own large numbers of patents, copyrights, trademarks, and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, many of these companies have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. Furthermore, patent holding companies, non-practicing entities, and other adverse patent owners that are not deterred by our existing intellectual property protections may seek to assert patent claims against us. From time to time, third parties, including certain of these leading companies, have invited us to license their patents and may, in the future, assert patent, copyright, trademark, or other intellectual property rights against us, our channel partners, our alliance partners, or our customers. We have received, and may in the future receive, notices that claim we have misappropriated, misused, or infringed other parties’ intellectual property rights, and, to the extent we gain greater market visibility, we face a higher risk of being the subject of intellectual property infringement claims, which is not uncommon with respect to the enterprise software market.

There may be third-party intellectual property rights, including issued or pending patents, that cover significant aspects of our technologies or business methods. We may also face exposure to third-party intellectual property infringement, misappropriation, or violation actions if we engage software engineers or other personnel who were previously engaged by competitors or other third parties and those personnel inadvertently or deliberately incorporate proprietary technology of third parties into our products. In addition, we may lose valuable intellectual property rights or personnel. A loss of key personnel or their work product could hamper or prevent our ability to develop, market, and support potential products or enhancements, which could severely harm our business. Any intellectual property claims, with or without merit, could be very time-consuming, could be expensive to settle or litigate, and could divert our management’s attention and other resources. These claims could also subject us to significant liability for damages, potentially including treble damages if we are found to have willfully infringed patents or copyrights, and may require us to indemnify our customers for liabilities they incur as a result of such claims. These claims could also result in our having to stop using technology found to be in violation of a third party’s rights. We might be required to seek a license for the intellectual property, which may not be available on reasonable terms or at all. Even if a license were available, we could be required to pay significant royalties, which would increase our operating expenses. Alternatively, we could be required to develop alternative non-infringing technology, which could require significant time, effort, and expense, and may affect the performance or features of our platform. If we cannot license or develop alternative non-infringing substitutes for any infringing technology used in any aspect of our business, we would be forced to limit or stop sales of our platform and may be unable to compete effectively. Any of these results would adversely affect our business, operating results and financial condition.

We license technology from third parties, and our inability to maintain those licenses could harm our business.

We currently incorporate, and will in the future incorporate, technology that we license from third parties, including software, into our solutions. Licensing technologies from third parties exposes us to increased risk of being the subject of intellectual property infringement due to, among other things, our lower level of visibility into the development process with respect to such technology and the care taken to safeguard against infringement risks. We cannot be certain that our licensors do not or will not infringe on the intellectual property rights of third parties

or that our licensors have or will have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our platform. Some of our agreements with our licensors may be terminated by them for convenience, or otherwise provide for a limited term. If we are unable to continue to license technology because of intellectual property infringement claims brought by third parties against our licensors or against us, or if we are unable to continue our license agreements or enter into new licenses on commercially reasonable terms, our ability to develop and sell solutions and services containing or dependent on that technology would be limited, and our business could be harmed. Additionally, if we are unable to license technology from third parties, we may be forced to acquire or develop alternative technology, which we may be unable to do in a commercially feasible manner, or at all, and may require us to use alternative technology of lower quality or performance standards. This could limit or delay our ability to offer new or competitive solutions and increase our costs. As a result, our business, operating results and financial condition would be adversely affected.

Some of our technology incorporates “open source” software, which could negatively affect our ability to sell our platform and subject us to possible litigation.

Our platform contains third-party open source software components, and failure to comply with the terms of the underlying open source software licenses could restrict our ability to sell our products and subscriptions. The use and distribution of open source software may entail greater risks than the use of third-party commercial software, as open source licensors generally do not provide warranties or other contractual protections regarding infringement claims or the quality of the code. Although we monitor our use of open source software in an effort both to comply with the terms of the applicable open source licenses and to avoid subjecting our products to conditions we do not intend, many of the risks associated with use of open source software cannot be eliminated and could negatively affect our business. In addition, the wide availability of source code used in our solutions could expose us to security vulnerabilities.

Some open source licenses contain requirements that we make available source code for modifications or derivative works we create based upon the type of open source software we use. If we combine our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public, including authorizing further modification and redistribution, or otherwise be limited in the licensing of our services, each of which could provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in our solution, require us to re-engineer all or a portion of our platform, and reduce or eliminate the value of our services. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of sales for us.

The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in ways that could impose unanticipated conditions or restrictions on our ability to commercialize products and subscriptions incorporating such software. Moreover, we cannot assure you that our processes for controlling our use of open source software in our products and subscriptions will be effective. From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open source software or derivative works that we developed using such software (which could include our proprietary source code), or otherwise seeking to enforce the terms of the applicable open source license. These claims could result in litigation. Litigation could be costly for us to defend, have a negative effect on our operating results and financial condition, or require us to devote additional research and development resources to change our solution. Responding to any infringement or noncompliance claim by an open source vendor, regardless of its validity, discovering certain open source software code in our platform, or a finding that we have breached the terms of an open source software license, could harm our business, operating results and financial condition, by, among other things:

•resulting in time-consuming and costly litigation;

•diverting management’s time and attention from developing our business;

•requiring us to pay monetary damages or enter into royalty and licensing agreements that we would not normally find acceptable;

•causing delays in the deployment of our platform or service offerings to our customers;

•requiring us to stop offering certain services or features of our platform;

•requiring us to redesign certain components of our platform using alternative non-infringing or non-open source technology, which could require significant effort and expense;

•requiring us to disclose our software source code and the detailed program commands for our software; and

•requiring us to satisfy indemnification obligations to our customers.

Risks Related to Legal and Regulatory Matters

We are subject to laws and regulations, including governmental export and import controls, sanctions and anti-corruption laws, that could impair our ability to compete in our markets and subject us to liability if we are not in full compliance with applicable laws.

We are subject to laws and regulations, including governmental export controls, that could subject us to liability or impair our ability to compete in our markets. Our platform and related technology is subject to U.S. export controls, including the U.S. Department of Commerce’s Export Administration Regulations, and we and our employees, representatives, contractors, agents, intermediaries and other third parties are also subject to various economic and trade sanctions regulations administered by the U.S. Treasury Department’s Office of Foreign Assets Control. We incorporate standard encryption algorithms into our platform, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain cloud-based solutions to countries, governments and persons targeted by U.S. sanctions. We also collect information about cyber threats from open sources, intermediaries and third parties that we make available to our customers in our threat industry publications. While we have implemented certain procedures to facilitate compliance with applicable laws and regulations in connection with the collection of this information, we cannot assure you that these procedures have been effective or that we, or third parties who we do not control, have complied with all laws or regulations in this regard. Failure by our employees, representatives, contractors, channel partners, agents, intermediaries or other third parties to comply with applicable laws and regulations in the collection of this information also could have negative consequences to us, including reputational harm, government investigations and penalties.

Although we take precautions to prevent our information collection practices and services from being provided in violation of such laws, our information collection practices and services may have been in the past, and could in the future be, provided in violation of such laws. If we or our employees, representatives, contractors, channel partners, agents, intermediaries or other third parties fail to comply with these laws and regulations, we could be subject to civil or criminal penalties, including the possible loss of export privileges and fines. We may also be adversely affected through reputational harm, loss of access to certain markets or otherwise. Obtaining the necessary authorizations, including any required license, for a particular transaction may be time-consuming, is not guaranteed and may result in the delay or loss of sales opportunities.

Various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have enacted laws that could limit our ability to distribute our platform or could limit our customers’ ability to implement our platform in those countries. Changes in our platform or changes in export and import regulations may create delays in the introduction of our platform into international markets, prevent our customers with international operations from deploying our platform globally or, in some cases, prevent the export or import of our platform to certain countries, governments or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our platform by, or in our decreased ability to export or sell our platform to, existing or potential customers with international operations. Any decreased use of our platform or limitation on our ability to export or sell our platform would adversely affect our business, operating results and financial condition.

We are also subject to the United States Foreign Corrupt Practices Act of 1977, as amended, or the FCPA, the United Kingdom Bribery Act 2010, or the Bribery Act, and other anti-corruption, sanctions, anti-bribery, anti-money laundering and similar laws in the United States and other countries in which we conduct activities. Anti-corruption and anti-bribery laws, which have been enforced aggressively and are interpreted broadly, prohibit companies and their employees, agents, intermediaries and other third parties from promising, authorizing, making or offering improper payments or other benefits to government officials and others in the private sector. We leverage third parties, including intermediaries, agents and channel partners, to conduct our business in the United States and abroad, to sell subscriptions to our platform and to collect information about cyber threats. We and these third parties may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and we may be held liable for the corrupt or other illegal activities of these third-party business partners and intermediaries, our employees, representatives, contractors, channel partners, agents, intermediaries and other third parties, even if we do not explicitly authorize such activities. While we have policies and procedures to address compliance with FCPA, Bribery Act and other anti-corruption, sanctions, anti-bribery, anti-money laundering and similar laws, we cannot assure you that they will be effective, or that all of our employees, representatives, contractors, channel partners, agents, intermediaries or other third parties have not taken, or will not take actions, in violation of our policies and applicable law, for which we may be ultimately held responsible. As we increase our international sales and business, our risks under these laws may increase. Noncompliance with these laws could subject us to investigations, severe criminal or civil sanctions, settlements, prosecution, loss of export privileges, suspension or debarment from U.S. government contracts, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, whistleblower complaints, adverse media coverage and other consequences. Any investigations, actions or sanctions could harm our reputation, business, operating results and financial condition.

If we fail to adequately protect personal information or other information we process or maintain, our business, financial condition and operating results could be adversely affected.

We receive, store, and process personal information from our employees, customers, and the employees of our customers, our end users. A wide variety of state, national, and international laws, as well as regulations and industry standards apply to the collection, use, retention, protection, disclosure, transfer and other processing of personal information and other information, the scope of which are changing, subject to differing interpretations, and may be inconsistent across countries or conflict with other rules. Additionally, laws, regulations, and standards covering marketing and advertising activities conducted by telephone, email, mobile devices, and the internet, may be applicable to our business, such as the Controlling the Assault of Non-Solicited Pornography And Marketing Act, or CAN-SPAM, and similar state consumer protection laws. Evolving and changing definitions of personal data and personal information within the E.U., the U.S., and elsewhere, may limit or inhibit our ability to operate or expand our business. Data protection and privacy-related laws and regulations are evolving and may result in ever increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions.

With respect to E.U. and U.K. employees, contractors and other personnel, as well as for our customers’ and prospective customers’ personal data, such as contact information, we are subject to the E.U. General Data Protection Regulation, or the GDPR, and the U.K. General Data Protection Regulation and U.K. Data Protection Act 2018, or the U.K. GDPR, respectively. We are a controller with respect to this data.

Additionally, by expanding into the E.U. and U.K., we may also trigger Article 3(2) of the GDPR/U.K. GDPR directly as we may be considered to be monitoring data subjects. To the extent we process personal data on behalf of our customers for the provision of services, we may also be required to enter into data processing agreements which comply with Article 28 of the GDPR/U.K. GDPR.

The GDPR/U.K. GDPR imposes more stringent data protection requirements than previously effective data protection law and, where we are acting as a controller, includes requirements to provide detailed disclosures about how personal data is collected and processed (in a concise, intelligible and easily accessible form); demonstrating that an appropriate legal basis is in place or otherwise exists to justify data processing activities; granting new rights for data subjects in regard to their personal data (including the right to be “forgotten” and the right to data portability), as well as enhancing data subject rights, such as data subject access requests; introducing the obligation to notify data protection regulators or supervisory authorities (and in certain cases, affected individuals) of

significant data breaches; defining for the first time pseudonymized (key-coded) data; imposing limitations on retention of personal data; maintaining a record of data processing; and complying with the principal of accountability and the obligation to demonstrate compliance through policies, procedures, training and audit. Where we act as a processor and process personal data on behalf of our customers, we are required to execute mandatory data processing clauses with those customers. In addition, the GDPR/U.K. GDPR provides for penalties for noncompliance of up to the greater of €20 million or 4% of worldwide annual revenues (in the case of the GDPR) or £17 million and 4% of worldwide annual revenue (in the case of the U.K. GDPR). As we are required to comply with both the GDPR and the U.K. GDPR, we could be subject to parallel enforcement actions with respect to breaches of the GDPR/U.K. GDPR which affect both E.U. and U.K. data subjects.

The GDPR/U.K. GDPR requires, among other things, that personal information only be transferred outside of the European Economic Area, or the EEA, or the U.K. to jurisdictions that have not been deemed adequate by the European Commission, or Third Countries, including the United States, if steps are taken to legitimize those data transfers. Recent legal developments in the E.U. have created complexity and uncertainty regarding such transfers. For example, on July 16, 2020, the European Court of Justice invalidated the E.U.-U.S. Privacy Shield framework, or the Privacy Shield, upon which we relied to provide a mechanism for the transfer of data from E.U. Member States to the United States, on the grounds that the Privacy Shield failed to offer adequate protections to E.U. personal information transferred to the United States. Further, the European Court also advised that Standard Contractual Clauses (a standard form of contract approved by the European Commission as an adequate personal data transfer mechanism and potential alternative to the Privacy Shield) were not alone sufficient to protect data transferred to the United States or other Third Countries. Use of the data transfer mechanisms must now be assessed on a case-by-case basis taking into account the legal regime applicable in the destination country, in particular applicable surveillance laws and rights of individuals, and additional measures and/or contractual provisions may need to be put in place. The European Data Protection Board issued additional guidance regarding the Court of Justice’s decision on November 11, 2020, which imposes higher burdens on the use of data transfer mechanisms, such as the Standard Contractual Clauses, for cross-border data transfers. The CJEU also stated that if a competent supervisory authority believes that the standard contractual clauses cannot be complied with in the destination country and that the required level of protection cannot be secured by other means, such supervisory authority is under an obligation to suspend or prohibit that transfer. We previously relied on our own, as well as our vendors’, Privacy Shield certification for the purposes of transferring personal data from the EEA to the United States in compliance with the GDPR/U.K. GDPR’s data export conditions. These recent developments require us to review and amend the legal mechanisms by which we make or receive personal data transfers to the United States and we may need to implement additional safeguards to further enhance the security of data transferred out of the EEA, which could increase our compliance costs, expose us to further regulatory scrutiny and liability, and adversely affect our business. Further, the European Commission published new versions of the Standard Contractual Clauses for comment. While the comment period ended in December 2020, the European Commission is expected to finalize and implement the new Standard Contractual Clauses in early 2021. In addition, the U.K.’s withdrawal from the E.U. means that the U.K. will become a Third Country for the purposes of data transfers from the E.U. to the U.K. following the expiration of the four to six-month personal data transfer grace period (from January 1, 2021) set out in the E.U. and U.K. Trade and Cooperation Agreement, unless a relevant adequacy decision is adopted in favor of the U.K. (which would allow data transfers without additional measures). The E.U. issued a draft adequacy decision for personal information transfers from the EEA to the U.K. on February 19, 2021. If this adequacy decision is not passed by the E.U., we must implement protection measures such as the Standard Contractual Clauses for data transfers between the E.U. and the U.K. These changes may require us to find alternative solutions for the compliant transfer of personal data into the U.K. As supervisory authorities continue to issue further guidance on personal information (including regarding data export and circumstances in which we cannot use the standard contractual clauses), we could suffer additional costs, complaints, or regulatory investigations or fines, and if we are otherwise unable to transfer personal data between and among countries and regions in which we operate, it could affect the manner in which we provide our services, the geographical location or segregation of our relevant systems and operations, and could adversely affect our financial results. Loss, retention or misuse of certain information and alleged violations of laws and regulations relating to privacy and data security, and any relevant claims, may expose us to potential liability and may require us to expend significant resources on data security and in responding to and defending such allegations and claims.

We are also subject to evolving E.U. and U.K. privacy laws on cookies and e-marketing. In the E.U. and the U.K., regulators are increasingly focusing on compliance with requirements in the online behavioral advertising ecosystem, and current national laws that implement the ePrivacy Directive are highly likely to be replaced by an E.U. regulation known as the ePrivacy Regulation which will significantly increase fines for non-compliance. In the E.U. and the U.K., informed consent is required for the placement of a cookie or similar technologies on a user’s device and for direct electronic marketing. The GDPR also imposes conditions on obtaining valid consent, such as a prohibition on pre-checked consents and a requirement to ensure separate consents are sought for each type of cookie or similar technology. While the text of the ePrivacy Regulation is still under development, a recent European court decision and regulators’ recent guidance are driving increased attention to cookies and tracking technologies. If regulators start to enforce the strict approach in recent guidance, this could lead to substantial costs, require significant systems changes, limit the effectiveness of our marketing activities, divert the attention of our technology personnel, adversely affect our margins, increase costs and subject us to additional liabilities. Regulation of cookies and similar technologies, and any decline of cookies or similar online tracking technologies as a means to identify and potentially target users, may lead to broader restrictions and impairments on our marketing and personalization activities and may negatively impact our efforts to understand users.

Additionally, although not effective until January 1, 2023, the California Privacy Rights Act, or the CPRA, which expands upon the CCPA, was passed in the recent election on November 3, 2020. The CCPA requires (and the CPRA will require) covered companies to, among other things, provide new disclosures to California consumers, and affords such consumers new privacy rights such as the ability to opt-out of certain sales of personal information and expanded rights to access and require deletion of their personal information, opt out of certain personal information sharing, and receive detailed information about how their personal information is collected, used and shared. The CCPA provides for civil penalties for violations, as well as a private right of action for security breaches that may increase security breach litigation. Further, Virginia enacted the Virginia Consumer Data Protection Act, or the VCDPA, another comprehensive state privacy law, that will also be effective January 1, 2023. The CCPA, CPRA, and VCDPA may increase our compliance costs and potential liability, particularly in the event of a data breach, and could have a material adverse effect on our business, including how we use personal information, our financial condition, the results of our operations or prospects. The CCPA has also prompted a number of proposals for new federal and state privacy legislation that, if passed, could increase our potential liability, increase our compliance costs and adversely affect our business. Changing definitions of personal information and information may also limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing of data. Also, some jurisdictions require that certain types of data be retained on servers within these jurisdictions. Our failure to comply with applicable laws, directives, and regulations may result in enforcement action against us, including fines, and damage to our reputation, any of which may have an adverse effect on our business and operating results.

We generally seek to comply with industry standards and are subject to the terms of our privacy policies and privacy-related obligations to third parties. We strive to comply with all applicable laws, policies, legal obligations and industry codes of conduct relating to privacy and data protection to the extent possible. However, it is possible that these obligations may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another and may conflict with other rules or our practices. Any failure or perceived failure by us to comply with applicable privacy and data security laws and regulations, our privacy policies, or our privacy-related obligations to users or other third parties, or any compromise of security that results in the unauthorized release or transfer of personal information or other customer data, may result in governmental enforcement actions, litigation, or public statements against us by consumer advocacy groups or others and could cause our users to lose trust in us, which would have an adverse effect on our reputation and business. For example, in 2017, we reached a consent agreement with the Federal Trade Commission, or the FTC, to resolve an investigation relating to certain disclosures in our privacy policy. The consent agreement requires us, among other things, to provide information about our compliance with the FTC order and about representations made in our marketing materials. We have remedied the matter that led to the FTC order and implemented controls designed to prevent similar issues in the future, and have not received any inquiries from the FTC to date. However, we may be subject to future investigations and legal proceedings by the FTC or other regulators. It is possible that a regulatory inquiry might result in changes to our policies or business practices. Violation of existing or future regulatory orders or consent decrees could subject us to substantial monetary fines and other penalties that could negatively affect our financial condition and operating results. In

addition, it is possible that future orders issued by, or enforcement actions initiated by, regulatory authorities could cause us to incur substantial costs or require us to change our business practices in a manner materially adverse to our business.

Any significant change to applicable laws, regulations or industry practices regarding the use or disclosure of our users’ data, or regarding the manner in which the express or implied consent of users for the use and disclosure of such data is obtained – or in how these applicable laws, regulations or industry practices are interpreted and enforced by state, federal and international privacy regulators – could require us to modify our services and features, possibly in a material manner, may subject us to regulatory enforcement actions and fines, and may limit our ability to develop new services and features that make use of the data that our users voluntarily share with us.

We may become involved in litigation that may adversely affect us.

From time to time, we have been subject to claims, suits and other proceedings. For example, we are currently the subject of litigation with Cylance, Inc. For additional information regarding this litigation, see the section titled “Business—Legal Proceedings.” Regardless of the outcome, legal proceedings can have an adverse impact on us because of legal costs and diversion of management attention and resources, and could cause us to incur significant expenses or liability, adversely affect our brand recognition or require us to change our business practices. The expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our business, operating results and financial condition. It is possible that a resolution of one or more such proceedings could result in substantial damages, settlement costs, fines and penalties that would adversely affect our business, consolidated financial condition, operating results or cash flows in a particular period. These proceedings could also result in reputational harm, sanctions, consent decrees or orders requiring a change in our business practices. Because of the potential risks, expenses and uncertainties of litigation, we may, from time to time, settle disputes, even where we have meritorious claims or defenses, by agreeing to settlement agreements. Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, financial condition, operating results and prospects. Any of these consequences could adversely affect our business, operating results and financial condition.

Risks Related to Financial and Accounting Matters

If we fail to maintain an effective system of internal controls, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.

As a public company, we will be subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act, and the rules and regulations of the applicable listing standards of . We expect that the requirements of these rules and regulations will continue to increase our legal, accounting, and financial compliance costs, make some activities more difficult, time-consuming, and costly, and place significant strain on our personnel, systems, and resources.

The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. We are continuing to develop and refine our disclosure controls, internal control over financial reporting and other procedures that are designed to ensure information required to be disclosed by us in our financial statements and in the reports that we will file with the SEC is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers.

Our current controls and any new controls we develop may become inadequate because of changes in conditions in our business. Further, weaknesses in our internal controls may be discovered in the future. Any failure to develop or maintain effective controls, or any difficulties encountered in their implementation or improvement, could harm our operating results, may result in a restatement of our financial statements for prior periods, cause us to fail to meet our reporting obligations, and could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required to include in the periodic reports we will file with the SEC. However, while we remain an “emerging growth company,” we will not be required to include an attestation

report on internal control over financial reporting issued by our independent registered public accounting firm. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, which would likely have a negative effect on the market price of our common stock. We are not currently required to comply with the SEC rules that implement Sections 302 and 404 of the Sarbanes-Oxley Act, and we are therefore not required to make a formal assessment of the effectiveness of our internal control over financial reporting for that purpose.

Upon becoming a public company, and particularly after we are no longer an “emerging growth company,” significant resources and management oversight will be required. As a result, management’s attention may be diverted from other business concerns, which could harm our business, financial condition and operating results.

We are an “emerging growth company” and the reduced disclosure requirements applicable to emerging growth companies may make our common stock less attractive to investors.

We are an “emerging growth company” as defined in the JOBS Act. For as long as we continue to be an emerging growth company, we may take advantage of exemptions from various reporting requirements that are applicable to other public companies that are not emerging growth companies, including (i) not being required to comply with the auditor attestation requirements of the Sarbanes-Oxley Act, (ii) reduced disclosure obligations regarding executive compensation in this prospectus and our periodic reports and proxy statements and (iii) exemptions from the requirements of holding nonbinding advisory stockholder votes on executive compensation and stockholder approval of any golden parachute payments not approved previously. In addition, as an emerging growth company, we are only required to provide two years of audited financial statements and two years of selected financial data in this prospectus.

We could be an emerging growth company for up to five fiscal years following the completion of this offering. However, certain circumstances could cause us to lose that status earlier, including the date on which we are deemed to be a “large accelerated filer,” under applicable SEC rules, if we have total annual gross revenue of $1.07 billion or more, or if we issue more than $1.0 billion in non-convertible debt during any three-year period before that time.

Under the JOBS Act, emerging growth companies can also delay adopting new or revised accounting standards until such time as those standards apply to private companies. We have elected to take advantage of the benefits of this extended transition period. Accordingly, our financial statements may therefore not be comparable to those of companies that comply with such new or revised accounting standards. Until the date that we are no longer an “emerging growth company” or affirmatively and irrevocably opt out of the exemption provided by Section 7(a)(2)(B) of the Securities Act, upon issuance of a new or revised accounting standard that applies to our financial statements and that has a different effective date for public and private companies, we will disclose the date on which adoption is required for non-emerging growth companies and the date on which we will adopt the recently issued accounting standard.

We will incur significant increased costs and management resources as a result of operating as a public company.

As a public company, we will incur significant legal, accounting, compliance and other expenses that we did not incur as a private company and these expenses will increase even more after we are no longer an “emerging growth company.” Our management and other personnel will need to devote a substantial amount of time and incur significant expense in connection with compliance initiatives. For example, in anticipation of becoming a public company, we will need to adopt additional internal controls and disclosure controls and procedures, retain a transfer agent and adopt an insider trading policy. As a public company, we will bear all of the internal and external costs of preparing and distributing periodic public reports in compliance with our obligations under the securities laws.

In addition, regulations and standards relating to corporate governance and public disclosure, including the Sarbanes-Oxley Act, and the related rules and regulations implemented by the SEC and , have increased legal and financial compliance costs and will make some compliance activities more time-consuming. We intend to invest resources to comply with evolving laws, regulations and standards, and this investment will result in increased general and administrative expenses and may divert management’s time and attention from our other business activities. If our efforts to comply with new laws, regulations and standards differ from the activities intended by

regulatory or governing bodies due to ambiguities related to practice, regulatory authorities may initiate legal proceedings against us, and our business may be harmed. In connection with this offering, we intend to increase our directors’ and officers’ insurance coverage, which will increase our insurance cost. In the future, it may be more expensive or more difficult for us to obtain director and officer liability insurance, and we may be required to accept reduced coverage or incur substantially higher costs to obtain coverage. These factors would also make it more difficult for us to attract and retain qualified members of our board of directors, particularly to serve on our audit committee and compensation committee, and qualified executive officers.

Future acquisitions, strategic investments, partnerships or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our business, operating results and financial condition.

As part of our business strategy, we have in the past and expect to continue to make investments in and/or acquire complementary companies, services or technologies. For example, in February 2021, we acquired Scalyr, a data analytics firm. Our ability as an organization to acquire and integrate other companies, services or technologies in a successful manner in the future is not guaranteed. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or ability to achieve our business objectives, and any acquisitions we complete could be viewed negatively by our end customers or investors. In addition, if we are unsuccessful at integrating such acquisitions, or the technologies associated with such acquisitions, into our company, the revenue and operating results of the combined company could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition and the market price of our common stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.

Additional risks we may face in connection with acquisitions include:

•diversion of management time and focus from operating our business to addressing acquisition integration challenges;

•coordination of research and development and sales and marketing functions;

•integration of product and service offerings;

•retention of key employees from the acquired company;

•changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisition;

•cultural challenges associated with integrating employees from the acquired company into our organization;

•integration of the acquired company’s accounting, management information, human resources and other administrative systems;

•the need to implement or improve controls, procedures and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures and policies;

•additional legal, regulatory or compliance requirements;

•financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that we don’t adequately address and that cause our reported results to be incorrect;

•liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and other known and unknown liabilities;

•unanticipated write-offs or charges; and

•litigation or other claims in connection with the acquired company, including claims from terminated employees, customers, former stockholders or other third parties.

Our failure to address these risks or other problems encountered in connection with acquisitions and investments could cause us to fail to realize the anticipated benefits of these acquisitions or investments, cause us to incur unanticipated liabilities, and harm our business generally.

We could be subject to additional tax liabilities and United States federal income tax reform could adversely affect us.

We are subject to U.S. federal, state, local and sales taxes in the United States and foreign income taxes, withholding taxes and transaction taxes in numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for income taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. In addition, our future income tax obligations could be adversely affected by changes in, or interpretations of, tax laws in the United States or in other jurisdictions in which we operate.

For example, in December 2017, the United States adopted new tax law legislation commonly referred to as the Tax Cuts and Jobs Act of 2017, or the Tax Act (as modified by the Coronavirus Aid, Relief, and Economic Security Act), which significantly reforms the Internal Revenue Code of 1986, as amended, or the Internal Revenue Code. The Tax Act, among other things, includes changes to U.S. federal tax rates, imposes significant additional limitations on the deductibility of interest and the use of net operating losses generated in tax years beginning after December 31, 2017, allows for the expensing of certain capital expenditures, and puts into effect the migration from a “worldwide” system of taxation to a largely territorial system. Further changes to U.S. tax laws, including limitations on the ability of taxpayers to claim and utilize foreign tax credits, as well as changes to U.S. tax laws that may be enacted in the future, could impact the tax treatment of our foreign earnings. Due to expansion of our international business activities, any changes in the U.S. taxation of such activities may increase our worldwide effective tax rate and adversely affect our operating results and financial condition. The enactment of legislation implementing changes in the U.S. taxation of international business activities or the adoption of other tax reform policies could adversely impact our operating results and financial condition.

Our ability to use our net operating loss carryforwards and certain other tax attributes may be limited.

As of January 31, 2020, we had aggregate U.S. federal and state net operating loss carryforwards of $15.8 million and $46.9 million, respectively, which may be available to offset future taxable income for U.S. income tax purposes. If not utilized, the federal net operating loss carryforwards will begin to expire in 2034, and the state net operating loss carryforwards will begin to expire in 2027. In addition, we had federal research and development credit carryforwards of $0.1 million, which will begin to expire in 2039, and state research and development credit carryforwards of $0.1 million, which do not expire. We also had foreign net operating loss carryforwards of $175.6 million, which do not expire. Realization of these net operating loss and research and development credit carryforwards depends on future income, and there is a risk that certain of our existing carryforwards could expire unused and be unavailable to offset future income tax liabilities, which could adversely affect our operating results and financial condition.

In addition, under Sections 382 and 383 of the Internal Revenue Code, if a corporation undergoes an “ownership change,” generally defined as a greater than 50% change (by value) in ownership by “5 percent shareholders” over a rolling three-year period, the corporation’s ability to use its pre-change net operating loss carryovers and other pre-change tax attributes, such as research and development credits, to offset its post-change income or taxes may be limited. Similar rules apply under U.S. state tax laws. We may have experienced ownership changes in the past and we may experience an ownership change in the future as a result of shifts in our stock

ownership. As a result, if we earn net taxable income, our ability to use our pre-change U.S. net operating loss carryforwards to offset U.S. federal taxable income may be subject to limitations, which could potentially result in increased future tax liability to us.

We could be required to collect additional sales, use, value added, digital services, or other similar taxes or be subject to other liabilities that may increase the costs our customers would have to pay for our solutions and adversely affect our business, operating results, and financial condition.

We collect sales, use, value added, digital services, and other similar taxes in a number of jurisdictions. One or more U.S. states or countries may seek to impose incremental or new sales, use, value added, digital services, or other tax collection obligations on us. Further, an increasing number of U.S. states have considered or adopted laws that attempt to impose tax collection obligations on out-of-state companies. Additionally, the Supreme Court of the United States ruled in South Dakota v. Wayfair, Inc. et al, or Wayfair, that online sellers can be required to collect sales and use tax despite not having a physical presence in the state of the customer. In response to Wayfair, or otherwise, U.S. states or local governments may adopt, or begin to enforce, laws requiring us to calculate, collect, and remit taxes on sales in their jurisdictions. A successful assertion by one or more U.S. states requiring us to collect taxes where we presently do not do so, or to collect more taxes in a jurisdiction in which we currently do collect some taxes, could result in substantial liabilities, including taxes on past sales, as well as interest and penalties. Furthermore, certain jurisdictions, such as the U.K. and France, have recently introduced a digital services tax, which is generally a tax on gross revenue generated from users or customers located in in those jurisdictions, and other jurisdictions have enacted or are considering enacting similar laws. A successful assertion by a U.S. state or local government, or other country or jurisdiction that we should have been or should be collecting additional sales, use, value added, digital services or other similar taxes could, among other things, result in substantial tax payments, create significant administrative burdens for us, discourage potential customers from subscribing to our platform due to the incremental cost of any such sales or other related taxes, or otherwise harm our business.

Our corporate structure and intercompany arrangements are subject to the tax laws of various jurisdictions, and we could be obligated to pay additional taxes, which would harm our operating results and financial condition.

We are expanding our international operations and staff to support our business in international markets. We generally conduct our international operations through wholly-owned subsidiaries and are or may be required to report our taxable income in various jurisdictions worldwide based upon our business operations in those jurisdictions. Our intercompany relationships are subject to complex transfer pricing regulations administered by taxing authorities in various jurisdictions. The amount of taxes we pay in different jurisdictions will depend on the application of the tax laws of the various jurisdictions, including the United States, to our international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies, and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position was not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations.

We are subject to federal, state and local income, sales and other taxes in the United States and income, withholding, transaction and other taxes in numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for income taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. In addition, our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by recognizing tax losses or lower than anticipated earnings in jurisdictions where we have lower statutory rates and higher than anticipated earnings in jurisdictions where we have higher statutory rates, by changes in foreign currency exchange rates, or by changes in the valuation of our deferred tax assets and liabilities. We may be audited in various jurisdictions, and such jurisdictions may assess additional taxes, sales taxes and value added taxes against us. Although we believe our tax estimates are reasonable, the final determination of any tax audits or litigation could be materially different from our historical tax provisions and accruals, which could have an adverse effect on our operating results or cash flows in the period or periods for which a determination is made.

If our estimates or judgments relating to our critical accounting policies prove to be incorrect or financial reporting standards or interpretations change, our operating results could be adversely affected.

The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as discussed in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements include but are not limited to those related to the valuation of common stock and stock-based awards, the period of benefit for deferred contract acquisition costs, standalone selling prices for each performance obligation, useful lives of long-lived assets, and accounting for income taxes. Additionally, as a result of the COVID-19 pandemic, many of management’s estimates and assumptions require increased judgment and carry a higher degree of variability and volatility. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of industry or financial analysts and investors, resulting in a potential decline in the market price of our common stock.

Additionally, we regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and drafts thereof that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we might be required to change our accounting policies, alter our operational policies and implement new or enhance existing systems so that they reflect new or amended financial reporting standards, or we may be required to restate our published financial statements. Such changes to existing standards or changes in their interpretation may have an adverse effect on our reputation, business, financial condition and profit, or cause an adverse deviation from our revenue and operating profit target, which may negatively impact our financial results.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our business, operating results and financial condition.

Our sales contracts are denominated in U.S. dollars, and therefore our revenue is not subject to foreign currency risk. However, strengthening of the U.S. dollar increases the real cost of our platform to our customers outside of the United States, which could lead to delays in the purchase of our platform and the lengthening of our sales cycle. If the U.S. dollar continues to strengthen, this could adversely affect our financial condition and operating results. In addition, increased international sales in the future, including through our channel partners and other partnerships, may result in greater foreign currency denominated sales, increasing our foreign currency risk.

Our operating expenses incurred outside the U.S. and denominated in foreign currencies are increasing and are subject to fluctuations due to changes in foreign currency exchange rates. These expenses are denominated in foreign currencies and are subject to fluctuations due to changes in foreign currency exchange rates. We do not currently hedge against the risks associated with currency fluctuations but may do so in the future.

We may require additional capital to fund our business and support our growth, and any inability to generate or obtain such capital may adversely affect our operating results and financial condition.

In order to support our growth and respond to business challenges, such as developing new features or enhancements to our platform to stay competitive, acquiring new technologies, and improving our infrastructure, we have made significant financial investments in our business and we intend to continue to make such investments. As a result, we may need to engage in additional equity or debt financings to provide the funds required for these investments and other business endeavors. If we raise additional funds through equity or convertible debt issuances, our existing stockholders may suffer significant dilution and these securities could have rights, preferences, and privileges that are superior to those of holders of our common stock. If we obtain additional funds through debt financing, we may not be able to obtain such financing on terms favorable to us. Such terms may involve restrictive covenants making it difficult to engage in capital raising activities and pursue business opportunities, including potential acquisitions. The trading prices of technology companies have been highly volatile as a result of the

COVID-19 pandemic, which may reduce our ability to access capital on favorable terms or at all. In addition, a recession, depression, or other sustained adverse market event resulting from the spread of the COVID-19 pandemic could adversely affect our business and the value of our common stock. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired and our business may be adversely affected, requiring us to delay, reduce, or eliminate some or all of our operations.

Risks Related to the Offering and Ownership of Our Common Stock

The market price of our common stock may be volatile, and you could lose all or part of your investment.

We cannot predict the prices at which our common stock will trade. The initial public offering price of our common stock has been determined by negotiations between us and the underwriters and may not bear any relationship to the market price at which our common stock will trade after this offering or to any other established criteria of the value of our business and prospects and the market price of our common stock following this offering may fluctuate substantially and may be lower than the initial public offering price. The market price of our common stock following this offering will depend on a number of factors, including those described in this “Risk Factors” section, many of which are beyond our control and may not be related to our operating performance. In addition, the limited public float of our common stock following this offering will tend to increase the volatility of the trading price of our common stock. These fluctuations could cause you to lose all or part of your investment in our common stock, since you might not be able to sell your shares at or above the price you paid in this offering. Factors that could cause fluctuations in the market price of our common stock include the following:

•actual or anticipated changes or fluctuations in our operating results;

•the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections;

•announcements by us or our competitors of new products or new or terminated significant contracts, commercial relationships or capital commitments;

•industry or financial analyst or investor reaction to our press releases, other public announcements and filings with the SEC;

•rumors and market speculation involving us or other companies in our industry;

•price and volume fluctuations in the overall stock market from time to time;

•changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;

•the expiration of market stand-off or contractual lock-up agreements and sales of shares of our common stock by us or our stockholders;

•failure of industry or financial analysts to maintain coverage of us, changes in financial estimates by any analysts who follow our company, or our failure to meet these estimates or the expectations of investors;

•actual or anticipated developments in our business or our competitors’ businesses or the competitive landscape generally;

•litigation involving us, our industry or both, or investigations by regulators into our operations or those of our competitors;

•developments or disputes concerning our intellectual property rights or our solutions, or third-party proprietary rights;

•announced or completed acquisitions of businesses or technologies by us or our competitors;

•new laws or regulations or new interpretations of existing laws or regulations applicable to our business;

•any major changes in our management or our board of directors;

•effects of public health crises, pandemics, and epidemics, such as the COVID-19 pandemic;

•general economic conditions and slow or negative growth of our markets; and

•other events or factors, including those resulting from war, incidents of terrorism or responses to these events.

In addition, the stock market in general, and the market for technology companies in particular, has experienced extreme price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry factors may seriously affect the market price of our common stock, regardless of our actual operating performance. In addition, in the past, following periods of volatility in the overall market and the market prices of a particular company’s securities, securities class action litigation has often been instituted against that company. Securities litigation, if instituted against us, could result in substantial costs and divert our management’s attention and resources from our business. This could have an adverse effect on our business, operating results and financial condition.

No public market for our common stock currently exists, and an active public trading market may not develop or be sustained following this offering.

Prior to this offering, there has been no public market or active private market for our common stock. We intend to apply to list our common stock on . However, an active trading market may not develop following the completion of this offering or, if developed, may not be sustained. The lack of an active market may impair your ability to sell your shares at the time you wish to sell them or at a price that you consider reasonable. The lack of an active market may also reduce the market price of your shares of common stock. An inactive market may also impair our ability to raise capital by selling shares and may impair our ability to acquire other companies or technologies by using our shares as consideration.

Sales of substantial amounts of our common stock in the public markets, or the perception that they might occur, could cause the market price of our common stock to decline.

Sales of a substantial number of shares of our common stock into the public market, particularly sales by our directors, executive officers, and principal stockholders, or the perception that these sales might occur, could cause the market price of our common stock to decline.

All of the shares of common stock sold in this offering will be freely tradable without restrictions or further registration under the Securities Act, except for any shares held by our affiliates as defined in Rule 144 under the Securities Act (including any shares that may be purchased by any of our affiliates in this offering). The remaining shares of our common stock are subject to the lock-up agreement or market stand-off agreements described below.

Subject to certain exceptions, we, all of our directors and executive officers, and substantially all of the holders of our common stock, or securities exercisable for or convertible into our common stock outstanding immediately prior to this offering, are subject to market stand-off agreements or have agreed not to offer, sell, or agree to sell, directly or indirectly, any shares of common stock without the permission of each of Morgan Stanley & Co. LLC and Goldman Sachs & Co. LLC, on behalf of the underwriters, for a period of 180 days from the date of this prospectus. When the lock-up period expires, we and our securityholders subject to a lock-up agreement or market stand-off agreement will be able to sell our shares in the public market. In addition, the underwriters may, in their sole discretion, release all or some portion of the shares subject to lock-up agreements prior to the expiration of the lock-up period. See the section titled “Shares Eligible for Future Sale” for more information. Sales of a substantial number of such shares upon expiration of the lock-up and market stand-off agreements, or the perception that such sales may occur, or early release of these agreements, could cause our market price to fall or make it more difficult for you to sell your common stock at a time and price that you deem appropriate.

In addition, as of January 31, 2021, we had options outstanding that, if fully exercised, would result in the issuance of shares of common stock. We also granted options to purchase shares of our common stock subsequent to January 31, 2021. All of the shares of common stock issuable upon the exercise or settlement of stock options, and the shares reserved for future issuance under our equity incentive plans, will be registered for public resale under the Securities Act. Accordingly, these shares will be able to be freely sold in the public market upon issuance subject to existing lock-up or market standoff agreements and applicable vesting requirements.

Immediately following this offering, the holders of shares of our common stock have rights, subject to some conditions, to require us to file registration statements for the public resale of the common stock issuable or to include such shares in registration statements that we may file for us or other stockholders.

We may also issue our shares of common stock or securities convertible into shares of our common stock from time to time in connection with a financing, acquisition, investments, or otherwise.

If industry or financial analysts do not publish research or reports about our business, or if they issue inaccurate or unfavorable research regarding our common stock, our stock price and trading volume could decline.

The trading market for our common stock will be influenced by the research and reports that industry or financial analysts publish about us or our business. We do not control these analysts or the content and opinions included in their reports. As a new public company, we may be slow to attract research coverage and the analysts who publish information about our common stock will have had relatively little experience with our company, which could affect their ability to accurately forecast our results and make it more likely that we fail to meet their estimates. In the event we obtain industry or financial analyst coverage, if any of the analysts who cover us issues an inaccurate or unfavorable opinion regarding our stock price, our stock price would likely decline. In addition, the stock prices of many companies in the technology industry have declined significantly after those companies have failed to meet, or significantly exceed, the financial guidance publicly announced by the companies or the expectations of analysts. If our financial results fail to meet, or significantly exceed, our announced guidance or the expectations of analysts or public investors, analysts could downgrade our common stock or publish unfavorable research about us. If one or more of these analysts cease coverage of our common stock or fail to publish reports on us regularly, our visibility in the financial markets could decrease, which in turn could cause our stock price or trading volume to decline.

We could be subject to securities class action litigation.

In the past, securities class action litigation has often been instituted against companies following periods of volatility in the market price of a company’s securities. This type of litigation, if instituted, could result in substantial costs and a diversion of management’s attention and resources, which could adversely affect our business, operating results, or financial condition. Additionally, the dramatic increase in the cost of directors’ and officers’ liability insurance may cause us to opt for lower overall policy limits or to forgo insurance that we may otherwise rely on to cover significant defense costs, settlements, and damages awarded to plaintiffs.

We will have broad discretion in the use of the net proceeds to us from this offering and may not use them effectively.

We will have broad discretion in the application of the net proceeds to us from this offering, including for any of the purposes described in the section titled “Use of Proceeds,” and you will not have the opportunity as part of your investment decision to assess whether the net proceeds are being used appropriately. Because of the number and variability of factors that will determine our use of the net proceeds from this offering, their ultimate use may vary substantially from their currently intended use. If we do not use the net proceeds that we receive in this offering effectively, our business, financial condition, operating results, and prospects could be harmed, and the market price of our common stock could decline. Pending their use, we may invest the net proceeds from this offering in short-term, investment-grade interest-bearing securities such as money market accounts, certificates of deposit, commercial paper, and guaranteed obligations of the U.S. government that may not generate a high yield for our stockholders. These investments may not yield a favorable return to our investors.

We do not intend to pay dividends in the foreseeable future. As a result, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.

We have never declared or paid any cash dividends on our capital stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends in the foreseeable future. Any determination to pay dividends in the future will be at the discretion of our board of directors. Additionally, our ability to pay dividends is limited by restrictions on our ability to pay dividends or make distributions under the terms of our loan and security agreement. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.

Because the initial public offering price of our common stock will be substantially higher than the pro forma net tangible book value per share of our outstanding common stock following this offering, new investors will experience immediate and substantial dilution.

The initial public offering price is substantially higher than the pro forma net tangible book value per share of our common stock immediately following this offering based on the total value of our tangible assets less our total liabilities. Therefore, if you purchase shares of our common stock in this offering, based on the midpoint of the offering price range set forth on the cover page of this prospectus, and the issuance of shares of common stock in this offering, you will experience immediate dilution of $ per share, the difference between the price per share you pay for our common stock and its pro forma net tangible book value per share as of January 31, 2021. Furthermore, if the underwriters exercise their over-allotment option, if outstanding stock options are exercised, if we issue awards to our employees under our equity incentive plans, or if we otherwise issue additional shares of our common stock, you could experience further dilution. See the section titled “Dilution” for additional information.

Provisions in our charter documents and under Delaware law could make an acquisition of us, which may be beneficial to our stockholders, more difficult and may limit attempts by our stockholders to replace or remove our current management.

Provisions in our restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a merger, acquisition or other change of control of SentinelOne that the stockholders may consider favorable. In addition, because our board of directors is responsible for appointing the members of our management team, these provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors. Among other things, our restated certificate of incorporation and amended and restated bylaws include provisions that:

•provide that our board of directors is classified into three classes of directors with staggered three-year terms;

•permit the board of directors to establish the number of directors and fill any vacancies and newly created directorships;

•require super-majority voting to amend some provisions in our restated certificate of incorporation and restated bylaws;

•authorize the issuance of “blank check” preferred stock that our board of directors could use to implement a stockholder rights plan;

•provide that only our chief executive officer or a majority of our board of directors will be authorized to call a special meeting of stockholders;

•eliminate the ability of our stockholders to call special meetings of stockholders;

•prohibit cumulative voting;

•provide that directors may only be removed “for cause” and only with the approval of two-thirds of our stockholders;

•prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders;

•provide that the board of directors is expressly authorized to make, alter, or repeal our bylaws; and

•establish advance notice requirements for nominations for election to our board of directors or for proposing matters that can be acted upon by stockholders at annual stockholder meetings.

Moreover, Section 203 of the Delaware General Corporation Law, or DGCL, may discourage, delay, or prevent a change in control of our company. Section 203 imposes certain restrictions on mergers, business combinations, and other transactions between us and holders of 15% or more of our common stock.

Our restated certificate of incorporation contains exclusive forum provisions for certain claims, which may limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers, or employees.

Our restated certificate of incorporation provides that the Court of Chancery of the State of Delaware, to the fullest extent permitted by law, will be the exclusive forum for any derivative action or proceeding brought on our behalf, any action asserting a breach of fiduciary duty, any action asserting a claim against us arising pursuant to the DGCL, our restated certificate of incorporation, or our restated bylaws, or any action asserting a claim against us that is governed by the internal affairs doctrine.

Moreover, Section 22 of the Securities Act creates concurrent jurisdiction for federal and state courts over all claims brought to enforce any duty or liability created by the Securities Act or the rules and regulations thereunder. Our restated certificate of incorporation provides that the federal district courts of the United States will, to the fullest extent permitted by law, be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act, or Federal Forum Provision. Our decision to adopt a Federal Forum Provision followed a decision by the Supreme Court of the State of Delaware holding that such provisions are facially valid under Delaware law. While there can be no assurance that federal or state courts will follow the holding of the Delaware Supreme Court or determine that the Federal Forum Provision should be enforced in a particular case, application of the Federal Forum Provision means that suits brought by our stockholders to enforce any duty or liability created by the Securities Act must be brought in federal court and cannot be brought in state court.

Section 27 of the Exchange Act creates exclusive federal jurisdiction over all claims brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. In addition, the Federal Forum Provision applies to suits brought to enforce any duty or liability created by the Exchange Act. Accordingly, actions by our stockholders to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder must be brought in federal court.

Our stockholders will not be deemed to have waived our compliance with the federal securities laws and the regulations promulgated thereunder.

Any person or entity purchasing or otherwise acquiring or holding any interest in any of our securities shall be deemed to have notice of and consented to our exclusive forum provisions, including the Federal Forum Provision. These provisions may limit a stockholders’ ability to bring a claim in a judicial forum of their choosing for disputes with us or our directors, officers, or employees, which may discourage lawsuits against us and our directors, officers, and employees. Alternatively, if a court were to find the choice of forum provision contained in our restated certificate of incorporation or restated bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition, and operating results.

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

This prospectus contains forward-looking statements. All statements contained in this prospectus other than statements of historical fact, including statements regarding our future operating results and financial condition, our business strategy and plans, market growth, and our objectives for future operations, are forward-looking statements. The words “believe,” “may,” “will,” “potentially,” “estimate,” “continue,” “anticipate,” “intend,” “could,” “would,” “project,” “target,” “plan,” “expect,” and similar expressions are intended to identify forward-looking statements.

Forward-looking statements contained in this prospectus include, but are not limited to, statements about:

•our future financial performance, including our expectations regarding our total revenue, cost of revenue, gross profit or gross margin, operating expenses, including changes in operating expenses and our ability to achieve and maintain future profitability;

•the impact of the COVID-19 pandemic on our operations, financial results, and liquidity and capital resources, including on customers, sales, expenses, and employees;

•our business plan and our ability to effectively manage our growth;

•our total market opportunity;

•anticipated trends, growth rates, and challenges in our business and in the markets in which we operate;

•market acceptance of our platform and our ability to increase adoption of our platform;

•beliefs and objectives for future operations;

•our ability to further penetrate our existing customer base and attract, retain, and expand our customer base;

•our ability to timely and effectively scale and adapt our platform;

•our ability to develop new products and services and bring them to market in a timely manner and make enhancements to our platform;

•our expectations concerning relationships with third parties;

•our ability to maintain, protect, and enhance our intellectual property;

•our ability to continue to expand internationally;

•the effects of increased competition in our markets and our ability to compete effectively;

•future acquisitions or investments in complementary companies, products, services, or technologies;

•our ability to stay in compliance with laws and regulations that currently apply or become applicable to our business both in the United States and internationally;

•economic and industry trends, projected growth, or trend analysis;

•increased expenses associated with being a public company; and

•other statements regarding our future operations, financial condition, and prospects and business strategies.

These forward-looking statements are subject to a number of risks, uncertainties, and assumptions, including those described in the section titled “Risk Factors” and elsewhere in this prospectus. Moreover, we operate in a very competitive and rapidly changing environment, and new risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties, and assumptions, the forward-looking events and circumstances discussed in this prospectus may not occur, and actual results could differ materially and adversely from those anticipated or implied in the forward-looking statements.

You should not rely upon forward-looking statements as predictions of future events. The events and circumstances reflected in the forward-looking statements may not be achieved or occur. We undertake no obligation to update any of these forward-looking statements for any reason after the date of this prospectus or to conform these statements to actual results or to changes in our expectations, except as required by law.

You should read this prospectus and the documents that we reference in this prospectus and have filed with the SEC as exhibits to the registration statement of which this prospectus is a part with the understanding that our actual future results, performance, and events and circumstances may be materially different from what we expect.

INDUSTRY, MARKET, AND OTHER DATA

Unless otherwise indicated, information contained in this prospectus concerning our industry and the markets in which we operate, including our general expectations and market position, market opportunity, and market size, is based on information from various sources, as well as assumptions that we have made that are based on those data and other similar sources and on our knowledge of the markets for our platform. This information involves important assumptions and limitations, is inherently imprecise, and you are cautioned not to give undue weight to such estimates. In addition, projections, assumptions and estimates of our future performance and the future performance of the industry in which we operate is necessarily subject to a high degree of uncertainty and risk due to a variety of factors, including those described in the section titled “Risk Factors” and elsewhere in this prospectus. These and other factors could cause results to differ materially from those expressed in the estimates made by the independent parties and by us.

This prospectus contains statistical data, estimates, and forecasts that are based on publications or reports generated by third parties, including a report prepared by Forrester Research, Inc., or Forrester, that we commissioned, or other publicly available information, as well as other information based on our internal sources.

The source of, and selected additional information contained in, the independent industry and other publications related to the information so identified are provided below.

•International Data Corporation, Worldwide Global DataSphere IoT Device and Data Forecast, 2020-2024, July 2020;

•International Data Corporation, Worldwide Whole Cloud Forecast, 2020-2024, October 2020;

•International Data Corporation, MarketScape Worldwide Unified Endpoint Management Software for Apple Devices 2021 Vendor Assessment, January 2021;

•International Data Corporation, IDC’s Global DataSphere Forecast Shows Continued Steady Growth in the Creation and Consumption of Data, May 2020;

•International Data Corporation, Worldwide IT Operations Management Software Forecast, 2021-2025, February 2021;

•International Data Corporation, Security Spending Guide, February 2021;

•Cybersecurity Ventures, Cyberwarfare In The C-Suite Cybersecurity Magazine, January 2021;

•ESG, a division of TechTarget, Research Report, The Life and Times of Cybersecurity Professionals 2020, July 2020;

•Forrester Research, Inc., The Total Economic Impact of SentinelOne Cybersecurity Platform, October 2020 (SentinelOne commissioned);

•Gartner, Gartner Peer Insights ‘Voice of the Customer’: Endpoint Detection and Response Solutions, May 2020;

•Gartner Press Release, Gartner Survey Reveals 82% of Company Leaders Plan to Allow Employees to Work Remotely Some of the Time, July 2020;

•Ponemon Institute sponsored by IBM Security, Cost of a Data Breach Report 2020, August 2020;

•Ponemon Institute sponsored by Keeper Security, Cybersecurity in the Remote Work Era: A Global Risk Report, October 2020; and

•(ISC)², Cybersecurity Workforce Study 2020, November 2020.

USE OF PROCEEDS

We estimate that the net proceeds from our sale of shares of our common stock in this offering at an assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses, will be approximately $ million, or $ million if the underwriters’ over-allotment option is exercised in full.

A $1.00 increase (decrease) in the assumed initial public offering price of $ per share would increase (decrease) the net proceeds to us from this offering by approximately $ million, assuming the number of shares of our common stock offered by us remains the same and after deducting estimated underwriting discounts and commissions. Similarly, each increase (decrease) of 1.0 million shares in the number of shares of our common stock offered would increase (decrease) the net proceeds from this offering by approximately $ million, assuming that the assumed initial public offering price of $ remains the same, and after deducting the estimated underwriting discounts and commissions.

The principal purposes of this offering are to create a public market for our common stock, increase our visibility in the marketplace, obtain additional capital and increase our capitalization and financial flexibility. We currently intend to use the net proceeds we receive from this offering primarily for working capital and other general corporate purposes, which may include product development, general and administrative matters, and capital expenditures. We may also use a portion of the net proceeds for the acquisition of, or investment in, technologies, solutions, or businesses that complement our business. However, we do not have agreements or commitments for any acquisitions or investments outside the ordinary course of business at this time.

We will have broad discretion over the uses of the net proceeds of this offering. Pending these uses, we intend to invest the net proceeds from this offering in short-term, investment-grade interest-bearing securities, such as money market funds, certificates of deposit, commercial paper, and guaranteed obligations of the U.S. government.

DIVIDEND POLICY

We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends on our capital stock in the foreseeable future. Additionally, our ability to pay dividends or make distributions is limited by certain restrictions in connection with our loan and security agreement. For additional information regarding our loan and security agreement, see the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Debt Obligations.” Any future determination to declare dividends will be made at the discretion of our board of directors and will depend on our financial condition, operating results, capital requirements, general business conditions, and other factors that our board of directors may deem relevant.

CAPITALIZATION

The following table sets forth our cash, cash equivalents, and short-term investments and our capitalization as of January 31, 2021, on:

•an actual basis;

•a pro forma basis, which reflects (i) the Capital Stock Conversion as if such conversion had occurred on January 31, 2021 and (ii) the filing and effectiveness of our restated certificate of incorporation that will become effective immediately prior to the completion of this offering; and

•a pro forma as adjusted basis, which reflects (i) the pro forma adjustments set forth above, and (ii) the sale and issuance of shares of our common stock in this offering at an assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses.

You should read this table together with our consolidated financial statements and the accompanying notes, and the sections titled “Selected Consolidated Financial and Other Data” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” that are included elsewhere in this prospectus

As of January 31, 2021

Actual

Pro Forma

Pro Forma as

Adjusted(1)

(in thousands, except share and

per share data)

Cash, cash equivalents, and short-term investments

Long-term debt

Redeemable convertible preferred stock; $0.0001 par value per share; shares authorized, issued, and outstanding, actual; no shares authorized, issued, and outstanding, pro forma and pro forma as adjusted

Stockholders’ (deficit) equity:

Preferred stock; $0.0001 par value per share; no shares authorized, issued, and outstanding, actual; shares authorized, no shares issued and outstanding, pro forma and pro forma as adjusted

Common stock; $0.0001 par value per share; shares authorized, shares issued and outstanding, actual; shares authorized, shares issued and outstanding, pro forma; shares authorized, shares issued and outstanding, pro forma as adjusted

Additional paid-in capital

Accumulated other comprehensive loss

Accumulated deficit

Total stockholders’ (deficit) equity

Total capitalization

__________________

(1)The pro forma as adjusted information presented is illustrative only and will be adjusted based on the actual initial public offering price and other terms of this offering determined at pricing. Each $1.00 increase (decrease) in the assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase (decrease) our pro forma as adjusted cash, cash equivalents, and short-term investments, additional paid-in capital, total stockholders’ (deficit) equity, and total capitalization by $ million, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting the estimated underwriting discounts and commissions. Similarly, each increase (decrease) of 1.0 million shares in the number of shares of our common stock offered by us would increase (decrease) the amount of our pro forma as adjusted cash, cash equivalents, and short-term investments, additional paid-in capital, total stockholders’ (deficit) equity, and total

capitalization by $ million, assuming that the assumed initial public offering price remains the same, and after deducting the estimated underwriting discounts and commissions. If the underwriters’ over-allotment option is exercised in full, the pro forma as adjusted amount of each of cash, cash equivalents, and short-term investments, additional paid-in capital, total stockholders’ (deficit) equity, and total capitalization would increase by $ million, and after deducting estimated underwriting discounts and commissions, and we would have shares of our common stock issued and outstanding, pro forma as adjusted.

The number of shares of our common stock that will be outstanding (after giving effect to the Capital Stock Conversion) after this offering is based on shares of our common stock outstanding as of January 31, 2021 and excludes:

• shares of our common stock issuable upon the exercise of stock options outstanding as of January 31, 2021 under our 2013 Plan with a weighted-average exercise price of $ per share;

• shares of our common stock issuable upon the exercise of stock options granted after January 31, 2021 under our 2013 Plan with a weighted-average exercise price of $ per share;

• shares of our common stock issued in connection with our acquisition of Scalyr in February 2021;

• shares of our common stock issuable upon the exercise of stock options outstanding under our 2011 Plan, which we assumed in connection with our acquisition of Scalyr in February 2021, with a weighted-average exercise price of $ per share;

• shares of our common stock issuable upon the exercise of warrants to purchase shares of common stock outstanding as of January 31, 2021 with a weighted-average exercise price of $ per share; and

• shares of our common stock reserved for future issuance under our equity compensation plans, consisting of (i) shares of our common stock reserved for future issuance under our 2013 Plan, as of January 31, 2021 (which number of shares is prior to the stock options to purchase shares of our common stock granted after January 31, 2021), (ii) shares of our common stock reserved for future issuance under our 2021 Plan, which will become effective on the date immediately prior to the date of this prospectus, and (iii) shares of our common stock reserved for issuance under our 2021 ESPP, which will become effective on the date of this prospectus.

On the date of this prospectus, any remaining shares available for issuance under our 2013 Plan will be added to the shares of our common stock reserved for issuance under our 2021 Plan, and we will cease granting awards under the 2013 Plan. Our 2021 Plan and 2021 ESPP also provide for automatic annual increases in the number of shares reserved thereunder. For additional information see the section titled “Executive Compensation—Employee Benefit and Stock Plans.”

DILUTION

If you invest in our common stock in this offering, your ownership interest will be diluted to the extent of the difference between the initial public offering price per share of our common stock and the pro forma as adjusted net tangible book value per share of our common stock immediately after this offering.

As of January 31, 2021, our pro forma net tangible book value was $ million, or $ per share of our common stock. Our pro forma net tangible book value per share represents the amount of our total tangible assets reduced by the amount of our total liabilities and divided by the total number of shares of our common stock outstanding as of January 31, 2021, after giving effect to (i) the Capital Stock Conversion and (ii) the filing and effectiveness of our restated certificate of incorporation that will become effective immediately prior to the completion of this offering.

After giving effect to the sale of shares of our common stock in this offering at an assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, after deducting estimated underwriting discounts and commissions and estimated offering expenses, our pro forma as adjusted net tangible book value as of January 31, 2021 would have been $ million, or $ per share. This represents an immediate increase in pro forma net tangible book value of $ per share to our existing stockholders and an immediate dilution in pro forma as adjusted net tangible book value of $ per share to investors purchasing shares of our common stock in this offering at the assumed initial public offering price.

The following table illustrates this dilution on a per share basis to new investors:


Assumed initial public offering price per share		$
Pro forma net tangible book value per share as of January 31, 2021	$
Increase in pro forma net tangible book value per share attributable to new investors purchasing shares of our common stock in this offering
Pro forma as adjusted net tangible book value per share immediately after this offering
Dilution in pro forma as adjusted net tangible book value per share to new investors in this offering		$

The dilution information discussed above is illustrative only and will change based on the actual initial offering price and other terms of this offering determined at pricing. A $1.00 increase (decrease) in the assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase (decrease) our pro forma as adjusted net tangible book value per share after this offering by $ per share and would increase (decrease) the dilution per share to new investors in this offering by $ per share, assuming the number of shares of common stock offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting the estimated underwriting discounts and commissions. Similarly, each increase (decrease) of 1.0 million shares in the number of shares of common stock offered would increase (decrease) the pro forma as adjusted net tangible book value per share after this offering by $ per share and would increase (decrease) the dilution to new investors by $ per share, assuming the assumed initial public offering price, which is the midpoint of the offering price range set forth on the cover page of this prospectus, remains the same and after deducting the estimated underwriting discounts and commissions.

If the underwriters exercise their over-allotment option in full, the pro forma as adjusted net tangible book value per share of our common stock after giving effect to this offering would be $ per share, and the dilution in pro forma as adjusted net tangible book value per share to investors in this offering would be $ per share.

The following table summarizes, on a pro forma as adjusted basis as of January 31, 2021, after giving effect to the pro forma adjustments described above, the difference between existing stockholders and new investors purchasing shares of common stock in this offering with respect to the number of shares purchased from us, the total consideration paid to us, and the average price per share paid by our existing stockholders or to be paid by investors purchasing shares in this offering at an assumed offering price of $ per share, which is the midpoint of the

offering price range set forth on the cover page of this prospectus, before deducting the estimated underwriting discounts and commissions and estimated offering expenses:


	Shares Purchased			Total Consideration			Average Price Per Share
	Number	Percent		Amount	Percent
Existing stockholders		%		$	%		$
New public investors
Total		100	%	$	100	%

A $1.00 increase (decrease) in the assumed initial public offering price of $ per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase (decrease) total consideration paid by new investors and total consideration paid by all stockholders by approximately $ million, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus remains the same and after deducting the estimated underwriting discounts and commissions.

Except as otherwise indicated, the above discussion and tables assume no exercise of the underwriters’ over-allotment option. If the underwriters’ over-allotment option is exercised in full, our existing stockholders would own % and our new investors would own % of the total number of shares of our common stock outstanding upon completion of this offering.

In addition, to the extent we issue any additional stock options or any outstanding stock options or warrants are exercised, or we issue any other securities or convertible debt in the future, investors will experience further dilution.

• shares of our common stock issuable upon the exercise of stock options outstanding as of January 31, 2021 under our 2013 Plan with a weighted-average exercise price of $ per share;

• shares of our common stock issuable upon the exercise of stock options granted after January 31, 2021 under our 2013 Plan with a weighted-average exercise price of $ per share;

• shares of our common stock issued in connection with our acquisition of Scalyr in February 2021;

• shares of our common stock issuable upon the exercise of stock options outstanding under the 2011 Plan that we assumed in connection with our acquisition of Scalyr in February 2021, with a weighted-average exercise price of $ per share;

• shares of our common stock issuable upon the exercise of warrants to purchase shares of common stock outstanding as of January 31, 2021 with a weighted-average exercise price of $ per share; and

• shares of our common stock reserved for future issuance under our equity compensation plans, consisting of (i) shares of our common stock reserved for future issuance under our 2013 Plan, as of January 31, 2021 (which number of shares is prior to the stock options to purchase shares of our common stock granted after January 31, 2021), (ii) shares of our common stock reserved for future issuance under our 2021 Plan, which will become effective on the date immediately prior to the date of this prospectus, and (iii) shares of our common stock reserved for issuance under our 2021 ESPP, which will become effective on the date of this prospectus.

reserved thereunder. For additional information see the section titled “Executive Compensation—Employee Benefit and Stock Plans.”

SELECTED CONSOLIDATED FINANCIAL AND OTHER DATA

The following tables present selected historical consolidated financial and other data for our business. We derived the selected consolidated statements of operations data for the years ended January 31, 2020 and 2021 (except for pro forma basic and diluted net loss per share attributable to common stockholders and weighted-average shares used in computing pro forma basic and diluted net loss per share attributable to common stockholders) and the consolidated balance sheet data as of January 31, 2020 and 2021 from our audited consolidated financial statements that are included elsewhere in this prospectus. Our historical results are not necessarily indicative of the results that may be expected in the future. You should read the following selected consolidated financial and other data below in conjunction with the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements, the accompanying notes and other financial information included elsewhere in this prospectus. Our fiscal year end is January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2020 and 2021 are referred to herein as fiscal 2020 and fiscal 2021, respectively.

Consolidated Statements of Operations Data


	Year Ended January 31,
	2020		2021
	(in thousands, except share and per share data)
Revenue:	$	46,474	$
Cost of revenue(1)	18,331
Gross profit	28,143
Operating expenses:
Research and development(1)	36,683
Sales and marketing(1)	51,322
General and administrative(1)	15,122
Total operating expenses	103,127
Loss from operations	(74,984)
Interest income	886
Interest expense	(2,015)
Other income (expense), net	(217)
Loss before provision for income taxes	(76,330)
Provision for income taxes	237
Net loss	$	(76,567)	$
Net loss per share attributable to common stockholders, basic and diluted(2)	$	(2.34)	$
Weighted-average shares used in computing net loss per share attributable to common stockholders, basic and diluted(2)	32,712,350
Pro forma net loss per share attributable to common stockholders, basic and diluted (unaudited)(3)			$
Weighted-average shares used in computing pro forma net loss per share attributable to common stockholders, basic and diluted (unaudited)(3)

__________________

(1)Includes stock-based compensation expense as follows:


	Year Ended January 31,
	2020		2021
	(in thousands)
Cost of revenue	$	138	$
Research and development	1,686
Sales and marketing	1,034
General and administrative	1,488
Total	$	4,346	$

(3)Basic and diluted pro forma net loss per share attributable to common stockholders for fiscal 2021 gives effect to: .

Consolidated Balance Sheet Data


	As of January 31,
	2020		2021
	(in thousands)
Cash, cash equivalents, and short-term investments	$	45,700
Working capital(1)	16,980
Total assets	112,454
Long-term debt	19,598
Redeemable convertible preferred stock	201,826
Additional paid-in capital	8,986
Accumulated deficit	(232,999)
Total stockholders’ deficit	(224,213)

__________________

(1)Working capital is defined as current assets less current liabilities.

Key Business Metrics and Non-GAAP Financial Measures


	As of or For the Year Ended January 31,
	2020			2021
	(dollars in thousands)
Annualized recurring revenue (ARR)	$	66,764
Customers with ARR of $100,000 or more	104
Dollar-based net retention rate	119		%
Gross profit	$	28,143
Non-GAAP gross profit	$	28,281
Gross margin	61		%
Non-GAAP gross margin	61		%
Loss from operations	$	(74,984)
Non-GAAP loss from operations	$	(70,638)
Operating margin	(161)		%
Non-GAAP operating margin	(152)		%
Net cash used in operating activities	$	(44,424)
Net cash used in investing activities	$	(3,187)
Net cash provided by financing activities	$	52,770
Free cash flow	$	(47,077)

MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

The following discussion and analysis of our financial condition and results of operations should be read in conjunction with the section titled “Selected Consolidated Financial and Other Data” and our consolidated financial statements the accompanying notes included elsewhere in this prospectus. This discussion contains forward-looking statements that involve risks and uncertainties. Our actual results could differ materially from those discussed below. Factors that could cause or contribute to such difference include, but are not limited to, those identified below and those discussed in the section titled “Risk Factors” included elsewhere in this prospectus. Our fiscal year ends on January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2020 and January 31, 2021 are referred to herein as fiscal 2020 and fiscal 2021, respectively.

Overview

We founded SentinelOne in 2013 with a dramatically new approach to cybersecurity.

Our Singularity Platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of disparate external and internal sources in real-time. We build rich context by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous. Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform. Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud. In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated. By providing visibility across an organization’s digital assets through one console, our platform makes it very fast for analysts to easily search through petabytes of data to investigate incidents and proactively hunt threats. We have extended our control and visibility planes beyond the traditional endpoint to unmanaged IoT devices.

Since we began selling our Behavioral AI model in 2015, we have achieved the following milestones:

We generate substantially all of our revenue by selling subscriptions to our Singularity Platform. Our subscription tiers include Singularity Core, Singularity Control, and Singularity Complete. Additionally, customers can extend the functionality of our platform through our eight subscription Singularity Modules. We generally price our subscriptions and modules on a per agent basis, and each agent generally corresponds with an endpoint, server, virtual machine, or container.

Our subscriptions typically range from one to three years. We recognize subscription revenue ratably over the term of a contract. Most of our contracts are for terms representing annual increments, therefore contracts generally come up for renewal in the same period in subsequent years. The timing of large multi-year enterprise contracts can create some variability in subscription order levels between periods, though the impact to our revenue in any particular period is limited as a result of ratable revenue recognition.

Our go-to-market strategy is focused on acquiring new customers and driving expanded usage of our platform by existing customers. Our sales organization is comprised of our enterprise sales, inside sales and customer solutions engineering teams. It leverages our global network of ISVs, alliance partners, and channel, partners for prospect access. Additionally, our sales teams work closely with our customers, channel partners, and alliance partners to drive adoption of our platform, and our software solutions are fulfilled through our channel partners. Our channel partners include some of the world’s largest resellers and distributors, MSPs, MSSPs, MDRs, OEMs, and IR firms. Once customers experience the benefits of our platform, they often upgrade their subscriptions to benefit from the full range of our XDR and IT and security operations capabilities. Additionally, many of our customers adopt Singularity Modules over time to extend the functionality of our platform and increase their coverage footprint. The combination of platform upgrades and extended modules drives our powerful land-and-expand motion.

Our Singularity Platform is used globally by organizations of all sizes across a broad range of industries. As of January 31, 2021, we had over 3,900 customers, increasing from over 2,400 as of January 31, 2020. Our AI and automation driven approach to cybersecurity has been adopted by some of the world’s largest and most demanding organizations. As of January 31, 2021, our customers included four of the Fortune 10, 27 of the Fortune 500, and 46 of the Global 2000. As of January 31, 2021, no single end customer accounted for more than % of our ARR. We define ARR as the annualized revenue run rate of our subscription contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under subscription contracts with us. Our ARR outside of the United States represented 27% for fiscal 2020 and % for fiscal 2021, illustrating the global nature of our solutions.

We continue to increase the number of customers who have entered into larger subscriptions with us. We had 219 customers with ARR of $100,000 or more as of January 31, 2021, up from 104 as of January 31, 2020. Further, as of January 31, 2021, we had 13 customers with ARR of $1 million or more, up from six as of January 31, 2020. We believe that the number of customers with ARR of $100,000 or more and ARR of $1 million or more indicates our ability to scale with customers and the strategic importance of our platform for large enterprises and governments.

We have grown rapidly since our inception. Our revenue was $46.5 million for fiscal 2020 and $ million for fiscal 2021, representing growth of %. We continue to invest in growing our business to capitalize on our market opportunity. As a result, our net loss was $76.6 million for fiscal 2020 and $ million for fiscal 2021.

Key Factors Affecting Our Performance

We believe that the growth and future success of our business depends on many factors. While each of these factors presents significant opportunities for our business, they also pose important challenges that we must successfully address in order to sustain our growth and improve our operating results.

New Customer Acquisition

Our business model relies on rapidly and efficiently engaging with new customers and expanding our relationship with our customers over time. To drive customer acquisition, we have invested, and expect to continue to invest, heavily in our sales and marketing efforts. While we cannot predict customer adoption rates and demand, the future growth rate and size of the market for endpoint security solutions, or the introduction of competitive products and services, our business and operating results will be significantly affected by the degree and speed with which organizations adopt endpoint security solutions and our platform.

Expansion Within Our Existing Customers

Our growing base of customers represents a significant opportunity for further adoption of our platform. As of January 31, 2021, we had over 3,900 customers. Our customers may start with just the Singularity Core version of our platform and upgrade to our Singularity Control and Singularity Complete versions, add Singularity Modules such as Cloud Workload Security and Ranger IoT, or increase the number of protected endpoints and cloud workloads as well as mapped IoT devices. Several of our largest enterprise and government customers have deployed our platform across tens of thousands of endpoints and cloud workloads, running tens of thousands of applications. Our ability to expand within our customer base, particularly large enterprise and government customers, will depend on a number of factors, including platform performance, our customers’ satisfaction with our platform, competitive offerings, pricing, overall changes in our customers’ spending levels, and the effectiveness of our efforts to help our customers realize the benefits of our platform.

As of January 31, 2021, our dollar-based gross retention rate was % and our dollar-based net retention rate, or NRR, was %. To calculate these metrics, we first determine Prior Period ARR, which is ARR from the population of our customers as of 12 months prior to the end of a particular reporting period. We calculate Gross Retention ARR by subtracting from the total Prior Period ARR the portion of Prior Period ARR accounted for by the subset of those customers that are no longer active at the end of that reporting period. Dollar-based gross retention rate is the quotient obtained by dividing Gross Retention ARR by Prior Period ARR. Dollar-based gross retention rate takes into account customer attrition but does not reflect customer contraction. We calculate Net Retention ARR

as the total ARR at the end of a particular reporting period from the set of customers that is used to determine Prior Period ARR. Net Retention ARR includes any expansion, and is net of contraction and attrition associated with that set of customers. NRR is the quotient obtained by dividing Net Retention ARR by Prior Period ARR.

Investing for Growth

We plan to continue investing in our business so that we can capitalize on our market opportunity. We intend to continue to add headcount to our global sales and marketing team to acquire new customers and to increase sales to existing customers. We intend to continue to invest in building additional functionality for our Singularity Platform that will extend our capabilities as our success is dependent on our ability to sustain innovation and technology leadership in order to maintain our competitive advantage. We also intend to continue to evaluate strategic acquisitions and investments in businesses and technologies to further accelerate our product capabilities. For example, we recently acquired Scalyr to advance our data ingestion, search, and retention capabilities.

We believe that the global opportunity for our Singularity Platform is significant. Our revenue outside of the United States represented % of our revenue for fiscal 2021. We have made, and plan to continue to make, significant investments to expand geographically, particularly in Europe, Middle East, and Africa, or EMEA, Latin America, and Asia Pacific, or APAC.

Although our investments in growth may adversely affect our operating results in the near term, we believe that they will contribute to our long-term growth. If our near-term investments do not lead to the expected revenue growth over time, we may not achieve or maintain profitability or our growth rates may slow.

Key Business Metrics

We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic decisions.

Annualized Recurring Revenue

We believe that ARR is a key operating metric to measure our business because it is driven by our ability to acquire new subscription customers and to maintain and expand our relationship with existing subscription customers. ARR represents the annualized revenue run rate of our subscription contracts at the end of a reporting period, assuming contracts are renewed on their existing terms for customers that are under subscription contracts with us. ARR is not a forecast of future revenue, which can be impacted by contract start and end dates and renewal rates.


	As of January 31,
	2020		2021
	(in thousands)
Annualized recurring revenue (ARR)	$	66,764	$

Customers with ARR of $100,000 or More

We believe that our ability to increase the number of customers with ARR of $100,000 or more is an indicator of our market penetration and strategic demand for our platform. We define a customer as an entity that has an active subscription for access to our platform. We count MSPs, MSSPs, MDRs, and OEMs, who may purchase our products on behalf of multiple companies, as a single customer. We do not count our reseller or distributor channel partners as customers.


	As of January 31,
	2020	2021
Customers with ARR of $100,000 or more	104

Dollar-Based Net Retention Rate

We believe that our ability to retain and expand our revenue generated from our existing customers is an indicator of the long-term value of our customer relationships and our potential future business opportunities. Dollar-based net retention rate measures the percentage change in our ARR derived from our customer base at a point in time.


	As of January 31,
	2020		2021
Dollar-based net retention rate	119	%

Non-GAAP Financial Measures

In addition to our results determined in accordance with GAAP, we believe the following non-GAAP measures are useful in evaluating our operating performance. We use the following non-GAAP financial information to evaluate our ongoing operations and for internal planning and forecasting purposes. We believe that non-GAAP financial information, when taken collectively, may be helpful to investors because it provides consistency and comparability with past financial performance. However, non-GAAP financial information is presented for supplemental informational purposes only, has limitations as an analytical tool, and should not be considered in isolation or as a substitute for financial information presented in accordance with GAAP.

Other companies, including companies in our industry, may calculate similarly titled non-GAAP measures differently or may use other measures to evaluate their performance, all of which could reduce the usefulness of our non-GAAP financial measures as tools for comparison. In addition, the utility of free cash flow as a measure of our liquidity is limited as it does not represent the total increase or decrease in our cash balance for a given period.

A reconciliation is provided below for each non-GAAP financial measure to the most directly comparable financial measure stated in accordance with GAAP. Investors are encouraged to review the related GAAP financial measures and the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures and not rely on any single financial measure to evaluate our business.

Non-GAAP Gross Profit and Non-GAAP Gross Margin

We define non-GAAP gross profit and non-GAAP gross margin as GAAP gross profit and GAAP gross margin, respectively, excluding stock-based compensation expense, amortization of acquired intangible assets, and acquisition-related expenses. We believe non-GAAP gross profit and non-GAAP gross margin provide our management and investors consistency and comparability with our past financial performance and facilitate period-to-period comparisons of operations, as these measures eliminate the effects of certain variables unrelated to our overall operating performance.

The following table provides a reconciliation of our GAAP gross profit to our non-GAAP gross profit and of our GAAP gross margin to our non-GAAP gross margin, for each of the periods presented:


	Year Ended January 31,
	2020			2021
	(in thousands)
Revenue	$	46,474		$

Gross profit	$	28,143		$
Add: Stock-based compensation expense	138
Add: Acquisition-related expenses	—
Add: Amortization of acquired intangible assets	—
Non-GAAP gross profit	$	28,281		$
Gross margin	61		%	%
Non-GAAP gross margin	61		%	%

Rapid expansion of our Singularity Platform drove the need to expand our cloud infrastructure to meet advanced platform requirements and increased market demands, causing gross margin to in fiscal 2021. We continue to invest in the efficiency of our platform and infrastructure through technological improvements, but our gross margin can fluctuate depending on the timing of new module releases, sales of new modules to existing customers, the acquisitions of new customers, and the compute usage of our customers. We actively engage with cloud service providers to discuss and evaluate our agreements. For example, we recently amended our agreement with AWS to reflect our increased scale. We believe we can continue to identify and drive further economies of scale with efforts like this which we believe will enable us to increase our gross margin over time.

Non-GAAP Loss from Operations and Non-GAAP Operating Margin

We define non-GAAP loss from operations and non-GAAP operating margin as GAAP loss from operations and GAAP operating margin, respectively, excluding stock-based compensation expense, amortization of acquired intangible assets, and acquisition-related expenses. We believe non-GAAP loss from operations and non-GAAP operating margin provide our management and investors consistency and comparability with our past financial performance and facilitate period-to-period comparisons of operations, as these metrics generally eliminate the effects of certain variables unrelated to our overall operating performance.

The following table provides a reconciliation of GAAP loss from operations to non-GAAP loss from operations and GAAP operating margin to non-GAAP operating margin for each of the periods presented:


	Year Ended January 31,
	2020			2021
	(in thousands)
Revenue	$	46,474		$

Loss from operations	$	(74,984)		$
Add: Stock-based compensation expense	4,346
Add: Acquisition-related expenses	—
Add: Amortization of acquired intangible assets	—
Non-GAAP loss from operations	$	(70,638)		$
Operating margin	(161)		%	%
Non-GAAP operating margin	(152)		%	%

Free Cash Flow

Free cash flow is a non-GAAP financial measure that we define as net cash provided by (used in) operating activities less cash used for purchases of property and equipment and capitalized internal-use software. We believe

that free cash flow is a useful indicator of liquidity that provides information to management and investors, even if negative, as it provides useful information about the amount of cash generated (or consumed) by our operating activities that is available (or not available) to be used for other strategic initiatives. For example, if free cash flow is negative, we may need to access cash reserves or other sources of capital to invest in strategic initiatives. While we believe that free cash flow is useful in evaluating our business, free cash flow is a non-GAAP financial measure that has limitations as an analytical tool, and free cash flow should not be considered as an alternative to, or substitute for, net cash provided by (used in) operating activities in accordance with GAAP. The utility of free cash flow as a measure of our liquidity is limited as it does not represent the total increase or decrease in our cash balance for any given period and does not reflect our future contractual commitments. In addition, other companies, including companies in our industry, may calculate free cash flow differently or not at all, which reduces the usefulness of free cash flow as a tool for comparison.

The following table summarizes our cash flows and provides a reconciliation of net cash provided by (used in) operating activities, the most directly comparable GAAP measure, to free cash flow, a non-GAAP financial measure, for each of the periods presented:


	Year Ended January 31,
	2020		2021
	(in thousands)
Net cash used in operating activities	$	(44,424)	$
Less: Purchases of property and equipment	(953)
Less: Capitalized internal-use software	(1,700)
Free cash flow	$	(47,077)	$
Net cash used in investing activities	$	(3,187)	$
Net cash provided by financing activities	$	52,770	$

Impact of COVID-19

The COVID-19 pandemic has caused general business disruption worldwide beginning in January 2020. The full extent to which the COVID-19 pandemic will directly or indirectly impact our business, results of operations, cash flows, and financial condition will depend on future developments that are highly uncertain and cannot be accurately predicted. We have experienced, and may continue to experience, a modest adverse impact on certain parts of our business following the implementation of shelter-in-place orders to mitigate the outbreak of COVID-19, including a lengthening of the sales cycle for some prospective customers and delays in the delivery of professional services and trainings to our customers.

We have also experienced, and may continue to experience, a positive impact as a result of the COVID-19 pandemic. For example, in connection with the travel restrictions and shelter-in-place policies resulting from the COVID-19 pandemic, we have seen a significant increase in usage and subscriptions from smaller customers, many of whom are small or medium sized businesses. We have also seen slower growth in certain operating expenses due to reduced business travel, deferred hiring for some positions, and the virtualization or cancellation of customer and employee events. While a reduction in operating expenses may have an immediate positive impact on our operating results, we do not yet have visibility into the full impact this will have on our business. Moreover, as a vaccine becomes widely available and people begin to return to offices and other workplaces, any positive impacts of the COVID-19 pandemic on our business may slow or decline once the impact of the pandemic tapers.

We cannot predict how long we will continue to experience these impacts as shelter-in-place orders, vaccine availability, and other related measures are expected to change over time. Our results of operations, cash flows, and financial condition have not been adversely impacted to date. However, as certain of our customers or partners experience downturns or uncertainty in their own business operations or revenue resulting from the spread of COVID-19 our results of operations, cash flows, and financial condition could be adversely impacted. In addition, in response to the spread of COVID-19, we have required substantially all of our employees to work remotely to minimize the risk of the virus to our employees and the communities in which we operate, and we may take further

actions as may be required by government authorities or that we determine are in the best interests of our employees, customers, and business partners.

The global impact of COVID-19 continues to rapidly evolve, and we will continue to monitor the situation and the effects on our business and operations closely. We do not yet know the full extent of potential impacts on our business or operations or on the global economy as a whole, particularly if the COVID-19 pandemic continues and persists for an extended period of time. Given the uncertainty, we cannot reasonably estimate the impact on our future results of operations, cash flows, or financial condition. For additional information see the section titled “Risk Factors.”

Components of Our Results of Operations

Revenue

We generate substantially all of our revenue from subscriptions to our Singularity Platform. Customers can extend the functionality of their subscription to our platform by subscribing to additional Singularity Modules. Subscriptions provide access to hosted software. The nature of our promise to the customer under the subscription is to stand ready to provide protection for the duration of the contractual term. As a result, we recognize revenue for these performance obligations ratably over the contractual term. Premium support and maintenance and other Singularity Modules are distinct from subscriptions and are recognized ratably over the term as the performance obligations are satisfied.

We invoice our customers upfront upon signing for the entire term of the contract, periodically, or in arrears. Most of our contracts have a term of one to three years.

Cost of Revenue

Cost of revenue consists primarily of third-party cloud infrastructure expenses incurred in connection with the hosting and maintenance of our platform. Cost of revenue also consists of personnel-related costs associated with our customer support and services organization, including salaries, benefits, bonuses, and stock-based compensation, amortization of capitalized internal-use software, software and subscription services used by our customer support and services team, and allocated overhead costs.

Our third-party cloud infrastructure costs are driven primarily by the number of customers, the number of endpoints per customer, the number of modules, and the incremental costs for storing additional data collected for such cloud modules. We plan to continue to invest in our platform infrastructure and additional resources in our customer support and services organization as we grow our business. The level and timing of investment in these areas could affect our cost of revenue from period to period.

Operating Expenses

Our operating expenses consist of research and development, sales and marketing, and general and administrative expenses. Personnel related expenses are the most significant component of operating expenses and consist of salaries, benefits, bonuses, stock-based compensation, and sales commissions. Operating expenses also include allocated facilities and IT overhead costs.

Research and Development

Research and development expenses consist primarily of employee salaries, benefits, bonuses, and stock-based compensation. Research and development expenses also include consulting fees, software and subscription services, and third-party cloud infrastructure expenses incurred in developing our platform and modules.

We expect research and development expenses to increase in absolute dollars as we continue to increase investments in our existing products and services. However, we anticipate research and development expenses to decrease as a percentage of our total revenue over time, although our research and development expenses may fluctuate as a percentage of our total revenue from period to period depending on the timing of these expenses. In

addition, research and development expenses that qualify as internal-use software are capitalized, the amount of which may fluctuate significantly from period to period.

Sales and Marketing

Sales and marketing expenses consist primarily of employee salaries, commissions, benefits, bonuses, stock-based compensation, travel and entertainment related expenses, advertising, branding and marketing events, promotions, and software and subscription services. Sales and marketing expenses also include sales commissions paid to our sales force and referral fees paid to independent third parties that are incremental expenses to obtain a subscription contract. Such costs are capitalized and amortized over the estimated customer life, and any such expenses paid for the renewal of a subscription are capitalized and amortized over the term of the renewal.

We expect sales and marketing expenses to increase in absolute dollars as we continue to make significant investments in our sales and marketing organization to drive additional revenue, further penetrate the market, and expand our global customer base, but to decrease as a percentage of our revenue over time.

General and Administrative

General and administrative expenses consist primarily of salaries, benefits, bonuses, stock-based compensation, and other expenses for our executive, finance, legal, human resources, and facilities organizations. General and administrative expenses also include external legal, accounting, other consulting, and professional services fees, software and subscription services, and other corporate expenses.

Following the closing of this offering, we expect to incur additional expenses as a result of operating as a public company, including costs to comply with the rules and regulations applicable to companies listed on a national securities exchange, costs related to compliance and reporting obligations, and increased expenses for insurance, investor relations, and professional services. We expect that our general and administrative expenses will increase in absolute dollars as our business grows but will decrease as a percentage of our revenue over time.

Interest Income, Interest Expense, and Other Income (Expense), Net

Interest income consists primarily of interest earned on our cash equivalents and short-term investments.

Interest expense consists primarily of interest on borrowings associated with our loan and security agreement.

Other income (expense), net consists primarily of foreign currency transaction gains and losses.

Provision for (Benefit from) Income Taxes

Provision for (benefit from) income taxes consists primarily of income taxes in certain foreign and state jurisdictions in which we conduct business. We maintain a full valuation allowance against our U.S. deferred tax assets because we have concluded that it is more likely than not that the deferred tax assets will not be realized.

Results of Operations

The following table sets forth our results of operations for the periods presented:


	Year Ended January 31,
	2020		2021
	(in thousands)
Revenue	$	46,474	$
Cost of revenue(1)	18,331
Gross profit	28,143
Operating expenses:
Research and development(1)	36,683
Sales and marketing(1)	51,322
General and administrative(1)	15,122
Total operating expenses	103,127
Loss from operations	(74,984)
Interest income	886
Interest expense	(2,015)
Other income (expense), net	(217)
Loss before provision for income taxes	(76,330)
Provision for income taxes	237
Net loss	$	(76,567)	$

__________________

(1)Includes stock-based compensation expense as follows:


	Year Ended January 31,
	2020		2021
	(in thousands)
Cost of revenue	$	138	$
Research and development	1,686
Sales and marketing	1,034
General and administrative	1,488
Total stock-based compensation expense	$	4,346	$

The following table sets forth the components of our consolidated statements of operations as a percentage of revenue for each of the periods presented:


	Year Ended January 31,
	2020		2021
	(as a percentage of total revenue)
Revenue	100	%	%
Cost of revenue	39
Gross profit	61
Operating expenses:
Research and development	79
Sales and marketing	110
General and administrative	33
Total operating expenses	222
Loss from operations	(161)
Interest income	2
Interest expense	(5)
Other income (expense), net	—
Loss before provision for income taxes	(164)
Provision for income taxes	1
Net loss	(165)	%	%

Comparison of the Years Ended January 31, 2020 and 2021

Revenue


	Year Ended January 31,			Change
	2020		2021	$	%
	(dollars in thousands)
Revenue	$	46,474	$	$	%

Revenue increased $ million or % from $46.5 million for fiscal 2020 to $ million for fiscal 2021, primarily due to the ongoing demand for our platform. The increase was due to new customers, which accounted for approximately % of the increase, and to existing customers, which accounted for % of the increase.

Cost of Revenue, Gross Profit, and Gross Margin


	Year Ended January 31,				Change
	2020			2021	$	%
	(dollars in thousands)
Cost of revenue	$	18,331		$	$	%
Gross profit	$	28,143		$	$	%
Gross margin	61		%	%

Cost of revenue increased by $ million from $18.3 million for fiscal 2020 to $ million for fiscal 2021, primarily due to higher third-party cloud infrastructure expenses from increased data usage of $ million, an increase in personnel-related expenses of $ million as a result of increased headcount, an increase of $ million in allocated overhead costs, and an increase in amortization of capitalized internal-use software of $ million, partially offset by a decrease of $ million in travel costs due to travel restrictions imposed by the COVID-19 pandemic. Gross margin decreased by % to % primarily due to the expansion of our cloud infrastructure related to growing adoption of our platform.

Research and Development


	Year Ended January 31,			Change
	2020		2021	$	%
	(dollars in thousands)
Research and development expenses	$	36,683	$	$	%

Research and development expenses increased from $36.7 million for fiscal 2020 to $ million for fiscal 2021, primarily due to an increase in personnel-related expenses of $ million, including an increase of $ million related to stock-based compensation expense, as a result of increased headcount and an increase of $ million in third-party cloud infrastructure and related expenses. In addition, there was an increase of $ million in consulting and outside services, an increase of $ million in allocated overhead costs, and an increase of $ million in software and subscription services, partially offset by a decrease of $ million in travel costs due to travel restrictions imposed by the COVID-19 pandemic and an increase in internal-use software capitalization of $ million.

Sales and Marketing


	Year Ended January 31,			Change
	2020		2021	$	%
	(dollars in thousands)
Sales and marketing expenses	$	51,322	$	$	%

Sales and marketing expenses increased from $51.3 million for fiscal 2020 to $ million for fiscal 2021 primarily due to an increase in personnel-related expenses of $ million, including an increase of $ million in stock-based compensation expense, as a result of increased headcount, an increase of $ million in advertising and corporate branding costs, an increase of $ million in software and subscription services, an increase of $ million in allocated overhead costs, partially offset by a decrease of $ million in travel and entertainment costs due to travel restrictions imposed by the COVID-19 pandemic.

General and Administrative


	Year Ended January 31,			Change
	2020		2021	$	%
	(dollars in thousands)
General and administrative expenses	$	15,122	$	$	%

General and administrative expenses increased from $15.1 million for fiscal 2020 to $ million for fiscal 2021 primarily due to an increase in personnel-related expenses of $ million, including an increase of $ million in stock-based compensation expense, as a result of increased headcount. In addition, there was an increase of $ million in outside services, primarily related to legal and accounting services to support our growth, an increase of $ million in allocated overhead costs and a $ million increase in software and subscription services, partially offset by a decrease of $ million in travel costs due to travel restrictions imposed by the COVID-19 pandemic.

Interest Income, Interest Expense, and Other Income (Expense), Net


	Year Ended January 31,			Change
	2020		2021	$	%
	(dollars in thousands)
Interest income	$	886	$	$	%
Interest expense	$	(2,015)	$	$	%
Other income (expense), net	$	(217)	$	$	%

Interest income decreased primarily due to decrease in the overall market interest rate. Interest expense decreased primarily due to lower interest rates in connection with the refinancing of our term loan in fiscal 2021. The increase in other income (expense), net is primarily due to a gain of $ million recorded upon the extinguishment of the term loan in fiscal 2021. For more information, see the section titled “–Liquidity and Capital Resources–Debt Obligations.”

Provision for Income Taxes


	Year Ended January 31,			Change
	2020		2021	$	%
	(dollars in thousands)
Provision for income taxes	$	237	$	$	%

The provision for income taxes increased primarily as a result of the increase in foreign taxes related to operations in international subsidiaries.

Liquidity and Capital Resources

Since inception, we have financed operations primarily through proceeds received from sales of equity securities, payments received from our customers, and borrowings under our loan and security agreement, and we have generated operating losses, as reflected in our accumulated deficit of $ million as of January 31, 2021. As of January 31, 2021, our principal source of liquidity was cash, cash equivalents, and short-term investments of $ million.

We believe that our existing cash, cash equivalents, and short-term investments will be sufficient to support working capital and capital expenditure requirements for at least the next 12 months. Our future capital requirements will depend on many factors, including our revenue growth rate, the timing and the amount of cash received from customers, the expansion of sales and marketing activities, the timing and extent of spending to support development efforts, the price at which we are able to purchase third-party cloud infrastructure, expenses associated with our international expansion, the introduction of platform enhancements, and the continuing market adoption of our platform. In the future, we may enter into arrangements to acquire or invest in complementary businesses, products, and technologies. We may be required to seek additional equity or debt financing. In the event that we require additional financing, we may not be able to raise such financing on terms acceptable to us or at all. If we are unable to raise additional capital or generate cash flows necessary to expand our operations and invest in continued innovation, we may not be able to compete successfully, which would harm our business, results of operations, and financial condition.

The following table shows a summary of our cash flows for the periods presented:


	Year Ended January 31,
	2020		2021
	(in thousands)
Net cash used in operating activities	$	(44,424)	$
Net cash used in investing activities	$	(3,187)	$
Net cash provided by financing activities	$	52,770	$

Operating Activities

Our largest source of operating cash is payments received from our customers. Our primary uses of cash from operating activities are for personnel-related expenses, sales and marketing expenses, third-party cloud infrastructure expenses, and overhead expenses. We have generated negative cash flows from operating activities and have supplemented working capital through net proceeds from the sale of equity securities.

Cash used in operating activities primarily consists of our net loss adjusted for certain non-cash items, including stock-based compensation expense, depreciation and amortization, amortization of deferred contract acquisition costs, and changes in operating assets and liabilities during each period.

Cash used in operating activities during fiscal 2020 was $44.4 million, primarily consisting of our net loss of $76.6 million, adjusted for non-cash items of $11.9 million and net cash inflows of $20.3 million provided by changes in our operating assets and liabilities. The main drivers of the changes in operating assets and liabilities were a $46.3 million increase in deferred revenue resulting primarily from increased subscription contracts, a $5.6 million increase in accrued payroll and benefits due to increased headcount, a $2.9 million increase in accounts payable, and a $0.6 million increase in accrued liabilities due to our growth and timing of payments. These amounts were partially offset by a $19.0 million increase in accounts receivable due to an increase in sales, a $14.6 million increase in deferred contract acquisition costs, and a $1.2 million increase in prepaid expenses and other current assets.

Cash used in operating activities during fiscal 2021 was $ million, primarily consisting of our net loss of $ million, adjusted for non-cash items of $ million and net cash inflows of $ million provided by changes in our operating assets and liabilities. The main drivers of the changes in operating assets and liabilities were a $ million increase in deferred revenue, resulting primarily from increased subscription contracts, a $ million increase in accounts payable, a $ million increase in accrued liabilities due to our growth and timing of payments, and a $ million increase in accrued payroll and benefits due to increased headcount. These amounts were partially offset by a $ million increase in accounts receivable due to an increase in sales, a $ million increase in prepaid expenses and other current assets, and a $ million increase in deferred contract acquisition costs.

Investing Activities

Cash used in investing activities during fiscal 2020 was $3.2 million, consisting of $1.7 million of capitalized internal-use software costs, $1.0 million of purchases of property and equipment to support additional office facilities, $0.3 million of purchases of short-term investments, and $0.2 million of purchases of intangible assets.

Cash used in investing activities during fiscal 2021 was $ million, consisting of $ million of purchases of short-term investments, $ million of purchases of property and equipment to support additional office facilities, $ million of purchases of intangible assets, and $ million of capitalized internal-use software costs.

Financing Activities

Cash provided by financing activities during fiscal 2020 was $52.8 million, consisting of $51.9 million of net proceeds from the issuance of our Series D redeemable convertible preferred stock and $0.9 million of proceeds from the exercise of stock options.

Cash provided by financing activities during fiscal 2021 was $ million, consisting of $ million of net proceeds from the issuances of our Series E and F redeemable convertible preferred stock and $ million of proceeds from the exercise of stock options.

Debt Obligations

In May 2018, we entered into a loan and security agreement with a certain lender, which was amended and restated in May 2020, or the Amended Loan and Security Agreement. The Amended Loan and Security Agreement provides a revolving line of credit of up to $45 million, maturing in May 2023. We drew down $20 million on the revolving line of credit in May 2020 and repaid the outstanding amounts borrowed under the loan and security agreement in full. All borrowings under the Amended Loan and Security Agreement are secured by substantially all of our assets. In addition, the terms of the Amended Loan and Security Agreement include certain affirmative covenants that, among other things, require us to maintain certain annual revenue targets during a given covenant period and limit our and our subsidiaries’ abilities to, among other things, dispose of assets, undergo a change in control, merge or consolidate, make acquisitions, incur debt, incur liens, pay dividends, and make investments, in each case subject to certain exceptions.

Contractual Obligations and Commitments

The following table summarizes our contractual obligations as of January 31, 2021:

Payments Due by Period

Total

Less Than 1 Year

1-3 Years

3-5 Years

More Than 5 Years

(in thousands)

Off-Balance Sheet Arrangements

We did not have during the periods presented, and we do not currently have, any off-balance sheet financing arrangements or any relationships with unconsolidated entities or financial partnerships, such as structured finance or special purpose entities, that were established for the purpose of facilitating off-balance sheet arrangements or other contractually narrow or limited purposes.

Quantitative and Qualitative Disclosures About Market Risk

We are exposed to market risk in the ordinary course of our business. Market risk represents the risk of loss that may impact our financial condition due to adverse changes in financial market prices and rates. Our market risk exposure is primarily the result of fluctuations in interest rates and foreign currency exchange rates.

Interest Rate Risk

As of January 31, 2021, we had $ million of cash, cash equivalents, and short-term investments. which consist of money market funds and certificates of deposit. We also had $ million of restricted cash primarily due to outstanding letters of credit established in connection with lease agreements for our facilities. Our cash, cash equivalents, and short-term investments are held for working capital purposes. We do not enter into investments for trading or speculative purposes. We do not believe a 10% increase or decrease in interest rates would have resulted in a material impact to our operating results.

Foreign Currency Exchange Risk

To date, all of our sales contracts have been denominated in U.S. dollars, therefore our revenue is not subject to foreign currency risk. Operating expenses within the United States are primarily denominated in U.S. dollars, while operating expenses incurred outside the United States are primarily denominated in each country’s respective local currency.

The functional currency of our foreign subsidiaries is each country’s respective local currency. Assets and liabilities of the foreign subsidiaries are translated into U.S. dollars at the exchange rates in effect at the reporting date, and income and expenses are translated at average exchange rates during the period, with the resulting translation adjustments directly recorded as a component of accumulated other comprehensive income (loss). Foreign currency transaction gains and losses are recorded in other income (expense), net in the consolidated statements of operations. As the impact of foreign currency exchange rates has not been material to our historical results of operations, we have not entered into derivative or hedging transactions, but we may do so in the future if our exposure to foreign currency becomes more significant. We do not believe a 10% increase or decrease in foreign exchange rates would have resulted in a material impact to our operating results.

Critical Accounting Policies and Estimates

Our consolidated financial statements are prepared in accordance with GAAP. The preparation of consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, expenses, and related disclosures. We base our estimates on historical experience and on various

other assumptions that we believe to be reasonable under the circumstances, and we evaluate our estimates and assumptions on an ongoing basis. Actual results could differ significantly from the estimates made by management. To the extent that there are differences between our estimates and actual results, our future financial statement presentation, financial condition, results of operations, and cash flows will be affected.

The critical accounting policies requiring estimates, assumptions, and judgments that we believe have the most significant impact on our consolidated financial statements are described below.

Revenue Recognition

We recognize revenue in accordance with ASC 606, Revenue from Contracts with Customers.

We consider the terms and conditions of contracts with customers and our customary business practices in identifying contracts. We determine we have a contract with a customer when the contract is approved, the payment terms for the services can be identified, each party’s rights regarding the services to be transferred can be identified, the contract has commercial substance, and we have determined that the customer has the ability and intent to pay. We apply judgment in determining the customer’s ability and intent to pay, which is based on a variety of factors, including the customer’s historical payment experience or, in the case of a new customer, credit and financial information pertaining to such customer.

Our contracts with customers may contain multiple performance obligations, which are accounted for separately if they are capable of being distinct and are distinct in the context of the contract. Contracts that contain multiple performance obligations require an allocation of the transaction price to each performance obligation based on relative standalone selling price, or SSP. We apply judgment in determining SSP for our performance obligations. To determine SSP, we maximize the use of observable standalone sales and observable data, where available. In instances where performance obligations do not have observable standalone sales, we utilize available information that may include but is not limited to product groupings, or applying the expected cost-plus margin approach to estimate the price we would charge if the service was sold separately. Certain sales arrangements may include variable consideration, which is recorded as part of the transaction price if, in our judgment, it is probable that no significant future reversal of cumulative revenue under the contract will occur.

Stock-Based Compensation

Stock-based compensation expense related to equity awards is recognized based on the fair value of the awards on the date of the grant. The fair value of each stock option granted is estimated using the Black-Scholes option pricing model. The related stock-based compensation expense is recognized on a straight-line basis over the requisite service period of the awards. We account for forfeitures related to these awards as they occur.

The use of the Black-Scholes option pricing model requires the input of highly subjective assumptions. These assumptions involve inherent uncertainties and the application of management’s judgment. These assumptions are estimated as follows:

•Fair value of common stock. Because our common stock is not yet publicly traded, we must estimate the fair value of our common stock, as discussed below in the section titled “—Common Stock Valuations."

•Expected term. We determine the expected term based on the average period the options are expected to remain outstanding using the simplified method, calculated as the midpoint of the options’ vesting term and contractual expiration period, until sufficient historical information to develop reasonable expectations about future exercise patterns and post-vesting employment termination behavior becomes available.

•Expected volatility. Since we do not have a trading history of our common stock, we estimate the expected volatility based on the historical volatilities of a group of comparable publicly traded companies.

•Risk-free interest rate. We use the U.S. Treasury yield for our risk-free interest rate for a period that corresponds with the expected term of the award.

•Dividend yield. We utilize a dividend yield of zero, as we do not currently issue dividends and do not expect to issue dividends on our common stock in the foreseeable future.

The following table summarizes the assumptions used in the Black-Scholes option pricing model to determine the fair value of our stock options:


	Year Ended January 31,
	2020		2021
Expected term (years)	6.0
Expected volatility	29.9%–30.7%
Risk-free interest rate	1.4%–2.5%
Dividend yield	—	%

Common Stock Valuations

The fair value of the common stock underlying our equity awards has been determined by our board of directors, with input from management and contemporaneous third-party valuations. Given the absence of a public trading market for our common stock and in accordance with the American Institute of Certified Public Accountants Practice Aid, Valuation of Privately-Held Company Equity Securities Issued as Compensation, our board of directors exercised reasonable judgment and considered numerous objective and subjective factors to determine the best estimate of the fair value of our common stock at each grant date. These factors include:

•contemporaneous third-party valuations of our common stock;

•the prices, rights, preferences, and privileges of our redeemable convertible preferred stock relative to those of our common stock;

•the prices paid for common or redeemable convertible preferred stock sold to third-party investors by us and prices paid in secondary transactions for shares purchased by third-party investors in arms-length transactions;

•the lack of marketability inherent in our common stock;

•our actual operating and financial performance;

•our current business conditions and projections;

•the hiring of key personnel and the experience of our management;

•the likelihood of achieving a liquidity event, such as an initial public offering, a merger, or acquisition of SentinelOne given prevailing market conditions;

•the operational and financial performance of comparable publicly traded companies; and

•the U.S. and global capital market conditions and overall economic conditions.

In determining the fair value of our common stock, we first estimate the fair value of our business using either the income approach, the market approach, or a combination of the income and market approaches. The income approach estimates value based on expectations of future cash flows that we will generate. Future cash flows are then discounted to their present values using a risk-adjusted discount rate. The market approach estimates value based on a comparison of the company to a group of comparable public companies. From the comparable companies, a representative market value multiple is determined and then applied to our financial results to estimate the fair value of our business.

The resulting estimated fair value of our business is then allocated to each class of stock using the Option Pricing Method, or OPM, or a hybrid of the Probability Weighted Expected Return Method, or PWERM, and OPM. Prior to February 1, 2021, the OPM was selected as the principal equity allocation method. For dates near a recent

preferred stock financing, we assessed the value of common stock implied by the price paid for the preferred stock, primarily using an OPM to backsolve the common stock value. Beginning February 1, 2021, we allocated the fair value of our business based on a hybrid of the OPM and the PWERM. Using the PWERM, a probability-weighted analysis of values for our common stock was estimated assuming possible future events for our company, including a scenario assuming we become a publicly traded company and a scenario assuming we continue as a privately held company. A discount for lack of marketability was applied to the resulting per share value to arrive at the fair value of our common stock on a non-marketable basis.

In addition, we also considered any secondary transactions involving our capital stock. In our evaluation of those transactions, we considered the facts and circumstances of each transaction to determine the extent to which they represented a fair value exchange. Factors considered include transaction volume, the number of participants, timing, whether the transactions occurred between willing and unrelated parties, and whether the transactions involved parties with access to our financial information.

Upon completion of this offering, our common stock will be publicly traded, and our board or directors will use the closing price of our common stock as reported on the date of grant to determine the fair value of our common stock.

Based on the assumed initial public offering price per share of $ , which is the midpoint of the offering price range set forth on the cover page of this prospectus, the aggregate intrinsic value of our outstanding stock options as of January 31, 2021 was $ million, with $ million related to vested stock options.

JOBS Act Accounting Election

We are an emerging growth company, as defined in the Jumpstart Our Business Startups, “JOBS,” Act. The JOBS Act provides that an emerging growth company can take advantage of an extended transition period for complying with new or revised accounting standards. This provision allows an emerging growth company to delay the adoption of some accounting standards until those standards would otherwise apply to private companies. We have elected to use this extended transition period until the earlier of the date we (i) are no longer an emerging growth company or (ii) affirmatively and irrevocably opt out of the extended transition period provided in the JOBS Act. As a result, our financial statements may not be comparable to companies that comply with new or revised accounting pronouncements as of public company effective dates.

Recently Issued Accounting Pronouncements

See Note 2 to our consolidated financial statements included elsewhere in this prospectus for more information regarding recently issued accounting pronouncements.

BUSINESS

Overview

Cy·ber·at·tack - Any unauthorized attempt to expose, alter, disable, destroy, steal, or gain data.

Cyberattacks have become the output of military-grade, highly resourced, and automated nation-state and cybercrime operations. We envisioned a revolutionary data and AI paradigm where technology alone could autonomously prevent, detect, and respond to cyberattacks. It is time to fight machine with machine.

It is time for a new cybersecurity paradigm.

Our XDR platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real-time. We build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous. Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform. Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud. In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated. Furthermore, our platform provides visibility across an organization’s digital assets through one console, making it easy and very fast for analysts to search through petabytes of data to investigate incidents and hunt threats. Our Singularity Platform offers multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds.

On each endpoint and cloud workload, we run highly optimized AI models in a single software agent. Our Static AI model predicts file-based attacks of all types, even previously unknown threats, often referred to as “zero-day attacks,” with extreme precision in milliseconds. Our Behavioral AI model maps, monitors, and links all behaviors on the endpoint to create rich, contextual narratives that we call Storylines. These high-fidelity Storylines are continuously evaluated by our Behavioral AI model. When activity is deemed a threat, our software autonomously takes action to kill the attack. Because Storylines contain a complete record of unauthorized changes made during an attack, we are ready to remediate or roll back these changes. The power to turn back time on a

device is unique in the market. It is the ultimate safety net and exemplifies autonomous cybersecurity. Thus, our software eliminates manual, expensive, and time-consuming incident cleanup.

Industry Background

Cybersecurity is fundamentally a data problem. Advances in AI, specifically machine learning, where algorithms use data to make decisions with minimal human intervention, are already revolutionizing fields such as healthcare, advertising, and securities trading. We believe that AI is ripe for revolutionizing cybersecurity.

To achieve fully autonomous cyber defense, organizations need to leverage the petabytes of data being generated from their rapidly growing devices, applications, and IT infrastructure. IDC projects that there will be more data created in the next three years than was created in the last 30 years combined. First, organizations need to ingest, normalize, and correlate petabytes of structured and unstructured data from a myriad of external and internal data in a cost efficient manner. After that, organizations need to apply powerful AI models on this high-fidelity contextual data to automatically detect known and unknown threats, then autonomously remediate and neutralize the threats. It is critical that we harness the power of data and AI to protect our digital way of life.

Stakes are high for organizations and cybercriminals. The exponential growth of sensitive customer and business data has simultaneously made many organizations the target of highly sophisticated cybercriminals. In addition to the intangible cost of data breaches, for companies that experienced breaches of 1 million to 10 million records, the average cost of a data breach is $50 million, according to IBM Security’s Cost of a Data Breach 2020 report.

Cybercriminals are looking for opportunities to exfiltrate data to steal intellectual property or facilitate future attacks, destroy it to disrupt operations or for political gain, or encrypt it to demand ransom for financial gain. To gain access to an organization’s data, cybercriminals target endpoints and applications and deploy a variety of sophisticated methods in the form of attack frameworks, machine learning, weaponized exploits, fileless techniques, and social engineering. According to Cybersecurity Ventures, cybercrime is a massive $6 trillion business. Powered by very large networks of individual attackers distributed worldwide, it is practically infinite in scale and transcends geographical boundaries. In the absence of mechanisms to hold cybercriminals accountable for their actions, efforts to identify and shut down all sources of cybercrime have resulted in a never ending game of whack-a-mole.

As a result, solutions that help strengthen and scale their cyber defenses cost effectively is a top-level priority for organizations today.

Tectonic shifts in IT require a “Zero Trust” operating procedure. With millions of remote laptops accessing thousands of applications running in public, private and hybrid clouds, traditional perimeter-based security controls are bypassed and organizations have to operate in a “Zero Trust” IT environment. Organizations are digitizing and bringing their sensitive data assets online and connecting more devices to their network. As a result, the attack surface has expanded considerably, and the notion of a corporate perimeter protected by firewalls is a relic of the past, making the endpoint the epicenter, and endpoint protection software the first, and last, line of defense. The following tectonic shifts in IT have increasingly left companies vulnerable:

•Rapid adoption of cloud computing. Cloud computing has become a strategic imperative for organizations to accelerate their digital transformation. According to IDC, worldwide spending on cloud services is expected to grow at 15.7% annually from 2020 to 2024, to over $1 trillion. While public cloud services continue to be the largest engine of growth, private clouds are indispensable for mid-size to large organizations, in particular government agencies and companies in regulated industries, that seek enhanced control over their business-critical operations and data. As security and compliance is a shared responsibility model between the cloud infrastructure provider and their customer, organizations are looking for technology solutions that protect their growing cloud workloads while enabling flexible deployment options across public, private and hybrid clouds.

•The operating system landscape is more complex than ever before. The diversification of IT and bring-your-own-device, or BYOD, policies brought Macs and other devices into today’s organizations. IDC’s MarketScape reports that the number of computers that run macOS at U.S.-based companies with 1,000 or more employees increased from 17% in 2019 to 23% in 2021. While Windows remains the dominant operating system for computers, Linux has become widely adopted among organizations to power their business applications and servers. Organizations are looking for cybersecurity solutions that deliver comprehensive defense capabilities and feature parity across a large variety of operating systems, including Windows, macOS, and Linux, without burdening their IT teams.

•Proliferation of connected devices. According to IDC, an estimated 41.4 billion IoT devices will be online in 2025. Many of these devices will have little to no built-in security capabilities. Cybercriminals are increasingly exploiting inherent vulnerabilities in these devices to breach organizations. Unmanaged devices are especially vulnerable. As a result, the attack surface has exploded. Visibility across connected devices and continuous assessment of their risk profile has become a top priority for organizations.

•Remote work is here to stay. The COVID-19 pandemic changed the way most organizations operate, accelerating technology’s role in supporting remote work. The prevalence and speed in which new approaches have been deployed make organizations even more vulnerable. Within days, organizations were forced to enable their employees to work remotely and to dramatically expedite digital transformation plans. The pandemic has accelerated the structural shift towards a more distributed workforce. Gartner found that 82% of company leaders say their organizations plan to let employees continue to work from home at least some of the time, while 47% plan to allow employees to do so all of the time. The growth of remote work has increased the risk of cyberattacks. According to a survey by Ponemon Institute, 42% of respondents said their organizations have no understanding how to protect against cyberattacks due to

remote working. As a result of the accelerated structural shift towards a distributed workforce, organizations are increasingly looking for cybersecurity solutions that safeguard their remote workforces.

Sophisticated cyberattacks circumvent existing security controls. Cyberattacks have evolved from “child’s play” malware into highly sophisticated, organized and large-scale attacks by malicious insiders, criminal syndicates, and nation-states seeking to circumvent existing security controls and undermine critical societal functions through a variety of attacks that are:

•Fast acting. Many attacks, such as Emotet, Maktub and Medusa Locker, take only seconds for adversaries to breach organizations, exfiltrate data, demand ransoms, and disrupt operations. They bypass security controls that are based on the “1-10-60” rule which evangelizes that organizations have one minute to detect, ten minutes to investigate, and 60 minutes to remediate a security breach.

•Stealthy, with long dwell times. Some attacks, such as advanced persistent attacks, or APT, and targeted attacks, are designed to breach the organization and stealthily infiltrate across assets to steal data, facilitate future attacks, or cause other harm over a long period of time, all while operating undetected. The average time to identify and contain a breach is 280 days, according to IBM Security’s Cost of a Data Breach Report 2020, giving threat actors plenty of time to inflict damage. For instance, the recent Sunburst attack that impacted approximately 18,000 organizations across federal, state and local governments and the private sector, used a variety of sophisticated techniques to disguise its operations as it spread laterally within target organizations over many months.

Cybersecurity teams are unable to scale. While the number of connected devices, applications and cyber threats have increased exponentially, organizations are facing an acute shortage of skilled cybersecurity talent. (ISC)2 estimates that approximately three million additional professionals are needed today to adequately defend organizations against cyberattacks worldwide. This is further aggravated by the large number of security solutions that companies have deployed over time, many of which generate large volumes of alerts that security teams have to sift through and make sense of. According to the Enterprise Strategy Group (ESG), around 20% of cybersecurity professionals surveyed identify their top incident response challenge as “keeping up with the volume of alerts.” As a result, despite their often large cybersecurity budgets, organizations continue to become victims of disastrous breaches and cyberattacks. There is no way to resolve this growing resource imbalance without embracing a new, technology-powered, data-driven approach. Out of necessity, organizations are demanding solutions that do not require human intervention to prevent, detect, and remediate cyber threats.

Limitations of Existing Solutions

Key limitations of existing tools are that they:

•Cover a limited spectrum of cyber threats. Existing tools, such as signature-based approaches, human-powered monitoring, application whitelisting and sandboxing, are each effective under limited circumstances, but lack the ability to detect the full spectrum of threats organizations are dealing with. Signature-based approaches can detect attacks that have been seen previously, but are incapable of preventing a wide range of attacks, such as unknown malware, ransomware, modified versions of previously known attacks and exploits of zero day vulnerabilities. In addition, they lack the ability to detect and prevent an increasing number of fileless attacks, that deposit no malware, but instead exploit operating system vulnerabilities and use trusted tools within IT environments, such as Office document macros and PowerShell scripts. Application whitelisting relies on manually creating and updating “always allow” or “always block” rules that strain the limited security resources of an organization and are often rendered obsolete, or are ineffective in detecting attack vectors embedded in legitimate applications. As a result, despite deploying a myriad of point solutions, organizations have continued to suffer huge losses from cyberattacks.

•Utilize AI approaches that rely on humans to power protection mechanisms. First generation AI tools cannot handle the volume, variety and velocity of data that must be ingested and analyzed, in real-time, to be effective in preventing breaches. These tools often rely on ineffective pattern-matching algorithms in the cloud that generate so much “noise” that human intervention is required to extract useful “signals.” Some of those tools transfer the raw data into the public cloud, hoping to leverage the massive compute power available there, but that has not fixed the problem. It has merely shifted the problem elsewhere because AI algorithms are only as intelligent as the quality of the data that they work with as well as the speed at which they operate. Without curated, contextual data, these tools only generate more alerts that need to be analyzed by humans. They cannot take action at machine speed and are thus unable to detect and prevent or stop many fast-acting attacks. Additionally, due to communication latency with the cloud, these tools cannot generate actionable insights in real-time, which is required to stop many current threats. Sunburst and numerous recent breaches have illustrated that these tools are unable to provide the protection that organizations need. Further, because these tools lack the ability to prevent attacks and often do not meet regulatory requirements such as File Integrity Monitoring by themselves, organizations are forced to leave in their antiquated antivirus, software as “crutches” to satisfy auditors.

•Lack long-term data visibility to proactively investigate advanced threats. Existing EDR tools lack the capability to store large sets of historical data cost efficiently, and consequently often only offer limited data retention capabilities. This results in only partial datasets being available for threat hunting and time bound retrospective forensic analysis. Given that the average time to identify and contain a breach is 280 days, limited historical EDR data makes full incident investigation challenging for security personnel, as they are unable to go back in time and see how the attack breached the organization and progressed.

•Struggle to protect complex modern IT environments. Existing tools were not designed to protect today’s multi-cloud, multi-device, multi-OS IT environments. Vendors have extended their existing solutions by bolting on functionalities, which has led to a wide disparity of capabilities across endpoints and operating systems. This has resulted in a patchwork of second class capabilities and a disjointed collection of security tools that significantly increases operational complexity without delivering higher levels of protection. Existing tools further lack the ability to identify unmanaged IoT devices which often have very limited, if any, built-in security capabilities and can be used by attackers to access the networks of target organizations. This lack of unified visibility and control over endpoints, cloud workloads, and IoT devices results in gaps in security coverage for organizations.

•Lack deployment flexibility for organizations. Organizations struggle with the limited deployment methods mandated by existing tools. On-premise tools impose complexity and maintenance burdens on organizations. These tools typically lack the ability to quickly adapt to organizations’ rapidly evolving IT environments, which requires significant upfront investments and configuration and integration efforts. On the other hand, cloud-only cybersecurity vendors are unsuitable for many large and complex enterprises and governments that need private or hybrid cloud solutions to meet their security, regulatory and compliance requirements.

•Inhibit technology workflow automation. Many existing tools lack out-of-the box APIs and rely heavily on professional services, which makes the integration and implementation process long, expensive and often unattainable. The lack of flexible workflow integrations limits organizations’ ability to reduce overhead by automating processes, and to improve their security by ensuring that process steps are done quickly, consistently, and according to their predefined requirements.

Our Revolutionary XDR Approach to Cybersecurity

models are highly accurate, actionable, and autonomous. Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform. Our Static and vector-agnostic Behavioral AI models, which run on the endpoints themselves, provide our customers with protection even when their devices are not connected to the cloud. In the cloud, our Streaming AI detects anomalies that surface when multiple data feeds are correlated. Furthermore, our platform provides visibility across an organization’s digital assets through one console, making it easy and very fast for analysts to search through petabytes of data to investigate incidents and hunt threats. Our Singularity Platform offers multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds.

Key Benefits of our Singularity Platform

Key benefits of our platform include:

•Protects against present and future cyber threats. A combination of our powerful Static AI and Behavioral AI on the device with Streaming AI models in the cloud addresses the full spectrum of attacks in an evolving threat landscape, including ransomware, known and unknown malware, trojans, hacking tools, memory exploits, script misuse, bad macros and “living off the land,” or file-less, attacks. As our on-device machine learning models assess how an endpoint behaves, they are completely independent of the attack vector itself or any further updates and configurations. Our protection coverage against all attacks is further supported by our 100% total accuracy rating in the SE Labs Breach Response Test.

•Enables protection and visibility across all digital assets. Our Singularity Platform provides organizations with our full suite of real-time threat prevention, detection and remediation capabilities across all of their endpoints, cloud workloads, servers, and operating systems, including 17 years of Windows releases, three years of Mac releases, and ten major Linux distributions and many more subversions. Our platform further leverages our agents, combined with passive and active network discovery methods, to provide our customers with organization-wide visibility into all of their network assets, managed and unmanaged. This allows customers to identify potentially vulnerable endpoints and either add protection, or isolate them from the network.

•Provides autonomous protection and remediation. Powered by our AI and Storyline technology, our agents defend and heal endpoints autonomously and in real-time by stopping malicious processes, quarantining, remediating and even rolling back events to surgically keep endpoints clean. Rollbacks are performed autonomously and in real-time, eliminating the need for manual, expensive, and time-consuming incident cleanup.

•Enables facilitated, as well as fully-automated, incident investigation and proactive threat hunting. Our platform gives security teams the ability to search their IT assets for behavioral indicators via a single-click interface. Our deep visibility and contextual data empowers security analysts of all skill levels to run queries at very fast speeds, and quickly understand the root causes behind the most complex threats. Our watchlists further lighten the load on security teams by giving them the ability to schedule customized and fully automated threat hunting searches according to their own criteria.

•Provides a superior customer experience. We put the user at the center of our product development and engineering processes. The combination of our intuitive and clean user interface, our ability to provide context with one click, and our high degree of automation empowers our customers to use our platform independent of their expertise level. As a result, our customers report a 97% Customer Satisfaction Score, which represents the percentage of positive customer survey responses relative to the total number of such responses, demonstrating our commitment to customer experience.

•Delivers rapid time to value. By deploying our Singularity Platform, customers can receive an return on investment of 353% over three years, and a payback period of less than three months according to a 2020 Total Economic Impact study that we commissioned and that was conducted by Forrester Consulting. Our Singularity Platform can be quickly and easily deployed on the diverse IT environments of our customers, and without extensive configuration or maintenance.

Competitive Strengths

Our platform has the following key competitive strengths:

•Recognized market leadership. Our platform provides leading threat protection and visibility capabilities. The following industry and customer recognition is a testament to our capabilities:

◦In the MITRE ATT&CK®2020 assessment, our solution achieved the lowest number of missed detections and the highest number of correlated detections amongst a study of 20 other vendors in our category.

◦In the 2020 Gartner Peer Insights ‘Voice of the Customer’: Endpoint Detection and Response Solutions, we had the highest overall rating (4.8/5) and most verified reviews (123).

•Flexible deployment model. Our Singularity Platform can be deployed on a diverse range of environments that our customers choose, including the public, private or hybrid cloud, making it relevant for organizations of all sizes with varying compliance and regulatory requirements.

•Rich partner ecosystem. We have deep partnerships with many of the leading independent software vendors, or ISVs, alliance partners whom we engage with on joint technology and/or go-to-market strategies; and channel partners, such as distributors, resellers, managed service providers, or MSPs, managed security service providers, or MSSPs, managed detection and response providers, or MDRs, original equipment manufacturers, or OEMs, and incident response firms, or IR firms. Our partner relationships provide us with significantly broader market reach. In particular, we do not currently have a services offering that competes with our IR partners. Therefore, they seek to bring us into remediation situations where their customers often become our customers. As a result, many of our partners act as force multipliers and broaden our market reach.

Our Market Opportunity

•IT Operations Management. A $5.9 billion market in 2021 and growing to $11.1 billion in 2024.

We believe our XDR capabilities position us well to consolidate and unify spend across these categories. Over time, we believe this unification and re-architecture of the prevention, detection and response paradigm will create new opportunities for additional products and features for us.

Growth Strategy

Key elements of our growth strategy include:

•Continue to innovate and enhance our cybersecurity and data platform. We will continue to expand our platform and XDR capabilities and continue to develop new modules to include greater functionality and address additional use cases. As a pioneer in autonomous and AI-based endpoint security, we have established a track record for regularly enhancing our platform with new modules. For example, in 2019, we launched ActiveEDR and Ranger (for IoT) and in February 2020, we launched Singularity Platform to significantly expand our threat coverage. Through our convergence of cybersecurity and data, we intend to bring our customers and prospects a variety of differentiated cybersecurity-first and enhanced data analytics offerings. Having access to some of the world’s top cybersecurity and AI talent through our distributed workforce model and our research and development centers across North America, Israel, Europe, and Asia allows us to continue hiring top technical talent and conduct extensive research and development to maintain our leading position.

•Drive new customer acquisition. As of January 31, 2021, we had over 3,900 customers, from small and medium-sized businesses to Fortune 10 companies. We intend to continue to add new customers through a product-first approach to customer acquisition. This approach enables us to build trusted relationships with a large and rapidly growing group of highly influential managed service and incident response providers, as opposed to creating a dynamic of competition that creates friction between product vendors and service providers. We derive significant customer acquisition benefits from our cloud-delivered platform, which makes it easy to onboard new customers. Through our FedRamp certification, which we received in 2020, we intend to further grow our footprint within the U.S. federal government. We intend to continue to build our relationships with our channel partners, including MSPs, MSSPs, MDRs, OEMs, and IR firms, as well as our alliance partners to expand our market reach.

•Increase adoption within our customer base. We have been successful in our ability to grow revenue from our customer base as they deploy additional endpoints and expand the use of our platform. As we enhance our platform functionality and value proposition, we expect many of our customers to adopt additional

platform functionalities and Singularity Modules to address all of their cybersecurity use cases through the same platform and agent. We have architected our single agent such that we can immediately activate additional modules for our customers on the already deployed agent, so adding increased functionality is seamless for us and our customers. This gives us the ability to show in-product promotions and trials and to drive the expansion of our Singularity Modules, The power of our land-and-expand strategy is evidenced by our 119% dollar-based net retention rate as of January 31, 2020.

•Expand our global footprint. For fiscal 2020, we generated 27% of our revenue outside of the United States. We intend to continue to grow our international customer base by increasing our investments in our international operations. We recently invested and hired for planned expansions in Asia-Pacific and Europe, the Middle East and Africa, and Latin America.

•Expand our total addressable market through acquisitions. Our focus has been on expanding our endpoint protection capabilities from traditional endpoints to incrementally include IoT devices and cloud workloads. We intend to complement our organic investments with acquisitions to successfully execute on our XDR strategy. For example, our recent acquisition of Scalyr has increased our real-time data ingestion and analytics capabilities.

Our Singularity Platform

Our Singularity Platform delivers AI-powered autonomous threat prevention, detection, and response capabilities across an organization’s endpoints, and cloud workloads, enabling seamless and automatic protection against a full spectrum of cyber threats. We built our Singularity Platform to be deployed as a cloud service or in private and hybrid clouds.

Our platform capabilities are connected through three key patented technologies:

•Data Analytics. Our data analytics technology can ingest, correlate, and query petabytes of structured and unstructured data from disparate external and internal sources.

•AI. Our Static, Behavioral, and Streaming AI technologies that run in a distributed manner on our data cloud as well as on every endpoint and every cloud workload we protect.

•Storyline. Our Storyline technology builds a model of real-time running processes and their behaviors, to create rich, contextual data narratives which become the input to our Behavioral AI model. Storyline powers our unified EPP, EDR, XDR, and platform functionalities. It is the foundation of our EPP while providing unprecedented levels of visibility with contextual information for benign and malicious processes. We extend our fundamental protection, visibility and response capabilities well beyond the

endpoint to cloud, and third-party solutions in our Singularity Platform. We designed our platform based on our “design to delight” principle and developed a powerful yet simple and intuitive user experience.

Endpoint Protection

Our next-generation antivirus, technology provides autonomous real-time protection across all operating systems, including Windows, Linux, macOS, and cloud-native and containerized workloads. Our endpoint protection is powered by distributed AI which resides both on devices as well as in the cloud for always-on, machine-speed protection. It is capable of autonomous decision making on the device and stopping threats in milliseconds rather than minutes, hours or even days. We are able to provide superior performance compared to traditional signature-based antivirus tools and earlier next-gen antivirus products with the following three key capabilities:

•Static AI. Our on-device AI model can detect file-based attacks predictively, even those that are previously unknown zero day exploits, with extreme precision in milliseconds. Our Static AI model is the output of a supervised machine learning cycle that is trained on a continuously evolving data set from billions of files coupled with the data from multiple threat intelligence sources, including our proprietary Embedded Threat Intelligence. We achieve industry-leading detection rates by carefully developing and curating training data sets at scale.

•Behavioral AI. Our on-device AI model continuously scores Storylines from the device to precisely classify individual or group behaviors as benign or malicious. The accuracy of our Behavioral AI is powered by the rich contextual information that is encoded in each Storyline that is being scored. As a result, it is attack vector agnostic because it is not limited to any particular pathway used by attackers to penetrate a system, such as zero day vulnerability exploits and living off the land attacks.

•Embedded Threat Intelligence. Our cloud threat intelligence system combines threat information from our data analytics and research teams, Vigilance MDR and IR services, and other commercial and proprietary threat feeds.

Endpoint Detection and Response

Unlike first-generation EDR products that are reactive and mainly focused on collecting data, our ActiveEDR solutions leverages Storylines to reduce analysis time and to automate response actions by:

•Significantly minimizing the time between detection and response through technology automation;

•Enabling on-device behavioral analysis, auto-remediation, and response in a fully autonomous fashion; and

•Reducing analysis time and requirements for specialized skills by providing technology-generated context which would otherwise need to be produced by highly skilled people manually in a time-intensive and error prone fashion.

Our approach “democratizes EDR,” bringing what was once only usable by seasoned analysts to IT professionals of all levels of expertise. We do this without compromising on any EDR functionality sought by power users and advanced security operation centers, or SOCs. From retrospective hunts to remote shells, ActiveEDR excels at visualizing context, pinpointing anomalies, and providing a variety of granular responses.

The main capabilities of ActiveEDR are:

•Deep Visibility Threat Hunting. Deep Visibility Threat Hunting provides an easy-to-use search interface on top of our Deep Visibility dataset. This helps security analysts as they hunt for Indicators of Compromise, or IoCs. The search interface is powered by our S1QL language, a user-friendly and intuitive search language streamlined for threat hunting use cases. Features like query auto-completion, drilldowns that facilitate filtering and sorting, and interactive annotated process tree visualization make it easier for entry level analysts as well as highly skilled analysts to be far more proficient with S1QL than other complex query languages modeled on SQL. As a result, analysts can analyze results faster, review more

alerts, and be more productive with the power of technology. The Storylines shown within Deep Visibility hunts enable one-click responses, which are far easier and faster to execute than manually scripting responses.

•Response Capabilities. Our Singularity Platform offers one of the broadest sets of response actions in the EDR market today. Leveraging Storylines, we automate responses or make them optionally initiated by operators. Our response capabilities include:

◦Kill. Surgically stops the execution of a single process or a whole process group, instantly.

◦Quarantine. Moves and encrypts threat artifacts from the location in which it was found into a special quarantine directory.

◦Remediation. Deletes all files and system changes created by the threat.

◦Remote Shell. Provides full shell capabilities, PowerShell on Windows and Bash on macOS and Linux, directly and securely from the Singularity XDR console. Remote Shell represents a powerful method of responding remotely to events and obtaining additional forensic information.

◦Rollback - Uses Storylines as a manifest to restore files and system changes impacted by a threat from secured VSS snapshots. Rollback undoes changes with a single-button click or automatically, precisely and deterministically reversing threats and restoring devices to a healthy and secure state.

•Storyline Active Response. Our Storyline Active Response, or STAR, gives users the capability to set custom IOC-based rules for real-time analysis, alerting, and automatic response workflows. Our STAR module is also capable of ingesting threat intelligence feeds to enhance and correlate analyses. The STAR module uses Streaming AI technology to match billions of events to tens of millions of IOCs at the time of ingestion. STAR is a threat hunting and workflow orchestration force multiplier. Without STAR, it is difficult for security analysts to keep pace with the number and complexity of emerging threats from an EDR perspective.

◦Data Retention. Modern attacks can take days and weeks to initiate after infiltration. Therefore, it is critical for an EDR solution to provide visibility for extended periods of time. This enhances both retrospective analysis and proactive hunting measures. Our platform has been designed and built to support extended data retention to time periods that far exceed what others are able to offer, and we do so on a cost-efficient basis due to our data retention architecture. We offer data retention up to three years to provide maximum value from our Deep Visibility Threat Hunting module.

Leveraging our data retention capabilities, we constructed Binary Vault to store a copy of every known binary, both benign and malicious, that executes across an enterprise. This enables an optional capability for advanced security analysts to download a copy of any file that has been executed in their environment for forensic review and reverse engineering, and provides them with access to a broader dataset and more complete lookback capabilities than any of our competitors. In addition, this large repository of benign and malicious binaries enables us to continuously improve our AI models.

◦Remote Script Orchestration. In incident response situations, rapid artifact extraction and endpoint state querying across the entire enterprise is critical. Our remote script orchestration module allows concurrent execution of custom and preset scripts across an enterprise, instead of having to triage with a device by device approach. By converging our protection, detection, and response capabilities with remote script orchestration, our platform is the only solution that is needed to respond to a breach.

Cloud Workload Security

As more organizations migrate their workloads to the cloud and re-platform on cloud services, adversaries follow the data. Because these workloads are hosted on public cloud infrastructure, they are even more vulnerable. When organizations move to public cloud infrastructure, a typical assumption is that the cloud service provider takes care of all configuration and security. This is not the case and a lot of responsibility is carried by the organization to

secure OS, middleware, runtime, data and applications. Coupled with standardization of public cloud services with highly accessible APIs and open documentation, this shift leaves a well-marked open door for nefarious actors. Our cloud security offerings have been purpose-built for these novel attack surfaces. We offer our AI-powered Cloud Workload Protection, or CWPP, and Cloud Security Posture Management, or CSPM, to address these threats in the public cloud.

•Cloud Workload Protection Platform

◦EPP and EDR. We offer full-fledged EPP and EDR for servers, virtual machines, and containerized workloads. Our runtime protection delivers prevention, detection, response and hunting functionalities purpose-built for these environments. These capabilities are offered within our single console, streamlining management and meeting anti-malware, regulatory, and compliance needs for server and cloud computing. Our efficient one agent per node architecture supports self-managed Kubernetes and managed Kubernetes services, including AWS EKS, Azure AKS, and Google Cloud GKE.

◦Cloud Application Control. Our Cloud Application Control locks down the running image of servers and containers to prevent configuration drift and protect against unauthorized changes, in line with best practices for cloud workload security. We are one of the few vendors to offer cloud application control. This capability enables cybersecurity and IT teams to continuously regulate changes within their cloud environment, increasing the overall reliability and security of their services.

•Cloud Security Posture Management

◦Cloud Configuration Management Database. For servers running in the cloud, our CWPP Cloud Workload Security module syncs cloud asset information with our Singularity Platform. This cloud asset information captures meta-data of the cloud providers like host, network, application information and tags, which can be used to dynamically group the servers, apply policies, and is used in our reporting module for operational and configuration insights. As cloud environments rapidly expand and contract in terms of server and compute resources, our CCMDB enables proactive management and provides an accurate and real-time operational picture without having to reconcile data from multiple sources.

◦Configuration Audit and Risk Scoring. Organizations migrating to public cloud infrastructure need to secure their workloads by enforcing hardening guidelines for cloud native services. AWS, Azure and Google Cloud provide hundreds of services, many of which come with their own unique security models. There is far more complexity in public cloud security management than organizations had to contend with in their own private data centers. Our planned Configuration Audit Risk Scoring, or CARS, module helps organizations secure their cloud services by automating the controls necessary to secure their cloud footprint. We plan to introduce our CARS module in the second half of 2021.

IoT Security

Our IoT Security modules, which we market and sell under the Ranger brand, leverage the presence of our software in an organization’s network to track assets, create an Enterprise Asset Map, perform network segmentation, deploy our agents to unprotected devices, and provide risk scores. Ranger transforms our agents into an AI powered intelligent scanning mesh. Using passive and active techniques, Ranger discovers connected devices, including virtual machines, containers, and IoT devices such as printers, smart TVs, and thermostats. Our approach delivers network inventory and risk mapping with no additional software or hardware deployment. Ranger has four key component features:

•Rogue Discovery. Enables administrators to identify unprotected or “rogue assets” and verifies our agent is installed on all corporate assets. From a compliance perspective, this feature is useful in ensuring security coverage across large and distributed organizations as well as when integrating newly acquired companies or business units.

•Ranger Insight. Provides in-depth information about each discovered device, including open ports, header and application versions, and vulnerability information. Insight augments traditional vulnerability management programs by providing a clear picture of the inventory and risk in the IoT environment.

•Rogue Control. Creates network segments to restrict access to a corporate network. Much like the features of a network access control, or NAC, solution, Rogue Control prevents unsanctioned devices, such as guest machines, from connecting to authorized networks. Organizations benefit by eliminating the risk of attackers gaining access to and moving laterally within the network.

•Ranger Auto-Deploy. Rapidly deploys our agents using service credentials to unprotected endpoints with no additional IT infrastructure or software. Auto-Deploy provides security teams with complete, instant asset coverage without having to rely on their IT teams’ schedules and priorities to deploy security software.

IT and Security Operations

Our Singularity Platform enables security and IT teams to identify vulnerabilities, fix insecure configurations, and manage endpoints. Vulnerable and mis-configured applications make it easier for attackers to gain entry and evade detection. Addressing these vulnerabilities and mis-configured settings strengthens the security risk profile of our customers. Our platform has the following capabilities:

•Application Inventory. Maintains a software application inventory across an entire organization, by capturing the list of installed applications and their attributes such as their version numbers, install date, and publisher. Our software collects this information in real-time, enabling our customers to easily search and sort through these attributes in a global application inventory view within the console. Customers can quickly perform software frequency analysis and compliance checks.

•Scanless Vulnerability Assessment. Using our real-time organization-wide Application Inventory database, our solution is able to provide highly accurate and dynamic Vulnerability Management information without the need to deploy another solution. We do so by matching version information from our Application Inventory database to the known vulnerabilities published as Common Vulnerability Enumeration, CVE, records.

Most vulnerability scanners rely on three legacy approaches to identify vulnerable applications within their environment. These approaches include uncredentialed scans, credentialed scans, and agent-based scanning methods. Each is flawed for three primary reasons: (i) scans are point-in-time snapshots, not up to date, and lack data completeness, (ii) the operational overhead required to scan, install new software, and rotate passwords is unnecessarily complex and time intensive, and (iii) scans and re-scans can only be conducted periodically as they significantly tax the network and might result in computer crashes if the operating system views the scan as invasive. Our approach is highly accurate, constantly updated, and doesn’t require any new software to be installed or passwords to be managed. This enables our customers to consolidate agents and replace them with a seamless solution to Vulnerability Management.

•Device Control. Allows maximum granularity and flexibility when defining Device Control policies to prevent data exfiltration and malware entry. Our Device Control module supports two main media types: USB and Bluetooth devices. Our Bluetooth Device Control capability augments our IoT capability, limiting pairing with unsanctioned hardware and other wearable devices. We believe the ability to provide granular control for Bluetooth devices in conjunction with other forms of USB media is a competitive differentiator.

•Native OS Host Firewall Control. Leverages native operating system infrastructure to provide an application-aware and location-aware endpoint firewall orchestrator for remote devices. Firewall control provides visibility, malware prevention, and network segmentation by utilizing the native firewall capabilities on Windows, macOS, and Linux devices. With the global workforce working from home and “anywhere” into the foreseeable future, traditional network firewalls have become less effective. Network firewalls are unable to protect users from attacks when they are not on the VPN or within office facilities. With our Singularity Platform, we enable our users to keep their workforce protected, segment their

networks, and block traffic from malicious IPs/C2 servers using the same console that they use to monitor threats.

•File Integrity Monitoring. File Integrity Monitoring, or FIM, gained popularity in the early 2000s as the PCI DSS required the implementation of FIM products to track unauthorized changes to critical system files. The data collected by our Deep Visibility EDR can be used to replace traditional file integrity monitoring solutions. Coupled with STAR, our FIM module is able to automatically alert or remediate unauthorized changes to these files. Organizations use this module to be compliant with PCI DSS and other regulatory requirements while eliminating other agents, products, and spend.

WatchTower

WatchTower is a subscription software offering that provides intelligence-driven, cross-platform threat hunting to help customers adapt to the modern threat landscape through visibility and actionability to novel attacker techniques, global APT, campaigns, and emerging cybercrimes. As we track threat actors globally, WatchTower parses, consolidates, and contextualizes threat intelligence sources and hunts for threats in our customers’ environments. WatchTower distills intelligence down to its most valuable insights, such as a summary bulletin of the threat, its impact on our customers’ organizations, and how the threat can be addressed.

Vigilance MDR

Vigilance MDR leverages the expertise of our in-house security analysts to review, act upon, and document every threat that our Singularity Platform autonomously identifies. It adds a human lens to cybersecurity understanding and augments our customers’ in-house security teams. Due to the autonomous nature of our Singularity Platform, Vigilance MDR requires fewer analysts than other services, while providing rapid response times to threats. Our optional, technology-powered digital forensics analysis and incident response, offering takes Vigilance MDR two steps further and provides customers with a full-service solution.

Foundational Technologies Underlying Our Singularity Platform

•Singularity Data Platform. Our proprietary XDR data lake that seamlessly fuses together the data, access, control, and integration planes of EPP, EDR, CWPP, and IoT security into a centralized platform. With Singularity, organizations gain access to back-end data across the organization through a single solution. It was designed with the goal of optimizing scale, cost and performance - what we call the Golden Ratio of Big Data. This is achieved by the use of innovative data structures, storage systems, and algorithms:

◦Ingest. Our platform is able to ingest structured and unstructured data from any source, with little to no manual configuration and unprecedented speed and scale.

◦Normalize. Aligns every data point to extract the shared elements regardless of origin and to produce true insights.

◦Correlate. We correlate events from multiple sources into Storylines which contains event data, both benign and malicious, in a context-rich format for easy understanding.

◦Analyze. Our Singularity Platform enriches and visualizes every Storyline with information from Threat Intelligence sources, both homegrown and through integrations with third-party intelligence information services.

•Singularity XDR Integrations. Enables customers to seamlessly extend the power of the Singularity Platform across the entire IT stack—regardless of vendor—to automate response actions. Our integrations give customers the flexibility to operate our platform as a platform-as-a-service in their own customized graphical user interface and workflows simply by leveraging over 300 of our robust, well-documented and

easy-to-use APIs. We further provide substantial integrations in the following areas which enables customers to:

◦Threat Intelligence Apps. Ingest third-party and custom threat intelligence feeds and artifacts to enrich forensic detail and create EDR enhancements within our Singularity Platform.

◦SIEM Apps. Ingest our alerts, device details, audit trail logs into the industry’s leading Security Information and Event Management providers such as Splunk, QRadar, and others. This allows customers to take actions on our Singularity Platform from their SIEM interface.

◦Sandboxing Apps. Ingest and detonate samples in third-party sandboxes like Joe Sandbox, VMRay, Hatching, Reversing Labs, and others, and annotate Singularity forensics details with sandbox results.

◦Analytics Apps. Ingest, visualize, and correlate data from leading big data platforms such as PowerBI and Tableau, as well as various structured and unstructured data sources to enhance data understanding within the Singularity Platform.

◦Workflow Automation Apps. Integrate with workflow enhancement solutions from security orchestration, automation and response and IT service management providers such as Palo Alto Networks, Splunk, and ServiceNow, with further customization capabilities for bespoke use cases.

•Multi-tenancy Architecture. Having superior management capabilities in complex environments always was a trade-off of remaining with a legacy vendor rather than adopting a modern technology. Unlike other next-gen providers, our Singularity Platform offers a superior level of management capability and flexibility with tiering, policy inheritance, and customizable Role Based Access Control, or RBAC, from the same console. We offer complete multi-tenancy with four tiers - Global, Account, Site, and Group. Policies set at the higher tier of the hierarchy are automatically inherited by the lower levels, but administrators may override them to create local policies at any tier. We also support fully customizable RBAC that allows organizations to create specific rules controlling console permissions at a granular level. This enables large, distributed teams to work independently while at the same time providing a global view for the CISO and other stakeholders. It further enables our platform adoption by the world’s largest organizations, MSPs, MSSPs, MDRs, OEMs, and IR firms.

Our Singularity Platform Tiers and Modules

We offer our Singularity Platform with a highly flexible deployment model. Our Singularity Platform is primarily hosted in AWS in multiple regions - North America, European Union, Asia Pacific, and AWS GovCloud. We also support deploying our platform in the Google Cloud Platform as well as customers’ on-premise data centers, private, and hybrid cloud environments for organizations with specialized hosting and data sovereignty needs.

Our platform provides full feature parity across Windows, macOS, and Linux. It provides customers with full flexibility through a multi-tier offering priced on a per agent basis, which generally corresponds with an endpoint, server, virtual machine, or host. All our platform tiers further come with a free ransomware warranty of up to $1,000 per endpoint and $1 million per organization. The tiers of our Singularity Platform include:

•Singularity Core. Our entry level security solution for organizations that want to replace antivirus tools with our EPP which we believe is more effective and easier to manage than legacy antivirus and next-gen antivirus products. Singularity Core includes our Static and Behavioral AI models and autonomous threat response and rollback features.

•Singularity Control. Made for organizations seeking best-of-breed security with the addition of our “security suite” features for endpoint management. It provides additional features for control network connectivity, USB and Bluetooth peripherals, and to uncover rogue devices.

•Singularity Complete. Our flagship offering that includes our full suite of product capabilities.

We further offer customers additional functionality through our Singularity Modules. We price our modules as a subscription on a per agent basis:

•Binary Vault. Enables customers to store and download copies of any file that has been executed in their environment for forensic review and reverse engineering.

•Data Retention. Offers data retention upgrades from one month to three years and beyond.

•Cloud Funnel. Allows organizations to export their XDR data in real-time to their private data lakes, whether locally-hosted or in the cloud.

•STAR Premium. Enables custom behavioral and IOC-based rules for real-time analysis, alerting, and automatic response workflows. This module is priced based on the number of STAR rules.

•Ranger (for IoT). Provides organization-wide inventory and control of IoT devices.

•Cloud Workload Security. Extends our EPP, EDR, and XDR features to offer runtime protection for servers and containerized workloads.

•WatchTower. Delivers threat hunting and insights to help customers understand the nature of threats, targeted attacks, threat actors, and risk reduction.

•Vigilance MDR. Enables customers to benefit from world-class SOC operations with customized threat annotation and response. Vigilance MDR helps customers of all sizes augment their cybersecurity staff with a 24/7/365 globally-distributed operation which operates under the industry’s only publicly available SLAs.

Our Team and Core Values

Our Team

As of January 31, 2021, we had over 700 employees worldwide, including over 330 employees in the United States.

Our U.S.-based employees includes team members in all key functions, including go-to-market, customer success, technology, product, and support. Each of our U.S.-offices has a different functional focus but shares a driven, customer-centric culture. Our headquarters in Mountain View, California is where the majority of our executive team, marketing, finance, legal, people and talent, and sales operations is collocated, which supports cross functional collaboration. Our office in Eugene, Oregon hosts our North American customer success and support team, as well as our sales development and inside sales teams. Having these teams together supports a highly collaborative and customer-focused site.

Our office in Tel Aviv, Israel benefits from Israel’s concentration of cybersecurity experts. Our employees in Israel draw from Israel’s deep pool of Israeli military cybersecurity and intelligence experts, product mavens and general technical talent.

Our EMEA and APAC teams cover these regions. Our European head office is in Amsterdam, Netherlands, which we chose for its talent pool, language versatility, diversity, labor and tax laws, and central location in relation to our offices in the United States and Israel.

During the COVID-19 pandemic, we have worked to globally realign our benefits to focus on business continuity and employee well-being. We have built a company that we believe can thrive whether our employees are in offices or remote. We have been very intentional with our efforts to support employees while working from home, and around the various burdens it has placed on our employees’ health and well-being.

None of our employees are represented by a labor union or are a party to a collective bargaining arrangement. We have not experienced any work stoppages and we believe that our employee relations are strong.

Our Culture

Our core values capture our company’s culture and guide our approach on how we build and grow our business with all stakeholders:

•Trust. Be dependable. Conduct yourself with the highest integrity at all times.

•Accountability. Be reliable in all your actions and words. Put customers first. Be the owner.

•OneSentinel. Be passionate about driving team success and collaboration across our company.

•Relentlessness. Act with unwavering purpose and determination in everything you do.

•Ingenuity. Encourage innovative approaches to problem-solving and market leadership. Embrace diverse perspectives. Hustle.

•Community. Be kind to one another. Think about how your actions will affect others. Together.

We value transparent and respectful communication as key components of our continuous feedback culture, something that we view as a key driver of our business success. We believe that our resilience and resourcefulness are essential for our continued growth. We are not afraid of challenges or hard work, and we are committed to succeeding in our shared goals by leading with respect and positivity. We benefit from the varied perspectives that come from our global workforce. We believe in the strengths of diversity and are committed to building out a diverse talent base. We plan to continue investing in hiring employees both in and outside of the United States. We were recently awarded a Top Workplaces 2020 honor by Bay Area News Group and several Best Places to Work 2021 awards by Built In. As of February 26, 2021, we had a 4.9/5.0 rating on Glassdoor, a workplace review website, 99% of respondents would recommend SentinelOne to a friend, and our CEO had a 99% approval rating. Our presence and engagement across all social media platforms continues to grow rapidly, a reflection of the market’s perception of us and our leadership as innovators in the cybersecurity space.

Research and Development

Our research and development organization is responsible for the design, development, testing and delivery of new technologies, features and integrations of our platform, as well as the continued improvement and iteration of our existing products. It is also responsible for operating and scaling our platform including its underlying infrastructure. Our most significant investments are in research and development to drive core technology innovation and bring new products to market. Research and development employees are located primarily in our Israel offices and located remotely.

We have a proven team that constantly works to expand our market, customer and user reach and impact with new, innovative products. As of January 31, 2021, we had approximately 230 employees in our research and development organization. We intend to continue to invest in our research and development capabilities to extend our platform and products.

Our Customers

As of January 31, 2021, we had over 3,900 customers using our Singularity Platform in more than 75 countries. We have key reference customers in many industry verticals that we believe validate our solutions in the market, and our customers range from small and medium-sized organizations to Fortune 10 companies. No single customer accounted for more than % of our revenue in fiscal 2021. For a definition of customer, see the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Business Metrics—Customers with ARR of $100,000 or More.”

Our Go-To-Market Strategy

Our sales and marketing organizations partner to create brand awareness, drive demand, and develop customer relationships to deliver strong sales pipeline coverage and revenue growth.

Sales

We sell subscriptions to our Singularity Platform through our direct sales team, which is composed of field sales and inside sales professionals. Our sales team leverages our global network of channel and alliance partners for prospect access and fulfillment. For specific market segments, our channel partners independently manage the complete sales cycle resulting in a highly scaled and leveraged sales experience. Our sales team also identifies existing customers who may be interested in free trials of additional platform modules, which serves as a powerful driver of our “land and expand” growth model. Through segmenting our sales teams by customer size, we can deploy an efficient and scalable sales model which enables rapid prospect engagement, thorough technology evaluations, and yields lasting customer relationships.

Marketing

Our marketing organization is focused on building our brand reputation, increasing the awareness of our platform, and driving prospect and customer demand. To support these efforts, we deliver broad based brand campaigns to build awareness of our solutions and our company. We also deliver targeted and situational content to demonstrate thought leadership in the security industry, including speaking engagements with the security industry's foremost organizations to provide expert advice, educating the public about the cyber threats, and identifying threat research discoveries that illustrate the business outcomes and differentiation of our solution. We engage in paid media, web marketing, out of home media advertising, industry and trade conferences, analyst engagements, producing whitepapers, demand generation via digital and web, telemarketing, and targeted displacement campaigns. We employ a wide range of digital programs, including search engine marketing, online and social media initiatives, and content syndication to increase traffic to our website and encourage new customers to free trials of our Singularity Platform. Additionally, we engage in joint marketing activities with our channel and alliance partners. Over the past several years, we have experienced significant increases in our brand relevance as demonstrated by coverage in leading global press, analyst publications, website traffic, web demo requests, and channel partner engagement.

Partnership Ecosystem

We work with a number of partners to create “better together” technology solutions for mutual customers, many of which we then leverage in joint go-to-market strategies. These partnerships include many of the leading ISVs, alliance partners, MSPs, MSSPs, MDRs, OEMs, and IR firms. We provide our partners with our differentiated technology and platform to enable them to provide the best security service to their own customers.

Our Singularity Platform offers our partners complete multi-tenancy and a superior level of management capability and flexibility with tiering, policy inheritance, and customizable role-based access control from the same console. Our data model and open architecture enable our partners to rapidly build and innovate across a wide range of use cases and deliver their products on top of our technology. As such, our partners are not our competitors but instead, act as force multipliers for our go-to-market investments.

Our partner integrations deliver more secure solutions and an improved end user experience to their customers. Our ISV and alliance partnerships focus on security analytics, network and infrastructure security, threat platforms and orchestration, automation, and other mainstream technology integrations. In addition, in 2020, we announced a strategic technology and go-to-market partnership with Lenovo that enables Lenovo’s business customers to seamlessly add our Singularity Platform to their purchase of Lenovo hardware. Lenovo and its partner network have also market and sell our Singularity Platform as their only endpoint security offering through their global sales organization.

Singularity Marketplace

Singularity Marketplace is an open application ecosystem that enables customers to seamlessly integrate dozens of applications across five categories — Threat Intelligence, SIEM, Sandboxing, Analytics, and Workflow Automation — into our Singularity Platform. It allows organizations to gain visibility over data across historically disparate security solutions without the need for custom business logic, coding or complex configuration. Singularity XDR Marketplace also allows security teams to drive a unified, orchestrated response among security tools in different domains. As such, it helps organizations adopt a proactive and dynamic security posture by automating response workflows.

Competition

The market for our solutions is competitive and characterized by an evolving IT environment, customer requirements, industry standards and by frequent new product and service offerings and improvements. We compete with an array of established and emerging security solution vendors.

100

Our competitors include the following:

•endpoint security providers, such as CrowdStrike Holdings, Inc. and VMware, Inc.;

•legacy antivirus providers such as McAfee Corp., Symantec (a subsidiary of Broadcom, Inc.), and Microsoft Corporation; and

•providers of general network security products and services who offer a broad portfolio of solutions, such as Palo Alto Networks, Inc.

We compete on the basis of a number of factors, including but not limited to our:

•ability of our technology to detect, prevent, and block threats;

•breadth of our functionality;

•ability to automate threat prevention and remediation with limited human intervention;

•performance of our platform;

•speed of our threat hunting capabilities;

•support for cloud, hybrid, and on-premise deployments;

•support for various operating systems;

•platform data retention capabilities;

•ability to integrate with other participants in the security ecosystem;

•ease of use to deploy, manage, and maintain our platform;

•quality of our MDR service;

•strength of sales, marketing, and channel partner relationships; and

•customer support.

Although certain of our competitors enjoy greater brand awareness and recognition, deep customer relationships, and larger existing customer bases, we believe that we compete favorably with respect to our autonomous and AI-powered threat prevention, detection, response, and hunting capabilities.

Our Facilities

We are headquartered in Mountain View, California, where we occupy over 10,000 square feet of office space pursuant to a lease that expires in June 2027 subject to the terms thereof. Our headquarters was built to reflect our corporate culture, operational needs, and dedication to employee happiness. We lease additional offices in the United States. and around the world, including in Israel, Japan, Korea, United Arab Emirates, and the Netherlands. We believe that our current facilities are adequate to meet our current needs.

Intellectual Property

The protection of our technology and intellectual property is an important aspect of our business. We rely upon a combination of trademarks, trade secrets, know-how, copyrights, patents, confidentiality procedures, contractual commitments, domain names, and other legal rights to establish and protect our intellectual property. We generally enter into confidentiality agreements and invention or work product assignment agreements with our officers, employees, agents, contractors, and business partners to control access to, and clarify ownership of, our proprietary information.

101

As of January 31, 2021, we had 14 issued patents and 11 pending patent applications in the United States and abroad. These patents and patent applications seek to protect our proprietary inventions relevant to our business. These issued patents are scheduled to expire on or around the years between 2037 and 2040 and cover various aspects of our platform and technology.

As of January 31, 2021, we had five trademark registrations in the United States, including registrations for “SentinelOne” and our logo. We also had 28 trademark registrations and applications in certain foreign jurisdictions. Additionally, we are the registered holder of a number of domain names, including sentinelone.com.

Legal Proceedings

BlackBerry Litigation

Starting in October 2019, BlackBerry Corp. and its subsidiary Cylance, Inc., or BlackBerry, filed a total of nine proceedings (seven lawsuits and two arbitrations) against us and certain former BlackBerry employees who joined our company. In these proceedings, BlackBerry alleges that it has viable legal claims as a result of its former employees joining us. Some of these proceedings have been dismissed. The status of each of the currently pending proceedings is discussed below. We believe that BlackBerry’s claims against us in each of these proceedings are without merit and we have vigorously defended against these claims and expect to continue to vigorously defend against these claims. Litigation, however, is inherently uncertain, and any judgment or injunctive relief entered against us or settlement could materially and adversely impact our business, financial condition, operating results, and prospects. In addition, litigation can involve significant management time and attention, and the cost of litigation can be expensive, regardless of outcome.

BlackBerry Corp., et al. v. Coulter, et al. On October 17, 2019, BlackBerry commenced an action captioned BlackBerry Corp., et al. v. Coulter, et al., No. 953-10-19 (Vt. Super. Ct.), or the Vermont Action, against Chris Coulter, an employee on our Vigilance services team. On October 23, 2019, BlackBerry filed an amended complaint that added us as a defendant. The amended complaint asserts claims against us for conspiracy, tortious interference with contract, aiding and abetting breach of fiduciary duties, and misappropriation of trade secrets. The court entered a preliminary injunction order enjoining Mr. Coulter from working for us through February 2021. As a result of the court’s order, Mr. Coulter chose to seek other employment and is no longer employed by us. On January 15, 2021, the court entered an order narrowing the scope of the case and limiting the claims against us in order to avoid conflict with a similar action that was previously filed in California and was dismissed. The Vermont Action is currently pending. On October 25, 2019, BlackBerry commenced an action captioned BlackBerry Corp., et al v. Coulter, et al., No. 2019-0854-JTL (Del. Ch.) against Mr. Coulter and us in Delaware Chancery Court. The court stayed this case pending resolution of the Vermont Action, and on February 7, 2020, BlackBerry voluntarily dismissed without prejudice all claims against Mr. Coulter and us. On December 3, 2019, BlackBerry initiated an arbitration against Mr. Coulter administered by JAMS, an alternative dispute resolution provider, which is currently pending.

BlackBerry Corp., et al. v. Page, et al. On November 18, 2019, BlackBerry commenced an action captioned BlackBerry Corp., et al. v. Page, et al., No. 2019-CP-07-2552 (S.C. Cir. Ct.) against Barnaby Page, a go-to-market employee, and us, in a South Carolina state court. The complaint asserts claims against us for aiding and abetting breach of fiduciary duties, tortious interference with contract, and misappropriation of trade secrets. Following initial discovery, on August 27, 2020, we and Mr. Page filed a joint motion for judgment on the pleadings. That motion is currently pending.

Blackberry Corp. et al. v. Sentinel Labs, Inc., et al. On January 16, 2020, BlackBerry commenced the action captioned, BlackBerry Corp., et al. v. Sentinel Labs, Inc., et al., No. 20CV361950 (Cal. Super. Ct. Santa Clara Cnty.), or the Current California Action, against us and unnamed “Doe” defendants, asserting claims against us for trade secret misappropriation and unfair business practices. We filed counterclaims that, in part, seek to invalidate any agreements allegedly supporting BlackBerry’s claims against its former employees. On December 14, 2020, we filed a motion requesting that BlackBerry sufficiently identify any trade secrets it alleges we misappropriated in accordance with California law. On February 12, 2021, the court granted that motion in part, including striking BlackBerry’s expert testimony and limiting the scope of discovery to customer lists and sales-related information.

102

On March 15, 2021, BlackBerry re-filed a statement identifying its trade secrets to pursue broader claims and discovery. We continue to litigate this action and pursue counterclaims.

BlackBerry Corp., et al. v. Quinn, et al. On February 17, 2020, BlackBerry commenced the action captioned BlackBerry Corp., et al. v. Quinn, et al., No. D-1-GN-20-00096 (Tex. Civ. Ct. – Travis Cnty.) against Sean Quinn, a go-to-market employee, and us, in Texas state court. On August 8, 2020, we and Mr. Quinn moved to stay or dismiss the case in light of the overlapping issues between this case and the Current California Action. On September 21, 2020, the court stayed this case pending resolution of the Current California Action. This lawsuit remains stayed and is pending in abeyance before the Texas court.

Other

We are, and from time to time, we may become involved in legal proceedings or be subject to claims arising in the ordinary course of our business. We are not presently a party to any other legal proceedings that in the opinion of our management, if determined adversely to us, would individually or taken together have a material adverse effect on our business, financial condition or operating results.

Defending such proceedings is costly and can impose a significant burden on management and employees. The results of any current or future litigation cannot be predicted with certainty, and regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources and other factors.

103

MANAGEMENT

Executive Officers, Key Employees, and Non-Employee Directors

The following table provides information regarding our executive officers, key employees, and non-employee directors as of January 31, 2021:

Name

Age

Position(s)

Executive Officers:

Tomer Weingarten

Chairman of the Board of Directors, President, Chief Executive Officer, and Director

David Bernhardt

Chief Financial Officer

Nicholas Warner

Chief Operating Officer

Efraim Harari

Chief Legal and Trust Officer

Key Employees:

Daniel Bernard

Chief Marketing Officer

Divya Ghatak

Chief People Officer

Mark Parrinello

Senior Vice President, Global Sales

Non-Employee Directors:

Charlene T. Begley

Director

Daniel Scheinman

Director

Robert Schwartz

Director

Teddie Wardi

Director

_______________

(1)Member of the audit committee.

(2)Member of the compensation committee.

(3)Member of the nominating and corporate governance committee.

Executive Officers

Tomer Weingarten is our co-founder and has served as our Chief Executive Officer and a member of our board of directors since our inception in January 2013, as our President since November 2018, and as our Chairman of the Board of Directors since March 2021. Before our founding, Mr. Weingarten held various positions, including Vice President of Products, at Toluna Holdings Limited, a technology company that delivers real-time consumer insights, from May 2007 to December 2012, which he joined following the acquisition of Dpolls, a startup he had previously co-founded. Prior to that, Mr. Weingarten co-founded Carambola Media Ltd., a publisher focused platform that creates new ad revenue streams through engaging content formats, where he served as Chief Technology Officer from May 2011 to May 2012. Mr. Weingarten also previously served in various roles at Mckit Systems Ltd., a provider of information and knowledge management systems in Israel, from March 2005 to April 2007. We believe Mr. Weingarten is qualified to serve on our board of directors because of the historical knowledge, operational expertise, leadership, and continuity that he brings to our board of directors as our co-founder and Chief Executive Officer.

David Bernhardt has served as our Chief Financial Officer since September 2020. Prior to joining us, Mr. Bernhardt served in various leadership positions at Chegg, Inc., an educational technology company, including as Vice President of Finance and Principal Accounting Officer, from July 2011 to September 2020. Prior to Chegg, Mr. Bernhardt served in various positions at Palantir Technologies Inc., a data analytics software company, including most recently as its Vice President of Finance and an advisor, from May 2009 to August 2013. Mr. Bernhardt holds a B.S.c. in Finance from Santa Clara University.

Nicholas Warner has served as our Chief Operating Officer since January 2019. Mr. Warner previously served as our Chief Revenue Officer from June 2017 to January 2019. From April 2014 to June 2017, Mr. Warner served in various executive roles at Cylance, Inc., including as Senior Vice President of Worldwide Sales. Mr. Warner served

104

as Worldwide Director of Advanced Technologies, at McAfee Corp., from September 2012 to April 2014. From January 2002 to September 2012, Mr. Warner served in various positions at Websense Inc., a cybersecurity software company now known as Forcepoint LLC, including as Senior Director of Sales, Eastern Region.

Efraim Harari has served as our Chief Legal and Trust Officer since June 2017. Prior to joining us, Mr. Harari served as Vice President of Legal and Business Affairs at Samepage Labs Inc., a collaboration software company acquired by Paylocity Holding Corp. in November 2020, from August 2014 to June 2017. From August 2014 to February 2017, Mr. Harari served as General Counsel of Kerio Technologies, Inc., a communications and security solutions company acquired by GFI Software in January 2017. Prior to Kerio Technologies, Mr. Harari served as Director, Senior Corporate Counsel at Zendesk, Inc., a customer service software company, from August 2011 to August 2014. Mr. Harari holds an LL.B in Law from Bar Ilan University, an L.L.M. in Law from Benjamin N. Cardozo School of Law, and an L.L.M. in Law, Science & Technology from Stanford University Law School.

Key Employees

Daniel Bernard has served as our Chief Marketing Officer since January 2019. Mr. Bernard previously served as our Vice President, Business and Corporate Development from July 2017 to January 2019. Mr. Bernard served as Director of Global Business Development at Cylance Inc. from May 2016 to July 2017. Prior to Cylance, Mr. Bernard served as Channel Partnerships Lead at Dropbox, Inc., a file hosting service company, from April 2014 to May 2016. Mr. Bernard holds a B.S.B.A. in Marketing, International Business and Chinese from Washington University in St. Louis.

Divya Ghatak has served as our Chief People Officer since August 2019 and brings extensive global talent leadership expertise in both private and public companies. Prior to joining us, Ms. Ghatak led HR globally as Vice President, People at Nervo Corp., a publicly traded global medical technology company, from April 2017 to April 2020. Prior to Nervo Corp., Ms. Ghatak served as Chief People Officer at GoodData Corporation, a Data Analytics software company, from December 2013 to October 2017. Previously, Ms. Ghatak led talent and implementation of people strategy at several global business units at Cisco Systems, from June 2007 to October 2013. Since July 2016, Ms. Ghatak serves on the board of directors for Watermark, a non-profit dedicated to increasing the number of women in leadership and an active sponsor of WiCys (Women in Cybersecurity). Ms. Ghatak also represents SentinelOne as an active sponsor of WiCys. Ms. Ghatak is a member of the board of advisors of Findem, Inc., a company that uses an artificial intelligence platform to assist companies in their employee hiring, since February 2021. Ms. Ghatak holds a B.A. in Economics from Delhi University in India and an M.A. in Personnel Management and Industrial Relations, from the Tata Institute of Social Sciences in India.

Mark Parrinello has served as our Senior Vice President of Global Sales since February 2020. Prior to joining us, Mr. Parrinello served as Senior Vice President of Worldwide Sales at Cohesity Inc. from February 2017 to November 2019. From June 2014 to February 2017, Mr. Parrinello served as Vice President of American Sales at Nimble Storage, Inc., a data storage solutions company that was acquired by Hewlett Packard Enterprise Company in April 2017. Mr. Parrinello holds a B.A. in Broadcast Journalism from Arizona State University.

Non-Employee Directors

Charlene T. Begley has served as a member of our board of directors since January 2021. Ms. Begley has served as an independent director and member of the audit committee and management compensation committee of Nasdaq, Inc., a global technology and financial services company, since April 2014. Since April 2017, she has served as an independent director, chairperson of the audit committee, and member of the nomination and Environmental, Social and Governance committee at Hilton Worldwide Holdings Inc., a multinational hospitality company. Earlier in her career, Ms. Begley served in various roles at the General Electric Company, or GE, a diversified infrastructure and financial services company, from June 1988 to December 2013. Ms. Begley served in a dual role as Senior Vice President and Chief Information Officer, as well as President and Chief Executive Officer of GE’s Home and Business Solutions Office, from January 2010 to December 2012. Previously, Ms. Begley served as President and Chief Executive Officer of GE’s Enterprise Solutions group from 2007 to 2009. In addition, Ms. Begley served as President and Chief Executive Officer of GE Plastics and GE Transportation and prior to that led GE’s Corporate Audit staff and served as Chief Financial Officer for GE Transportation and GE Plastics Europe and

105

India. Ms. Begley served as a director at Red Hat, Inc., a software development company, from November 2014 to June 2019 and at WPP plc, a multinational communications, commerce and technology company, from December 2013 to June 2017. Ms. Begley holds a B.S. in Finance from the University of Vermont. We believe Ms. Begley is qualified to serve as a member of our board of directors because of her knowledge of technology and information security companies, and her expertise and experience both in operational management roles and board leadership positions at large, public organizations.

Daniel Scheinman has served as a member of our board of directors since September 2015. Since April 2011, Mr. Scheinman has been an angel investor. From January 1997 to April 2011, Mr. Scheinman served in various roles at Cisco Systems, Inc., a technology and networking company, most recently as Senior Vice President, Cisco Media Solutions Group. He has served as a member of the boards of directors of Arista Networks, Inc., a cloud networking company, since October 2011, and of Zoom Video Communications Inc., a cloud-based video communication company, since January 2013, and currently serves on the boards of directors of several private companies. Mr. Scheinman holds a B.A. in Politics from Brandeis University and a J.D. from the Duke University School of Law. We believe that Mr. Scheinman is qualified to serve as a member of our board of directors because of his extensive leadership and business experience with technology companies, as well as his service on the boards of directors of other privately- and publicly-held companies.

Robert Schwartz has served as a member of our board of directors since September 2015. Since June 2000, Mr. Schwartz has served as Managing Partner at Third Point Ventures LP, a private investment firm. Mr. Schwartz has served as a member of the board of directors of Upstart Holdings Inc., an online lending platform, since 2015, and currently serves on the board of directors of several privately-held companies. Mr. Schwartz also served as a member of the board of directors from 2008 to 2016 of Apigee Corp., a publicly traded API management and predictive analytics software provider that was acquired by Alphabet Inc. in September 2016, and Enphase Energy, Inc., a publicly traded energy technology company, from 2006 to 2016. Mr. Schwartz holds a B.S. in multi-discipline engineering from the University of California, Berkeley. We believe Mr. Schwartz is qualified to serve as a member of our board of directors because of his extensive experience in the venture capital industry, his knowledge of technology companies, and his deep understanding of our business and operations as one of our early investors.

Teddie Wardi has served as a member of our board of directors since May 2019. Since October 2017, Mr. Wardi has served as a Managing Director at Insight Venture Management, L.L.C., a private investment firm. Prior to joining Insight, Mr. Wardi served as a Partner at Atomico (UK) Partners LLP, an international investment firm, from March 2016 to October 2017. Previously, Mr. Wardi served as Vice President at Dawn Capital LLP, a private investment firm, from March 2014 to March 2016. Mr. Wardi co-founded Nervogrid Oy, a software provider acquired by ALSO Holding Ag, and served as Chief Technology Officer from March 2006 to August 2012. Mr. Wardi holds a B.S.c. Business Technology and Finance from Aalto University in Finland and an M.B.A. from Harvard Business School. We believe that Mr. Wardi is qualified to serve as a member of our board of directors because of his extensive leadership and business experience with the venture capital and technology industries.

Family Relationships

There are no family relationships among any of our executive officers or directors.

Code of Business Conduct and Ethics

Our board of directors will adopt, effective prior to the completion of this offering, a code of business conduct and ethics that applies to all of our employees, officers, and directors, including our Chief Executive Officer, Chief Financial Officer, and other executive and senior financial officers. The full text of our code of business conduct and ethics will be posted on the investor relations page on our website. We intend to disclose any amendments to our code of business conduct and ethics, or waivers of its requirements, on our website or in filings under the Exchange Act.

106

Board of Directors

Our business and affairs are managed under the direction of our board of directors. Our board of directors currently consists of five directors. Pursuant to our amended and restated certificate of incorporation, as currently in effect, and the Seventh Amended and Restated Voting Agreement by and among us and other parties, dated October 28, 2020, or our Voting Agreement, our current directors were elected as follows:

•Messrs. Weingarten and Scheinman were elected as the designees nominated by holders of our common stock;

•Ms. Begley was elected as the designee nominated by holders of our common stock and redeemable convertible preferred stock, voting together, as a single class;

•Mr. Schwartz was elected as the designee nominated by holders of our Series B redeemable convertible preferred stock; and

•Mr. Wardi was elected as the designee nominated by holders of our Series D redeemable convertible preferred stock.

Our Voting Agreement will terminate and the provisions of our current amended and restated certificate of incorporation by which our directors were elected will be amended and restated in connection with this offering and, following this offering, there will be no contractual obligations regarding the election of our directors. After this offering, the number of directors will be fixed by our board of directors, subject to the terms of our restated certificate of incorporation and restated bylaws that will become effective immediately prior to the completion of this offering. Each of our current directors will continue to serve as a director until the election and qualification of their successor, or until their earlier death, resignation, or removal.

Classified Board of Directors

Upon the completion of this offering, our board of directors will consist of members and be divided into three classes of directors that will serve staggered three-year terms. At each annual meeting of stockholders, a class of directors will be elected for a three-year term to succeed the same class whose term is then expiring. As a result, only one class of directors will be elected at each annual meeting of our stockholders, with the other classes continuing for the remainder of their respective three-year terms. Our directors will be divided among the three classes as follows:

•the Class I directors will be and , and their terms will expire at the first annual meeting of stockholders to be held after the completion of this offering;

•the Class II directors will be and , and their terms will expire at the second annual meeting of stockholders to be held after the completion of this offering; and

•the Class III directors will be and , and their terms will expire at the third annual meeting of stockholders to be held after the completion of this offering.

Each director’s term continues until the election and qualification of his or her successor, or his or her earlier death, resignation, or removal. Our restated certificate of incorporation and restated bylaws to be in effect upon the completion of this offering will authorize only our board of directors to fill vacancies on our board of directors. Any increase or decrease in the number of directors will be distributed among the three classes so that, as nearly as possible, each class will consist of one-third of the directors. This classification of our board of directors may have the effect of delaying or preventing changes in control of our company. See the section titled “Description of Capital Stock—Anti-Takeover Provisions.”

Director Independence

In connection with this offering, we intend to list our common stock on the . Under the rules of the , independent directors must comprise a majority of a listed company’s board of directors within a specified period

107

after the completion of this offering. In addition, the rules of the require that, subject to specified exceptions, each member of a listed company’s audit, compensation and nominating and governance committees be independent. Under the rules of the , a director will only qualify as an “independent director” if, in the opinion of that company’s board of directors, that person does not have a relationship that would interfere with the exercise of independent judgment in carrying out the responsibilities of a director.

Additionally, compensation committee members must not have a relationship with us that is material to the director’s ability to be independent from management in connection with the duties of a compensation committee member.

Audit committee members must also satisfy the independence criteria set forth in Rule 10A-3 under the Exchange Act. In order to be considered independent for purposes of Rule 10A-3, a member of an audit committee of a listed company may not, other than in his or her capacity as a member of the audit committee, the board of directors or any other board committee: accept, directly or indirectly, any consulting, advisory, or other compensatory fee from the listed company or any of its subsidiaries; or be an affiliated person of the listed company or any of its subsidiaries. We intend to satisfy the audit committee independence requirements of Rule 10A-3 as of the completion of this offering.

Our board of directors has undertaken a review of the independence of each director and considered whether each director has a material relationship with us that could compromise his or her ability to exercise independent judgment in carrying out his or her responsibilities. As a result of this review, our board of directors determined that are “independent directors” as defined under the applicable rules and regulations of the SEC and the listing requirements and rules of the . In making these determinations, our board of directors reviewed and discussed information provided by the directors and by us with regard to each director’s business and personal activities and relationships as they may relate to us and our management, including the beneficial ownership of our common stock by each non-employee director and the transactions involving them described in the section titled “Certain Relationships and Related Party Transactions.”

Lead Independent Director

Our board of directors will adopt, effective prior to the completion of this offering, corporate governance guidelines that provide that one of our independent directors will serve as our lead independent director. Our board of directors has appointed to serve as our lead independent director. As lead independent director, will provide leadership to our board of directors if circumstances arise in which the role of Chief Executive Officer and chairperson of our board of directors may be, or may be perceived to be, in conflict, and perform such additional duties as our board of directors may otherwise determine and delegate.

Committees of the Board of Directors

Our board of directors has an audit committee, a compensation committee and a nominating and governance committee, each of which, pursuant to its respective charter, will have the composition and responsibilities described below upon the completion of this offering. Following the completion of this offering, copies of the charters for each committee will be available on the investor relations portion of our website. Members serve on these committees until their resignation or until otherwise determined by our board of directors.

Audit Committee

Our audit committee is composed of . is the chair of our audit committee. The members of our audit committee meet the independence requirements under and SEC rules. Each member of our audit committee is financially literate. In addition, our board of directors has determined that is an “audit committee financial expert” as that term is defined in Item 407(d)(5)(ii) of Regulation S-K promulgated under the Securities Act. This designation does not, however, impose on him or her any supplemental duties, obligations or liabilities beyond those

108

that are generally applicable to the other members of our audit committee and board of directors. Our audit committee’s principal functions are to assist our board of directors in its oversight of:

•selecting a firm to serve as our independent registered public accounting firm to audit our financial statements;

•ensuring the independence of the independent registered public accounting firm;

•discussing the scope and results of the audit with the independent registered public accounting firm, and reviewing, with management and that firm, our interim and year-end operating results;

•establishing procedures for employees to anonymously submit concerns about questionable accounting or audit matters;

•considering the adequacy of our internal controls and internal audit function;

•reviewing related party transactions that are material or otherwise implicate disclosure requirements; and

•approving, or as permitted, pre-approving all audit and non-audit services to be performed by the independent registered public accounting firm.

Compensation Committee

Our compensation committee is composed of . is the chair of our compensation committee. The members of our compensation committee meet the independence requirements under and SEC rules. Each member of this committee is also a “non-employee director” within the meaning of Rule 16b-3 under the Exchange Act. Our compensation committee is responsible for, among other things:

•reviewing and approving, or recommending that our board of directors approve, the compensation of our executive officers;

•reviewing and recommending to our board of directors the compensation of our non-employee directors;

•reviewing and recommending to our board of directors the terms of any compensatory agreements with our executive officers;

•administering our stock and equity incentive plans;

•reviewing and approving, or making recommendations to our board of directors with respect to, incentive compensation and equity plans; and

•establishing our overall compensation philosophy.

Nominating and Governance Committee

Our nominating and governance committee is composed of . is the chair of our nominating and governance committee. The members of our nominating and governance committee meet the independence requirements under and SEC rules. Our nominating and governance committee’s principal functions include:

•identifying and recommending candidates for membership on our board of directors;

•recommending directors to serve on board committees;

•reviewing and recommending to our board of directors any changes to our corporate governance guidelines;

•reviewing proposed waivers of the code of conduct for directors and executive officers;

•overseeing the process of evaluating the performance of our board of directors; and

109

•advising our board of directors on corporate governance matters.

Compensation Committee Interlocks and Insider Participation

None of the members of the compensation committee is currently, or has been at any time, one of our officers or employees. None of our executive officers has served as a member of the board of directors, or as a member of the compensation or similar committee, of any entity that has one or more executive officers who served on our board or compensation committee during fiscal 2021.

Non-Employee Director Compensation

Our employee director, Tomer Weingarten, did not receive any compensation for his service as a director for fiscal 2021. All compensation paid to Mr. Weingarten, our only employee director, is set forth below in the section titled “Executive Compensation—Fiscal 2021 Summary Compensation Table.” We did not pay any fees to, make any equity awards or non-equity awards to, or pay any other compensation to the non-employee members of our board of directors in fiscal 2021.

In February 2021, we granted Ms. Begley, who was appointed to our board of directors in January 2021, an option to purchase 33,000 shares of common stock as compensation for Ms. Begley’s service as a member of our board of directors. This stock option is subject to the terms of our 2013 Plan and vests in equal monthly installments over four years beginning in December 2020. In the event of a change of control (as this term is defined in the applicable stock option agreement), all of the unvested shares subject to this option will become immediately vested and exercisable as of the date of the date immediately prior to the change of control.

Outside Director Compensation Policy

Before this offering, we did not have a formal policy to provide any cash or equity compensation to our non-employee directors for their service on our board of directors or committees of our board of directors. In connection with this offering, our board of directors expects to approve a non-employee director compensation policy, pursuant to which our non-employee directors will be eligible to receive certain cash retainers and equity awards.

Employee directors will receive no additional compensation for their service as a director.

110

EXECUTIVE COMPENSATION

Our named executive officers, consisting of our principal executive officer and the next two most highly compensated executive officers, as of January 31, 2021, were:

•Tomer Weingarten, our Chairman of the Board of Directors, President, Chief Executive Officer, and Director;

•David Bernhardt, our Chief Financial Officer; and

•Nicholas Warner, our Chief Operating Officer.

Summary Compensation Table

The following table presents summary information regarding the total compensation for services rendered in all capacities that was awarded to, earned by or paid to our named executive officers for fiscal 2021.


Name and Principal Position	Salary ($)	Option Awards ($)(1)	Bonus ($)(2)	Total ($)
Tomer Weingarten, Chairman of the Board of Directors, President, and Chief Executive Officer	316,667		200,000
David Bernhardt, Chief Financial Officer	115,952(3)		61,817
Nicholas Warner, Chief Operating Officer	350,000		385,000

________________

(1)The amounts presented represent the aggregate grant-date fair value of the stock options awarded to the named executive officer during fiscal 2021 in accordance with FASB Accounting Standards Codification Topic 718. The assumptions used in calculating the grant-date fair value of the stock options reported in the “Option Awards” column are set forth in Note 9 to our consolidated financial statements included in this prospectus. Such grant-date fair value does not take into account any estimated forfeitures related to service-based vesting conditions.

(2)The amounts presented represent discretionary bonuses paid for contributions to the company’s performance.

(3)Represents a partial year as Mr. Bernhardt joined us in September 2020.

Outstanding Equity Awards at Fiscal 2021 Year-End

The following table presents, for each of our named executive officers, information regarding outstanding stock options held as of January 31, 2021.


	Option Awards
Name	Grant Date(1)	Number of Securities Underlying Unexercised Options (#) Exercisable	Number of Securities Underlying Unexercised Options (#) Unexercisable	Option Exercise Price ($)(2)	Option Expiration Date
Tomer Weingarten	3/8/2019	395,312	429,688(3)	1.20	3/7/2029
	3/27/2020	750,000	2,250,000(4)	2.27	3/27/2030
David Bernhardt	10/1/2020	—	2,051,996(5)	3.02	10/1/2030
Nicholas Warner	8/1/2017	1,022,203	180830(6)	0.65	7/31/2027
	5/31/2018	416,025	48,375(7)	0.65	5/30/2028
	3/8/2019	179,687	195,313(8)	1.20	3/7/2029
	7/22/2020	125,000	875,000(9)	2.27	7/22/2030

_________________

(1)All of the outstanding equity awards were granted under our 2013 Plan, unless otherwise indicated.

(2)This column represents the fair value of a share of our common stock on the grant date, as determined by our board of directors.

(3)This stock option vests monthly over 48 months in equal installments starting on February 1, 2019, subject to continued service through the applicable vesting date.

111

(4)This stock option vests monthly over 48 months in equal installments starting on January 22, 2020, subject to continued service through the applicable vesting date. In the event of a change of control, or if Mr. Weingarten’s service is terminated by us or a successor company without cause or by Mr. Weingarten for good reason (each as defined in the 2013 Plan), 50% of the total shares subject to the option shall vest and become exercisable immediately. Upon a termination without cause or a resignation for good reason following a change of control, all remaining unvested shares subject to the option shall immediately vest and become exercisable.

(5)25% of the shares subject to this stock option will vest on September 8, 2021, subject to continued service through the applicable vesting date. The remainder of the shares will vest in equal monthly installments over 36 months thereafter. In the event of a change of control, 50% of the total shares subject to the option shall vest and become exercisable immediately. Additionally, if Mr. Bernhardt’s service is terminated by us or a successor company without cause or by Mr. Bernhardt for good reason, within one year following a change of control, 100% of the then-unvested shares of subject to the stock option shall immediately vest.

(6)25% of the shares subject to this stock option vested on May 12, 2018, subject to continued service through the applicable vesting date. The remainder of the shares vest in equal monthly installments over 36 months thereafter. In the event of a change of control, 75% of the total shares subject to the option shall vest and become exercisable immediately prior to the closing of such change of control. Additionally, if Mr. Warner’s service is terminated by us or a successor company without cause or by Mr. Warner for good reason, within one year following a change of control, 100% of the then-unvested shares of subject to the stock option shall immediately vest.

(7)25% of the shares of subject to this stock option vested on June 12, 2018, subject to continued service through the applicable vesting date. The remainder of the shares vest in equal monthly installments over 36 months thereafter. In the event of a change of control, 75% of the total shares subject to the option shall vest and become exercisable immediately prior to the closing of such change of control. Additionally, if Mr. Warner’s service is terminated by us or a successor company without cause or by Mr. Warner for good reason, within one year following a change of control, 100% of the then-unvested shares subject to the stock option shall immediately vest.

(8)This stock option vests monthly over 48 months in equal installments starting on February 1, 2019, subject to continued service through the applicable vesting date. In the event of a change of control, 75% of the total shares subject to the option shall vest and become exercisable immediately prior to the closing of such change of control. Additionally, if Mr. Warner’s service is terminated by us or a successor company without cause or by Mr. Warner for good reason, within one year following a change of control, 100% of the then-unvested shares of the option shall immediately vest.

(9)This stock option vests monthly over 48 months in equal installments starting on July 1, 2020, subject to continued service through the applicable vesting date. In the event of a change of control or Mr. Warner’s termination without cause by us or by Mr. Warner for good reason, 50% of the total shares subject to the option shall vest and become exercisable. Additionally, if Mr. Warner’s service is terminated by us or a successor company without cause or by Mr. Warner for good reason following a change of control, 100% of the then-unvested shares subject to the stock option shall immediately vest.

Executive Employment Agreements

Prior to the completion of this offering, we intend to enter into an employment letter setting forth the terms and conditions of employment for each of our named executive officers as described below.

Tomer Weingarten

Prior to the completion of this offering, we intend to enter into a confirmatory employment letter agreement with Mr. Weingarten. The letter agreement is not expected to have a specific term and will provide that Mr. Weingarten is an at-will employee. Mr. Weingarten’s current annual base salary is $400,000.

David Bernhardt

Prior to the completion of this offering, we intend to enter into a confirmatory employment letter agreement with Mr. Bernhardt. The letter agreement is not expected to have a specific term and will provide that Mr. Bernhardt is an at-will employee. Mr. Bernhardt’s current annual base salary is $300,000.

Nicholas Warner

Prior to the completion of this offering, we intend to enter into a confirmatory employment letter agreement with Mr. Warner. The letter agreement is not expected to have a specific term and will provide that Mr. Warner is an at-will employee. Mr. Warner’s current annual base salary is $350,000.

112

Potential Payments upon Termination or Change of Control

Prior to the completion of this offering, we anticipate adopting arrangements for our executive officers, including our named executive officers, that provide for payments and benefits on termination of employment or upon a termination in connection with a change of control.

Employee Benefit and Stock Plans

2011 Stock Incentive Plan

We assumed the 2011 Plan in February 2021 in connection with our acquisition of Scalyr pursuant to that certain Agreement and Plan of Merger and Reorganization by and among us, Scalyr and certain other parties, dated February 6, 2021, or the Merger Agreement.

Assumption of outstanding awards. Pursuant to the Merger Agreement, we assumed all options to purchase shares outstanding under the 2011 Plan that were unexpired and unexercised as of the closing of the transactions contemplated by the Merger Agreement, or options as of February 9, 2021. Each such assumed option may be exercised solely for a number of shares of our common stock equal to the number of shares of Scalyr subject to the option immediately prior to the closing, multiplied by the exchange ratio set forth in the Merger Agreement. The exercise price per share under each such assumed option was adjusted by dividing the per share exercise price under such option by the exchange ratio set forth in the Merger Agreement. All outstanding rights to repurchase restricted shares or similar rights in favor of Scalyr prior to the closing of the transactions contemplated by the Merger Agreement are assigned to and exercisable by us on the same conditions as in effect immediately prior to the closing. No additional grants will be made under the 2011 Plan, but the assumed options will continue to be subject to its terms.

Administration. Our board of directors administers the 2011 Plan and the awards granted thereunder. Subject to the terms of the 2011 Plan, our board of directors has the authority to interpret the 2011 Plan and to take all actions necessary or advisable for the administration of the 2011 Plan.

Eligibility. The 2011 Plan provided for the grant of both incentive stock options, or ISOs, which qualify for favorable tax treatment to their recipients under Section 422 of the Internal Revenue Code, and nonqualified stock options, or NQSOs, as well as for the issuance of restricted share awards. Only employees were eligible to receive ISOs. Employees, consultants, and outside directors were eligible to receive NQSOs and restricted share awards. We refer to employees, consultants, and outside directors who received awards under our 2011 Plan as participants. As of February 9, 2021, no additional grants will be made under our 2011 Plan.

Options. The 2011 Plan provides that the exercise price of each stock option must be at least equal to the fair market value of our common stock on the date of grant. However, the exercise price of any ISO granted to a participant who owns more than ten percent of the total combined voting power of all classes of our capital stock, directly or by attribution, must be at least equal to 110% of the fair market value of our common stock on the date of grant. The maximum permitted term of options granted under the 2011 Plan is ten years from the date of grant, except that the maximum permitted term of ISOs granted to a participant who owns more than ten percent of the total combined voting power of all classes of our capital stock, directly or by attribution, is five years from the date of grant. In the event of a participant’s termination of service other than due to “cause,” “death,” and “disability” (as defined in the 2011 Plan), any portion of a participant’s option that is vested and exercisable will generally expire on the date that is thirty days after such termination. In the event of a participant’s termination of service due to disability, or death, any portion of a participant’s option that is vested and exercisable will generally expire on the date that is six months after such termination. Stock options generally terminate upon a participant’s termination of employment for cause.

Limited transferability. Unless otherwise determined by our board of directors, option awards granted under the 2011 Plan generally may not be transferred or assigned in any manner other than by beneficiary designation, will, or the laws of descent and distribution. Restricted share awards granted under the 2011 Plan are generally subject to transfer restrictions and repurchase provisions as determined by our board of directors.

113

Change in control. In the event of a “change in control” (as defined in our 2011 Plan), our board of directors may, in its sole discretion, provide for accelerated vesting or exercisability of outstanding awards, subject to the following restrictions: (i) the exercisability of options granted to participants for service as outside directors will be accelerated in full upon a change in control, and (ii) our right of repurchase with respect to restricted share awards granted to participants for service as outside directors will lapse upon a change in control.

In the event of a merger, consolidation, or sale of all or substantially all of our stock or assets, each outstanding option will be treated as set forth in the definitive transaction agreement without the participant’s consent, which transaction agreement may provide for (i) the continuation of the outstanding options by us, if we are a surviving corporation, (ii) the assumption of the 2011 Plan and outstanding options by the surviving corporation or its parent, (iii) the substitution by the surviving corporation or its parent of options with substantially the same terms for such outstanding options, (iv) immediate exercisability of such outstanding options followed by the cancellation of such options, and/or (v) settlement of the intrinsic value of the outstanding options (whether or not then exercisable) in cash or cash equivalents or equity (including cash or equity subject to deferred vesting and delivery consistent with the vesting restrictions applicable to such options or the underlying shares) followed by the cancellation of such options.

Adjustments. In the event of a subdivision of our outstanding stock, a declaration of a dividend payable in shares, a declaration of an extraordinary dividend payable in a form other than shares in an amount that has a material effect on the fair market value of our stock, a combination or consolidation of the outstanding stock into a lesser number of shares, a recapitalization, a spin-off, a reclassification, or a similar occurrence, our board of directors will make appropriate adjustments to the following: (i) the number of shares available for future awards, (ii) the number of shares covered by each outstanding option, (iii) the exercise price of each outstanding option, and (iv) the price of shares subject to our right of repurchase. The determination by our board of directors as to the terms of any of the foregoing adjustments will be conclusive and binding.

Amendment; termination. Our board of directors may amend, suspend, or terminate the 2011 Plan at any time, provided that certain amendments or terminations will require stockholder approval or participant consent. To the extent not previously exercised or settled, outstanding options will terminate immediately prior to a dissolution or liquidation of us.

2013 Equity Incentive Plan

Our 2013 Plan was initially adopted by our board of directors in June 2013 and approved by our stockholders in July 2013.

Share reserve. As of January 31, 2021, we had shares of our common stock reserved for issuance pursuant to grants under our 2013 Plan, of which remained available for grant. As of January 31, 2021, options to purchase shares had been exercised and options to purchase shares remained outstanding, with a weighted-average exercise price of $ per share. No other types of awards have been granted under our 2013 Plan. Our 2013 Plan will terminate on the date that the 2021 Plan becomes effective (as described below) and no additional grants will be made pursuant to our 2013 Plan following its termination. However, any outstanding options or shares of restricted stock will remain outstanding until they are exercised or are terminated in accordance with the terms of our 2013 Plan and the applicable award agreements evidencing such awards.

Administration. Our board of directors administers our 2013 Plan and the awards granted thereunder. Subject to the terms of our 2013 Plan, our board of directors has the authority to, among other things, select the persons to whom awards will be granted, interpret our 2013 Plan as well as to establish rules and regulations relating to our 2013 Plan.

Eligibility. Our 2013 Plan provides for the grant of both ISOs, which qualify for favorable tax treatment to their recipients under Section 422 of the Internal Revenue Code, and NQSOs, as well as for the issuance of restricted stock units, or RSUs, restricted stock agreements, or RSAs, or stock appreciation rights, or SARs, and cash-based awards or other incentives payable in cash or in shares as the board may designate from time to time. We may grant ISOs only to our employees. We may grant NQSOs, RSUs, RSA’s, and SARs and other cash-based awards or

114

incentives payable in cash or shares to our employees, directors, and consultants. We refer to employees, directors or consultants who receive an award under our 2013 Plan as participants.

Options. Our 2013 Plan provides that the exercise price of each stock option must be at least equal to the fair market value of our common stock on the date of grant. However, the exercise price of any ISO granted to a participant who owns more than ten percent of the total combined voting power of all classes of our capital stock, directly or by attribution, must be at least equal to 110% of the fair market value of our common stock on the date of grant. The maximum permitted term of options granted under our 2013 Plan is ten years from the date of grant, except that the maximum permitted term of ISOs granted to a participant who owns more than ten percent of the total combined voting power of all classes of our capital stock, directly or by attribution, is five years from the date of grant. In the event of a participant’s termination of service other than due to “cause,” “retirement,” “disability,” or “death” (as such terms are defined in our 2013 Plan), any portion of a participant’s option that is vested and exercisable will generally expire on the date that is three months after such termination. In the event of a participant’s termination of service due to retirement, disability, or death, any portion of a participant’s option that is vested and exercisable will generally expire on the date that is one year after such termination. Stock options generally terminate upon a participant’s termination of employment for cause.

RSAs and RSUs. Our 2013 Plan provides for the grant of RSAs and RSUs, with terms as generally determined by our board of directors and to be set forth in an award agreement. Among other terms and conditions, we may retain an option to repurchase the unvested restricted stock at any time following the holder’s termination of service.

Stock appreciation rights. Our 2013 Plan provides for the grant of SARs at a stated exercise price. The exercise value of a SAR is based upon the difference between the fair market value of our common stock on the date of exercise and a pre-determined exercise price, multiplied by the number of shares with respect to which the SAR is being exercised. Our board of directors will determine the vesting schedule applicable to each SAR. The maximum permitted term of SARs granted under our 2013 Plan is ten years from the date of grant.

Limited transferability. Unless otherwise determined by our board of directors, awards granted under our 2013 Plan generally may not be transferred or assigned in any manner other than by will or the laws of descent and distribution, except to the extent participants designate one or more beneficiaries on our approved form who may exercise or receive payment under an award after the participant’s death.

Change of control. In the event of a “change of control” (as defined in our 2013 Plan), each outstanding award will be treated as determined by our board of directors without a participant’s consent, including, without limitation, that (i) awards shall be converted, assumed, substituted for or replaced by the “successor company” (as defined in our 2013 Plan), (ii) awards will terminate upon or immediately prior to the change of control, (iii) awards will become vested and exercisable or payable, and all applicable restrictions or forfeiture provisions shall lapse, in whole or in part, as determined by our board of directors, upon or immediately prior the change of control, and, to the extent our board of directors determines, such awards will terminate upon or immediately prior to such change of control, (iv) awards will terminate upon or immediately prior to the change of control in exchange for a cash payment equal to the amount (if any) by which (x) the “acquisition price” (as defined in our 2013 Plan) multiplied by the number of shares of our common stock subject to such outstanding awards (either to the extent then vested and exercisable, or subject to restrictions and/or forfeiture provisions, or whether or not then vested and exercisable, or subject to restrictions and/or forfeiture provisions, as determined by our board of directors in its sole discretion) exceeds (y) if applicable, the respective aggregate exercise, grant, or purchase price payable with respect to shares of our common stock subject to such awards, or (v) any combination of the foregoing.

Awards will be considered converted, assumed, substituted for, or replaced by the successor company if following the change of control the award confers the right to purchase or receive, for each share of our common stock subject to the award immediately prior to the change of control, the consideration (whether stock, cash, or other securities or property) received in the change of control by holders of our common stock for each share held on the effective date of the transaction (and if holders were offered a choice of consideration, the type of consideration chosen by the holders of a majority of the outstanding shares); provided, however, that if such consideration received in the change of control is not solely common stock of the successor company, our board of directors may, with the consent of the successor company, provide for the consideration to be received pursuant to the award, for

115

each share of our common stock subject thereto, to be solely common stock of the successor company substantially equal in fair market value to the per share consideration received by holders of common stock in the change of control. The determination of such substantial equality of value of consideration shall be made by our board of directors, and its determination shall be conclusive and binding.

Adjustments. In the event, at any time or from time to time, a stock dividend, stock split, spin-off, combination or exchange of shares, recapitalization, merger, consolidation, distribution to stockholders other than a normal cash dividend, or other change in our corporate or capital structure, proportional adjustments will be made to (i) the maximum number and kind of securities available for issuance under our 2013 Plan, (ii) the maximum number and kind of securities issuable as ISOs;, and (iii) the number and kind of securities that are subject to any outstanding award and the per share price of such securities, without any change in the aggregate price to be paid therefor. The determination by our board of directors as to the terms of any of the foregoing adjustments will be conclusive and binding.

Amendment; termination. Our board of directors may amend or terminate our 2013 Plan at any time and may terminate any and all outstanding awards upon a dissolution or liquidation of us, provided that certain amendments will require stockholder approval or participant consent.

Sub-plans. In accordance with the terms of our 2013 Plan, the plan administrator established a sub-plan under our 2013 Plan for participants in France and Israel.

2021 Equity Incentive Plan

In , 2021, our board of directors and our stockholders approved our 2021 Equity Incentive Plan, or the 2021 Plan, as a successor to our 2013 Plan that will become effective on the date immediately prior to the effectiveness of the registration statement of which this prospectus forms a part. The 2021 Plan authorizes the award of both stock options, which are intended to qualify for tax treatment under Section 422 of the Internal Revenue Code, and NQSOs, as well for the award of RSAs, SARs, RSUs, and performance and stock bonus awards. Pursuant to the 2021 Plan, incentive stock options may be granted only to our employees. We may grant all other types of awards to our employees, directors, and consultants.

Shares reserved. We have initially reserved shares of our common stock, plus any reserved shares not issued or subject to outstanding grants under the 2013 Plan on the effective date of the 2021 Plan, for issuance pursuant to awards granted under our 2021 Plan. The number of shares reserved for issuance under our 2021 Plan will increase automatically on February 1 of each of 2022 through 2031 by the number of shares equal to % of the aggregate number of outstanding shares of all classes of our common stock as of the immediately preceding , or a lesser number as may be determined by our compensation committee, or by our board of directors acting in place of our compensation committee.

In addition, the shares set forth below will again be available for issuance pursuant to awards granted under our 2021 Plan:

•shares subject to options or SARs granted under our 2021 Plan that cease to be subject to the option or SAR for any reason other than exercise of the option or SAR;

•shares subject to awards granted under our 2021 Plan that are subsequently forfeited or repurchased by us at the original issue price;

•shares subject to awards granted under our 2021 Plan that otherwise terminate without such shares being issued;

•shares subject to awards granted under our 2021 Plan that are surrendered, canceled, or exchanged for cash or a different award (or combination thereof);

•shares issuable upon the exercise of options or subject to other awards granted under our 2013 Plan that cease to be subject to such options or other awards, by forfeiture or otherwise, after the effective date of the 2021 Plan;

116

•shares subject to awards granted under our 2013 Plan that are forfeited or repurchased by us at the original price after the effective date of the 2021 Plan; and

•shares subject to awards under our 2013 Plan or our 2021 Plan that are used to pay the exercise price of an option or withheld to satisfy the tax withholding obligations related to any award.

The shares of common stock underlying awards granted under the 2013 Plan that are forfeited, canceled, or otherwise returned to the 2021 Plan pursuant to the foregoing will become available for grant and issuance under the 2021 Plan.

Administration. Our 2021 Plan will be administered by our compensation committee, or by our board of directors acting in place of our compensation committee. Subject to the terms and conditions of the 2021 Plan, the administrator will have the authority, among other things, to select the persons to whom awards may be granted, construe and interpret our 2021 Plan as well as to determine the terms of such awards and prescribe, amend, and rescind the rules and regulations relating to the plan or any award granted thereunder. The 2021 Plan provides that the administrator may delegate its authority, including the authority to grant awards, to one or more executive officers to the extent permitted by applicable law, provided that awards granted to non-employee directors may only be determined by our board of directors.

Options. The 2021 Plan provides for the grant of both ISOs intended to qualify under Section 422 of the Internal Revenue Code, and NQSOs to purchase shares of our common stock at a stated exercise price. ISOs may only be granted to employees, including officers and directors who are also employees. The exercise price of stock options granted under the 2021 Plan must be at least equal to the fair market value of our common stock on the date of grant. ISOs granted to an individual who holds, directly or by attribution, more than ten percent of the total combined voting power of all classes of our capital stock must have an exercise price of at least 110% the fair market value of our common stock on the date of grant.

Options may vest based on service or achievement of performance conditions, as determined by the administrator. The administrator may provide for options to be exercised only as they vest or to be immediately exercisable, with any shares issued on exercise being subject to our right of repurchase that lapses as the shares vest. In the event of a participant’s termination of service, an option is generally exercisable, to the extent vested, for a period of 12 months in the case of termination due to the participant’s death or disability, or such longer or shorter period as the administrator may provide, but in any event no later than the expiration date of the stock option. Stock options generally terminate upon a participant’s termination of employment for cause. The maximum term of options granted under our 2021 Plan is ten years from the date of grant, except that the maximum permitted term of ISOs granted to an individual who holds, directly or by attribution, more than ten percent of the total combined voting power of all classes of our capital stock is five years from the date of grant.

Restricted stock awards. An RSA is an offer by us to grant or sell shares of our common stock subject to restrictions, which may lapse based on the satisfaction of service or achievement of performance conditions. The price, if any, of an RSA will be determined by the administrator. Holders of RSAs, unlike holders of options, will have the right to vote and any dividends or distributions paid with respect to such shares be subject to the same vesting terms and other restrictions as the RSA and will be accrued and paid when the vesting terms on such shares lapse. Unless otherwise determined by the administrator, vesting will cease on the date the participant no longer provides services to us and unvested shares may be forfeited to or repurchased by us.

Stock appreciation rights. A SAR provides for a payment, in cash or shares of our common stock (up to a specified maximum of shares, if determined by the administrator), to the participant based upon the difference between the fair market value of our common stock on the date of exercise and a predetermined exercise price, multiplied by the number of shares. The exercise price of a SAR must be at least the fair market value of a share of our common stock on the date of grant. SARs may vest based on service or achievement of performance conditions. No SAR may have a term that is longer than ten years from the date of grant.

Restricted stock units. RSUs represent the right to receive the value of shares of our common stock at a specified date in the future and may be subject to vesting based on service or achievement of performance conditions. RSUs may be settled in cash, shares of our common stock or a combination of both as soon as

117

practicable following vesting or on a later date subject to the terms of the 2021 Plan. No RSU may have a term that is longer than ten years from the date of grant.

Performance awards. Performance awards granted pursuant to the 2021 Plan may be in the form of a cash bonus, or an award of performance shares or performance units denominated in shares of our common stock that may be settled in cash, property or by issuance of those shares, subject to the satisfaction or achievement of specified performance conditions.

Stock bonus awards. A stock bonus award provides for payment in the form of cash, shares of our common stock or a combination thereof, based on the fair market value of shares subject to such award as determined by the administrator. The awards may be granted as consideration for services already rendered, or at the discretion of the administrator, may be subject to vesting restrictions based on continued service or performance conditions.

Dividend equivalents rights. Dividend equivalent rights may be granted at the discretion of the administrator and represent the right to receive the value of dividends, if any, paid by us in respect of the number of shares of our common stock underlying an award. Dividend equivalent rights will be subject to the same vesting or performance conditions as the underlying award and will be paid only when the underlying award becomes vested or may be deemed to have been reinvested by us. Dividend equivalent rights, if any, will be credited to participants in the form of additional whole shares.

Change of control. Our 2021 Plan provides that, in the event of a corporate transaction that constitutes a change of control of SentinelOne under the terms of the plan, outstanding awards will be subject to the agreement evidencing the change of control, which need not treat all outstanding awards in an identical manner, and may include one or more of the following: (i) the continuation of the outstanding awards, (ii) the assumption of the outstanding awards by the surviving corporation or its parent, (iii) the substitution by the surviving corporation or its parent of new options or equity awards for the outstanding awards, (iv) the full or partial acceleration of exercisability or vesting or lapse of our right to repurchase or other terms of forfeiture and accelerated expiration of the award, (v) the settlement of the full value of the outstanding awards (whether or not then vested or exercisable) in cash, cash equivalents, or securities of the successor entity with a fair market value equal to the required amount, as determined in accordance with the 2021 Plan, which payments may be deferred until the date or dates the award would have become exercisable or vested, or (vi) the cancellation of outstanding awards for no consideration. Notwithstanding the foregoing, upon a change in control the vesting of all awards granted to our non-employee directors will accelerate and such awards will become exercisable, to the extent applicable, and vested in full immediately prior to the consummation of the change of control.

Adjustment. In the event of a change in the number of outstanding shares of our common stock without consideration by reason of a stock dividend, extraordinary dividend or distribution, recapitalization, stock split, reverse stock split, subdivision, combination, consolidation reclassification, spin-off, or similar change in our capital structure, proportional adjustments will be made to (i) the number and class of shares reserved for issuance under our 2021 Plan, (ii) the exercise prices, number and class of shares subject to outstanding options or SARs, and (iii) the number and class of shares subject to other outstanding awards, subject to any required action by the board or our stockholders and compliance with applicable laws.

Exchange, repricing and buyout of awards. The administrator may, without prior stockholder approval, (i) reduce the exercise price of outstanding options or SARs without the consent of any participant and (ii) pay cash or issue new awards in exchange for the surrender and cancellation of any, or all, outstanding awards, subject to the consent of any affected participant to the extent required by the terms of the 2021 Plan.

Director compensation limits. No non-employee director may receive awards under our 2021 Plan with a grant date value that when combined with cash compensation received for his or her service as a director, exceed $ in a calendar year or $ in the calendar year of his or her initial services as a non-employee director on our board of directors.

Clawback; transferability. All awards will be subject to clawback or recoupment pursuant to any compensation clawback or recoupment policy adopted by our board of directors or required by law during the term of service of the participant, to the extent set forth in such policy or applicable agreement. Except in limited circumstances,

118

awards granted under our 2021 Plan may generally not be transferred in any manner other than by will or by the laws of descent and distribution.

Sub-plans. Subject to the terms of the 2021 Plan, the plan administrator may establish a sub-plan under the 2021 Plan and/or modify the terms of awards granted to participants outside of the United States to comply with any laws or regulations applicable to any such jurisdiction.

Amendment; termination. Our board of directors or compensation committee may amend our 2021 Plan at any time, subject to stockholder approval as may be required. Our 2021 Plan will terminate ten years from the date our board of directors adopts the plan, unless it is terminated earlier by our board of directors. No termination or amendment of the 2021 Plan may adversely affect any then-outstanding award without the consent of the affected participant, except as is necessary to comply with applicable laws or as otherwise provided by the terms of the 2021 Plan.

2021 Employee Stock Purchase Plan

In 2021, our board of directors and our stockholders approved our 2021 Employee Stock Purchase Plan, or our ESPP, that will become effective upon the date the registration statement of which this prospectus forms a part becomes effective to enable eligible employees to purchase shares of our common stock with accumulated payroll deductions. Our ESPP is intended to qualify under Section 423 of the Internal Revenue Code, provided that the administrator may adopt sub-plans under our ESPP designed to be outside of the scope of Section 423 for participants who are non-U.S. residents.

We have initially reserved shares of our common stock for issuance and sale under our ESPP. The number of shares reserved for issuance and sale under our ESPP will increase automatically on February 1 of each of 2022 through 2031 by the number of shares equal to % of the aggregate number of outstanding shares of all classes of our common stock as of the immediately preceding , or a lesser number as may be determined by our compensation committee, or by our board of directors acting in place of our compensation committee. Subject to stock splits, recapitalizations, or similar events, no more than shares of our common stock may be issued over the term of our ESPP.

Administration. Our ESPP will be administered by our compensation committee, or by our board of directors acting in place of our compensation committee, subject to the terms and conditions of our ESPP. Among other things, the administrator will have the authority to determine eligibility for participation in our ESPP, designate separate offerings under the plan, and construe, interpret, and apply the terms of the plan.

Eligibility. Employees eligible to participate in any offering pursuant to our ESPP generally include any employee that is employed by us or certain of our designated subsidiaries at the beginning of the offering period. However, the administrator may exclude employees who have been employed for less than two years, are customarily employed for 20 hours or less per week, are customarily employed for five months or less in a calendar year or certain highly-compensated employees as determined in accordance with applicable tax laws. In addition, any employee who owns (or is deemed to own because of attribution rules) 5% or more of the total combined voting power or value of all classes of our capital stock, or the capital stock of one of our qualifying subsidiaries, or who will own such amount because of participation in our ESPP, will not be eligible to participate in our ESPP. The administrator may impose additional restrictions on eligibility from time to time.

Offerings. Under our ESPP, eligible employees will be offered the option to purchase shares of our common stock at a discount over a series of offering periods through accumulated payroll deductions over the period. Each offering period may itself consist of one or more purchase periods. No offering period may be longer than 27 months. The purchase price for shares purchased under our ESPP during any given purchase period will be 85% of the lesser of the fair market value of our common stock on (i) the first trading day of the applicable offering period or (ii) the last trading day of the purchase period.

No participant may purchase more than shares of our common stock during any one purchase period, and may not subscribe for more than $25,000 in fair market value of shares of our common stock (determined as of the

119

date the offering period commences) in any calendar year in which the offering is in effect. The administrator in its discretion, may set a lower maximum number of shares which may be purchased.

Adjustments upon recapitalization. If the number of outstanding shares of our common stock is changed by stock dividend, recapitalization, stock split, reverse stock split, subdivision, combination, reclassification or similar change in our capital structure without consideration, then the administrator will proportionately adjust the number of shares of our common stock that are available under our ESPP, the purchase price and number of shares any participant has elected to purchase as well as the maximum number of shares which may be purchased by participants.

Change of control. If we experience a change of control transaction as determined under the terms of our ESPP, any offering period then in effect will be shortened and terminated on a final purchase date established by the administrator. The final purchase date will occur on or prior to the effective date of change of control transaction, and our ESPP will terminate on the closing of the change of control.

Transferability. Participants may generally not assign, transfer, pledge, or otherwise dispose of payroll deductions credited to his or her account, or any rights with regard to an election to purchase shares pursuant to our ESPP other than by will or the laws of descent or distribution.

Amendment; termination. The board of directors or compensation committee may amend, suspend or terminate our ESPP at any time without stockholder consent, except as to the extent such amendment would increase the number of shares available for issuance under our ESPP, change the class or designation of employees eligible for participation in the plan or otherwise as required by law. If our ESPP is terminated, the administrator may elect to terminate all outstanding offering periods immediately, upon next purchase date (which be sooner that originally scheduled) or upon the last day of such offering period. If any offering period is terminated prior to its scheduled completion, all amounts credited to participants which have not been used to purchase shares will be returned to participants as soon as administratively practicable. Unless earlier terminated, our ESPP will terminate upon the earlier to occur of the issuance of all shares of common stock reserved for issuance under our ESPP, or the tenth anniversary of the effective date.

Welfare and Other Benefits

We provide health, dental, vision, life, and disability insurance benefits to our named executive officers, on the same terms and conditions as provided to all other eligible U.S. employees.

We also sponsor a broad-based 401(k) plan intended to provide eligible U.S. employees with an opportunity to defer eligible compensation up to certain annual limits. As a tax-qualified retirement plan, contributions (if any) made by us are deductible by us when made, and contributions and earnings on those amounts are generally not taxable to the employees until withdrawn or distributed from the 401(k) plan. Our named executive officers are eligible to participate in our employee benefit plans, including our 401(k) plan, on the same basis as our other employees.

Limitations on Liability and Indemnification Matters

Our restated certificate of incorporation that will become effective in connection with this offering contains provisions that will limit the liability of our directors for monetary damages to the fullest extent permitted by the DGCL. Consequently, our directors will not be personally liable to us or our stockholders for monetary damages for any breach of fiduciary duties as directors, except liability for:

•any breach of the director’s duty of loyalty to us or our stockholders;

•any act or omission not in good faith or that involves intentional misconduct or a knowing violation of law;

•unlawful payments of dividends or unlawful stock repurchases or redemptions as provided in Section 174 of the DGCL; or

•any transaction from which the director derived an improper personal benefit.

120

Our restated certificate of incorporation and our restated bylaws that will become effective in connection with this offering will require us to indemnify our directors and officers to the maximum extent not prohibited by the DGCL and allow us to indemnify other employees and agents as set forth in the DGCL. Subject to certain limitations, our restated bylaws will also require us to advance expenses incurred by our directors and officers for the defense of any action for which indemnification is required or permitted, subject to very limited exceptions.

We have entered, and intend to continue to enter, into separate indemnification agreements with our directors, officers, and certain of our other employees. These agreements, among other things, require us to indemnify our directors, officers and key employees for certain expenses, including attorneys’ fees, judgments, fines, and settlement amounts actually and reasonably incurred by such director, officer or key employee in any action or proceeding arising out of their service to us or any of our subsidiaries or any other company or enterprise to which the person provides services at our request. Subject to certain limitations, our indemnification agreements also require us to advance expenses incurred by our directors, officers, and key employees for the defense of any action for which indemnification is required or permitted.

We believe that these provisions in our restated certificate of incorporation and indemnification agreements are necessary to attract and retain qualified persons such as directors, officers, and key employees. We also maintain directors’ and officers’ liability insurance.

The limitation of liability and indemnification provisions in our restated certificate of incorporation and restated bylaws may discourage stockholders from bringing a lawsuit against our directors and officers for breaches of their fiduciary duties. They may also reduce the likelihood of derivative litigation against our directors and officers, even though an action, if successful, might benefit us and other stockholders. Further, a stockholder’s investment may be adversely affected to the extent that we pay the costs of settlement and damage awards against directors and officers as required by these indemnification provisions.

Insofar as indemnification for liabilities arising under the Securities Act may be permitted to directors, executive officers or persons controlling us, we have been informed that in the opinion of the SEC such indemnification is against public policy as expressed in the Securities Act and is therefore unenforceable.

121

CERTAIN RELATIONSHIPS AND RELATED PARTY TRANSACTIONS

In addition to the compensation arrangements discussed in the sections titled “Management” and “Executive Compensation,” the following is a description of each transaction since February 1, 2018 and each currently proposed transaction in which:

•we have been or are to be a participant;

•the amount involved exceeded or will exceed $120,000; and

•any of our directors, executive officers, or holders of more than 5% of our outstanding capital stock, or any immediate family member of, or person sharing the household with, any of these individuals, had or will have a direct or indirect material interest.

Series F Redeemable Convertible Preferred Stock Financing

In October 2020, we sold an aggregate of 22,128,982 shares of our Series F redeemable convertible preferred stock at a purchase price of $12.0614 per share for an aggregate purchase price of $266,906,504. Each share of our Series F redeemable convertible preferred stock will convert automatically into one share of our common stock upon the completion of this offering.

The purchasers of our Series F redeemable convertible preferred stock are entitled to specified registration rights. For additional information, see the section titled “Description of Capital Stock—Registration Rights.” The terms of these purchases were the same for all purchasers of our Series F redeemable convertible preferred stock. See the section titled “Principal Stockholders” for more details regarding the shares held by certain of these entities.

The following table summarizes the Series F redeemable convertible preferred stock purchased by an affiliate of a member of our board of directors and holder of more than 5% of our outstanding capital stock:


Stockholder	Shares of Series F Redeemable Convertible Preferred Stock	Total Purchase Price
Entities affiliated with Insight Venture Partners(1)	1,444,286	$	17,420,111
Entities affiliated with Tiger Global(2)	12,434,708	$	149,979,987
Third Point Ventures(3)	2,199,199	$	26,525,419

__________________

(1)Consists of Insight Partners (Cayman) XI, L.P., Insight Partners (Delaware) XI, L.P., Insight Partners (EU) XI, S.C. Sp., Insight Partners XI (Co-Investors) (B), L.P., Insight Partners XI (Co-Investors), L.P., Insight Partners XI, L.P., Insight Ventures Partners Cayman X, L.P., Insight Venture Partners (Delaware) X, L.P., Insight Venture Partners X (Co-Investors), L.P. and Insight Venture Partners X, L.P., or collectively, Insight Venture Partners, collectively holds more than 5% of our outstanding capital stock. Teddie Wardi, a member of our board of directors, is a Managing Director of Insight Venture Partners.

(2)Consists of Tiger Global Private Investment Partners VII, L.P. and Tiger Global Private Investment Partners XII, L.P., or collectively, Tiger Global, which collectively hold more than 5% of our outstanding capital stock.

(3)Third Point Ventures LLC, or Third Point Ventures, holds more than 5% of our outstanding capital stock. Robert Schwartz, a member of our board of directors, is a Managing Partner at Third Point Ventures LLC.

Series E Redeemable Convertible Preferred Stock Financing

In February 2020, we sold an aggregate of 31,405,183 shares of our Series E redeemable convertible preferred stock at a purchase price of $4.8617 per share for an aggregate purchase price of $152,682,578. Each share of our Series E redeemable convertible preferred stock will convert automatically into shares of our common stock based on a conversion rate set forth in our currently in effect amended and restated certificate of incorporation upon the completion of this offering.

The purchasers of our Series E redeemable convertible preferred stock are entitled to specified registration rights. For additional information, see the section titled “Description of Capital Stock—Registration Rights.” The

122

terms of these purchases were the same for all purchasers of our Series E redeemable convertible preferred stock. See the section titled “Principal Stockholders” for more details regarding the shares held by certain of these entities.

The following table summarizes the Series E redeemable convertible preferred stock purchased by an affiliate of a member of our board of directors and holder of more than 5% of our outstanding capital stock:


Stockholder	Shares of Series E Redeemable Convertible Preferred Stock	Total Purchase Price
Entities affiliated with Insight Venture Partners(1)	12,341,362	$	60,000,000
Entities affiliated with Tiger Global(2)	1,977,543	$	9,614,221
Entities affiliated with Third Point Ventures(3)	3,188,100	$	15,499,586
Entities affiliated with Redpoint Ventures(4)	822,757	$	3,999,998

________________

(2)Consists of Tiger Global Private Investment Partners VII, L.P. and Tiger Global Private Investment Partners XII, L.P., or collectively, Tiger Global, collectively holds more than 5% of our outstanding capital stock.

(4)Consists of Redpoint Omega Associates II, LLC and Redpoint Omega II, L.P., or collectively, Redpoint Ventures, collectively holds more than 5% of our outstanding capital stock.

Series D Redeemable Convertible Preferred Stock Financing

Between December 2018 and May 2019, we sold an aggregate of 29,078,931 shares of our Series D redeemable convertible preferred stock at a purchase price of $3.2833 per share for an aggregate purchase price of $95,475,823. Each share of our Series D redeemable convertible preferred stock will convert automatically into one share of our common stock upon the completion of this offering.

The purchasers of our Series D redeemable convertible preferred stock are entitled to specified registration rights. For additional information, see the section titled “Description of Capital Stock—Registration Rights.” The terms of these purchases were the same for all purchasers of our Series D redeemable convertible preferred stock. See the section titled “Principal Stockholders” for more details regarding the shares held by certain of these entities.

The following table summarizes the Series D redeemable convertible preferred stock purchased by an affiliate of a member of our board of directors and holder of more than 5% of our outstanding capital stock:


Stockholder	Shares of Series D Redeemable Convertible Preferred Stock	Total Purchase Price
Entities affiliated with Insight Venture Partners(1)	13,705,581	$	44,999,991
Entities affiliated with Third Point Ventures(2)	2,436,549	$	8,000,003
Entities affiliated with Redpoint Ventures(3)	2,255,583	$	7,405,831

________________

123

outstanding capital stock. Teddie Wardi, a member of our board of directors, is a Managing Director of Insight Venture Partners.

(2)Third Point Ventures LLC, or Third Point Ventures, holds more than 5% of our outstanding capital stock. Robert Schwartz, a member of our board of directors, is a Managing Partner at Third Point Ventures LLC.

(3)Consists of Redpoint Omega Associates II, LLC and Redpoint Omega II, L.P., or collectively, Redpoint Ventures, collectively holds more than 5% of our outstanding capital stock.

Stock Transfers

June 2019

On June 17, 2019, entities affiliated with Insight Venture Partners, a holder of more than 5% of our capital stock:

•purchased an aggregate of 111,273 shares of our common stock from Nicholas Warner, one of our executive officers, at a purchase price of $2.7908 per share, for an aggregate purchase price of $0.3 million; and

•purchased an aggregate of 788,487 shares of our common stock from Tomer Weingarten, one of our executive officers, at a purchase price of $2.7908 per share, for an aggregate purchase price of $2.2 million.

December 2020

On December 31, 2020, entities affiliated with Insight Venture Partners, a holder of more than 5% of our capital stock purchased an aggregate of 503,007 shares of our outstanding common stock from Nicholas Warner, one of our executive officers, at a purchase price of $12.0614 per share, for an aggregate purchase price of $6.1 million.

Investors’ Rights Agreement

We are party to an amended and restated investors’ rights agreement, or our IRA, which provides, among other things, that certain holders of our capital stock, including entities affiliated with Insight Venture Partners, Tiger Global, Third Point Ventures and Redpoint Ventures, which each hold more than 5% of our outstanding capital stock, have the right to demand that we file a registration statement or request that their shares of our capital stock be included on a registration statement that we are otherwise filing. See the section titled “Description of Capital Stock— Registration Rights” for more information regarding these registration rights.

Policies and Procedures for Related Party Transactions

Following the completion of this offering, our audit committee will have the primary responsibility for reviewing and approving or disapproving “related party transactions,” which are transactions between us and related persons in which the aggregate amount involved exceeds or may be expected to exceed $120,000 and in which a related person has or will have a direct or indirect material interest. Upon completion of this offering, our policy regarding transactions between us and related persons will provide that a related person is defined as a director, executive officer, nominee for director or greater than 5% beneficial owner of our securities, in each case since the beginning of the most recently completed year, and any of their immediate family members. Our audit committee charter that will be in effect upon completion of this offering will provide that our audit committee shall review and approve or disapprove any related party transactions.

124

PRINCIPAL STOCKHOLDERS

The following table sets forth certain information with respect to the beneficial ownership of our common stock as of January 31, 2021, and as adjusted to reflect the sale of our common stock in this offering assuming no exercise of the underwriters’ over-allotment option, for:

•each of our named executive officers;

•each of our directors;

•all of our current directors and executive officers as a group; and

•each person known by us to be the beneficial owner of more than 5% of the outstanding shares of our common stock.

We have determined beneficial ownership in accordance with the rules of the SEC, and the information is not necessarily indicative of beneficial ownership for any other purpose. Except as indicated by the footnotes below, we believe, based on information furnished to us, that the persons and entities named in the table below have sole voting and sole investment power with respect to all shares of common stock that they beneficially owned, subject to applicable community property laws.

Applicable percentage ownership is based on shares of our common stock outstanding as of January 31, 2021 and assumes the Capital Stock Conversion. For purposes of the table below, we have assumed that shares of common stock will be issued in this offering. In computing the number of shares of common stock beneficially owned by a person and the percentage ownership of that person, we deemed to be outstanding all shares of common stock subject to options held by that person or entity that are currently exercisable or that will become exercisable within 60 days of January 31, 2021. We did not deem these shares outstanding, however, for the purpose of computing the percentage ownership of any other person. Unless otherwise indicated, the address of each beneficial owner in the table below is c/o Sentinel Labs, Inc., 444 Castro Street, Suite 400, Mountain View, California 94041.

Shares
Beneficially Owned
Before this Offering

Shares
Beneficially Owned
After this Offering

Name of Beneficial Owner

Named Executive Officers and Directors:

Tomer Weingarten(1)

David Bernhardt(2)

Nicholas Warner(3)

Robert Schwartz(4)

Daniel Scheinman(5)

Teddie Wardi(6)

Charlene T. Begley(7)

All executive officers and directors as a group(8 persons)(8)

Other 5% Stockholders:

Entities affiliated with Insight Venture Partners(9)

Entities affiliated with Tiger Global(10)

Entities affiliated with Third Point Ventures(11)

Entities affiliated with Redpoint Ventures(12)

________________

*Represents beneficial ownership of less than one percent of the shares of our common stock.

(1)

(2)

125

(3)

(4)

(5)

(6)

(7)

(8)

(9)

(10)

(11)

(12)

126

DESCRIPTION OF CAPITAL STOCK

General

The following description summarizes the most important terms of our capital stock, as they will be in effect following this offering. Because it is only a summary, it does not contain all the information that may be important to you. We expect to adopt a restated certificate of incorporation and restated bylaws that will become effective immediately prior to the completion of this offering, and this description summarizes provisions that are expected to be included in these documents. For a complete description, you should refer to our restated certificate of incorporation, restated bylaws, and our IRA, which are included as exhibits to the registration statement of which this prospectus forms a part, and to the applicable provisions of Delaware law.

Upon the completion of this offering, our authorized capital stock will consist of shares of our common stock, $0.0001 par value per share, and shares of undesignated preferred stock, $0.0001 par value per share.

Assuming the occurrence of the Capital Stock Conversion, as of January 31, 2021, there were outstanding:

• shares of our common stock, held by stockholders of record;

• shares of our common stock issuable upon the exercise of stock options; and

• shares of our common stock issuable upon the exercise of warrants to purchase shares of common stock.

Common Stock

Dividend Rights

Subject to preferences that may apply to any shares of convertible preferred stock outstanding at the time, the holders of shares of our common stock are entitled to receive dividends out of funds legally available if our board of directors, in its discretion, determines to issue dividends and then only at the times and in the amounts that our board of directors may determine. See the section titled “Dividend Policy.”

Voting Rights

Holders of shares of our common stock are entitled to one vote for each share held on all matters submitted to a vote of stockholders. We have not provided for cumulative voting for the election of directors in our restated certificate of incorporation that will become effective immediately prior to the completion of this offering. Accordingly, holders of a majority of the shares of our common stock will be able to elect all of our directors.

No Preemptive or Similar Rights

Our common stock is not entitled to preemptive rights, and is not subject to redemption or sinking fund provisions.

Right to Receive Liquidation Distributions

Upon our liquidation, dissolution or winding-up, the assets legally available for distribution to our stockholders would be distributable ratably among the holders of our common stock and any participating preferred stock outstanding at that time, subject to prior satisfaction of all outstanding debt and liabilities and the preferential rights of and the payment of liquidation preferences, if any, on any outstanding shares of preferred stock.

Preferred Stock

Following this offering, our board of directors will be authorized, subject to limitations prescribed by Delaware law, to issue preferred stock in one or more series, to establish from time to time the number of shares to be included in each series, and to fix the designation, powers, preferences, and rights of the shares of each series and any of its qualifications, limitations or restrictions, in each case without further vote or action by our stockholders. Our board

127

of directors can also increase or decrease the number of shares of any series of preferred stock, but not below the number of shares of that series then outstanding, without any further vote or action by our stockholders. Our board of directors may authorize the issuance of preferred stock with voting or conversion rights that could adversely affect the voting power or other rights of the holders of our common stock. The issuance of preferred stock, while providing flexibility in connection with possible acquisitions and other corporate purposes, could, among other things, have the effect of delaying, deferring, or preventing a change in our control and might adversely affect the market price of our common stock and the voting and other rights of the holders of our common stock. We have no current plan to issue any shares of preferred stock.

Options

As of January 31, 2021, we had outstanding options to purchase an aggregate of shares of our common stock, with a weighted-average exercise price of $ per share. Subsequent to January 31, 2021, we granted options to purchase shares of our common stock under our 2013 Plan, with a weighted-average exercise price of $ per share.

Warrants

As of January 31, 2021, we had granted warrants to purchase shares of our common stock, with a weighted-average exercise price of $ per share.

Registration Rights

Following the completion of this offering, certain holders of shares of our common stock or their permitted transferees will be entitled to rights with respect to the registration of these shares under the Securities Act. These rights are provided under the terms of our IRA, which was entered into in connection with our redeemable convertible preferred stock financings, and include demand registration rights, Form S-3 registration rights and piggyback registration rights. In any registration made pursuant to our IRA, all fees, costs and expenses of underwritten registrations will be borne by us and all selling expenses, including estimated underwriting discounts, selling commissions and stock transfer taxes, will be borne by the holders of the shares being registered.

The registration rights terminate (i) five years following the completion of this offering or a direct listing (as defined in our IRA), (ii) upon a deemed liquidation event, as defined in the amended and restated investors’ rights agreement, or (iii) with respect to any particular stockholder who holds 1% or less of registrable securities (as defined in our IRA), at the time that such stockholder can sell all of its shares during any 90-day period pursuant to Rule 144 or another similar exemption under the Securities Act.

Demand Registration Rights

Following the completion of this offering, certain holders of shares of our common stock will be entitled to demand registration rights. Under the terms of our IRA, we will be required, upon the written request of holders of at least 30% of the shares that are entitled to registration rights under our IRA, to register, as soon as practicable, all or a portion of these shares for public resale, if the aggregate price to the public of the shares offered is at least $10.0 million. We may postpone the filing of a registration statement once for up to 120 days in a 12-month period if our board of directors determines that the filing would be materially detrimental to us. We are not required to effect a demand registration under certain additional circumstances specified in our IRA, including at any time earlier than 180 days after the effective date of this offering.

Form S-3 Registration Rights

Certain holders of shares of our common stock are also entitled to Form S-3 registration rights. The holders representing at least 30% of the then-outstanding shares having registration rights can request that we register all or part of their shares on Form S-3 if we are eligible to file a registration statement on Form S-3 and if the aggregate price to the public of the shares offered is at least $5.0 million. The holders may only require us to effect at most two registration statements on Form S-3 in any 12-month period. We may postpone the filing of a registration statement

128

on Form S-3 no more than once during any 12-month period, for a period of not more than 120 days if our board of directors determines that the filing would be materially detrimental to us.

Piggyback Registration Rights

If we register any of our securities for public sale, holders of shares of our common stock having registration rights will have the right to include their shares in the registration statement. However, this right does not apply to a registration relating to employee benefit plans, a registration relating to an SEC Rule 145 transaction, a registration on any form that does not include substantially the same information as would be required to be included in a registration statement covering the sale of our common stock, or a registration in which the only common stock being registered is common stock issuable upon conversion of debt securities that are also being registered. The underwriters of any underwritten offering will have the right to limit the number of shares registered by these holders if they determine that marketing factors require limitation, in which case the number of shares to be registered will be apportioned pro rata among these holders, according to the total amount of securities entitled to be included by each holder. However, the number of shares to be registered by these holders cannot be reduced below 30% of the total shares covered by the registration statement, other than in the initial public offering.

Anti-Takeover Provisions

The provisions of the DGCL, our restated certificate of incorporation, and our restated bylaws following this offering could have the effect of delaying, deferring or discouraging another person from acquiring control of our company. These provisions, which are summarized below, are expected to discourage certain types of coercive takeover practices and inadequate takeover bids and encourage persons seeking to acquire control of SentinelOne to first negotiate with our board of directors. We believe that the benefits of increased protection of our potential ability to negotiate with an unfriendly or unsolicited acquirer outweigh the disadvantages of discouraging a proposal to acquire us because negotiation of these proposals could result in an improvement of their terms.

Delaware Law

We are subject to the provisions of Section 203 of the DGCL regulating corporate takeovers. In general, Section 203 prohibits a publicly held Delaware corporation from engaging in a “business combination” with an “interested stockholder” for a three-year period following the time that this stockholder becomes an interested stockholder, unless the business combination is approved in a prescribed manner. Under Section 203, a business combination between a corporation and an interested stockholder is prohibited unless it satisfies one of the following conditions:

•before the stockholder became interested, our board of directors approved either the business combination or the transaction, which resulted in the stockholder becoming an interested stockholder;

•upon consummation of the transaction, which resulted in the stockholder becoming an interested stockholder, the interested stockholder owned at least 85% of the voting stock of the corporation outstanding at the time the transaction commenced, excluding for purposes of determining the voting stock outstanding, shares owned by persons who are directors and also officers, and employee stock plans in some instances, but not the outstanding voting stock owned by the interested stockholder; or

•at or after the time the stockholder became interested, the business combination was approved by our board and authorized at an annual or special meeting of the stockholders by the affirmative vote of at least two-thirds of the outstanding voting stock, which is not owned by the interested stockholder.

Section 203 defines a business combination to include:

•any merger or consolidation involving the corporation and the interested stockholder;

•any sale, transfer, lease, pledge, or other disposition involving the interested stockholder of 10% or more of the assets of the corporation;

•subject to exceptions, any transaction that results in the issuance of transfer by the corporation of any stock of the corporation to the interested stockholder;

129

•subject to exceptions, any transaction involving the corporation that has the effect of increasing the proportionate share of the stock of any class or series of the corporation beneficially owned by the interested stockholder; and

•the receipt by the interested stockholder of the benefit of any loans, advances, guarantees, pledges, or other financial benefits provided by or through the corporation.

In general, Section 203 defines an interested stockholder as any entity or person beneficially owning 15% or more of the outstanding voting stock of the corporation and any entity or person affiliated with or controlling or controlled by the entity or person.

Restated Certificate of Incorporation and Restated Bylaw Provisions

Our restated certificate of incorporation and our restated bylaws will include a number of provisions that may have the effect of deterring hostile takeovers, or delaying or preventing changes in control of our management team or changes in our board of directors or our governance or policy, including the following:

•Board of Directors Vacancies. Our restated certificate of incorporation and our restated bylaws and will authorize generally only our board of directors to fill vacant directorships resulting from any cause or created by the expansion of our board of directors. In addition, the number of directors constituting our board of directors may be set only by resolution adopted by a majority vote of our entire board of directors. These provisions prevent a stockholder from increasing the size of our board of directors and gaining control of our board of directors by filling the resulting vacancies with its own nominees.

•Classified Board. Our restated certificate of incorporation and our restated bylaws will provide that our board of directors is classified into three classes of directors. The existence of a classified board of directors could delay a successful tender offeror from obtaining majority control of our board of directors, and the prospect of that delay might deter a potential offeror. For additional information see the section titled “Management—Corporate Governance—Classified Board of Directors.”

•Directors Removed Only for Cause. Our restated certificate of incorporation will provide that stockholders may remove directors only for cause.

•Supermajority Requirements for Amendments of Our Restated Certificate of Incorporation and Restated Bylaws. Our restated certificate of incorporation will further provide that the affirmative vote of holders of at least 66 2/3% of our outstanding common stock will be required to amend certain provisions of our restated certificate of incorporation, including provisions relating to the classified board, the size of the board of directors, removal of directors, special meetings, actions by written consent and designation of our preferred stock. The affirmative vote of holders of at least 66 2/3% of our outstanding common stock will be required to amend or repeal our restated bylaws, although our restated bylaws may be amended by a simple majority vote of our board of directors.

•Stockholder Action; Special Meetings of Stockholders. Our restated certificate of incorporation will provide that our stockholders may not take action by written consent, but may only take action at annual or special meetings of our stockholders. As a result, holders of our capital stock would not be able to amend our restated bylaws or remove directors without holding a meeting of our stockholders called in accordance with our restated bylaws. Our restated certificate of incorporation and our restated bylaws will provide that special meetings of our stockholders may be called only by a majority of our board of directors, the chairman of our board of directors or our chief executive officer, thus prohibiting a stockholder from calling a special meeting. These provisions might delay the ability of our stockholders to force consideration of a proposal or for stockholders to take any action, including the removal of directors.

•Advance Notice Requirements for Stockholder Proposals and Director Nominations. Our restated bylaws will provide advance notice procedures for stockholders seeking to bring business before our annual meeting of stockholders or to nominate candidates for election as directors at our annual meeting of stockholders. Our restated bylaws also will specify certain requirements regarding the form and content of a

130

stockholder’s notice. These provisions may preclude our stockholders from bringing matters before our annual meeting of stockholders or from making nominations for directors at our annual meeting of stockholders. We expect that these provisions might also discourage or deter a potential acquirer from conducting a solicitation of proxies to elect the acquirer’s own slate of directors or otherwise attempting to obtain control of our company.

•No Cumulative Voting. The DGCL provides that stockholders are not entitled to the right to cumulate votes in the election of directors unless a corporation’s certificate of incorporation provides otherwise. Our restated certificate of incorporation and restated bylaws will not provide for cumulative voting.

•Issuance of Undesignated Preferred Stock. We anticipate that after the filing of our restated certificate of incorporation, our board will have the authority, without further action by the stockholders, to issue up to shares of undesignated preferred stock with rights and preferences, including voting rights, designated from time to time by our board of directors. The existence of authorized but unissued shares of preferred stock enables our board of directors to render more difficult or to discourage an attempt to obtain control of us by means of a merger, tender offer, proxy contest or otherwise.

•Choice of Forum. In addition, our restated certificate of incorporation will provide that, to the fullest extent permitted by law, the Court of Chancery of the State of Delaware will be the exclusive forum for any derivative action or proceeding brought on our behalf; any action asserting a breach of fiduciary duty; any action asserting a claim against us arising pursuant to the DGCL, our restated certificate of incorporation or our restated bylaws; or any action asserting a claim against us that is governed by the internal affairs doctrine. The enforceability of similar choice of forum provisions in other companies’ certificates of incorporation has been challenged in legal proceedings, and it is possible that a court could find these types of provisions to be inapplicable or unenforceable. Our restated certificate of incorporation will also provide that the federal district courts of the United States will, to the fullest extent permitted by law, be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act, or the Federal Forum Provision. While there can be no assurance that federal or state courts will follow the holding of the Delaware Supreme Court which recently found that such provisions are facially valid under Delaware law or determine that the Federal Forum Provision should be enforced in a particular case, application of the Federal Forum Provision means that suits brought by our stockholders to enforce any duty or liability created by the Securities Act must be brought in federal court and cannot be brought in state court. Section 27 of the Exchange Act creates exclusive federal jurisdiction over all claims brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. In addition, the Federal Forum Provision applies, to the fullest extent permitted by law, to suits brought to enforce any duty or liability created by the Exchange Act. Accordingly, actions by our stockholders to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder must be brought in federal court. Our stockholders will not be deemed to have waived our compliance with the federal securities laws and the regulations promulgated thereunder. Any person or entity purchasing or otherwise acquiring or holding any interest in any of our securities shall be deemed to have notice of and consented to our exclusive forum provisions, including the Federal Forum Provision. These provisions may limit a stockholder’s ability to bring a claim in a judicial forum of their choosing for disputes with us or our directors, officers, or other employees, which may discourage lawsuits against us and our directors, officers, and other employees.

Transfer Agent and Registrar

Upon the completion of this offering, the transfer agent and registrar for our common stock will be . The transfer agent’s address is , and its telephone number is .

Exchange Listing

We intend to apply to list our common stock on the under the symbol “ .”

131

SHARES ELIGIBLE FOR FUTURE SALE

Before this offering, there has been no public market for our common stock, and we cannot predict the effect, if any, that market sales of shares of our common stock or the availability of shares of our common stock for sale will have on the market price of our common stock prevailing from time to time.

Nevertheless, sales of substantial amounts of our common stock, including shares issued upon exercise of outstanding stock options, in the public market following this offering could adversely affect market prices prevailing from time to time and could impair our ability to raise capital through the sale of our equity securities.

Upon the completion of this offering, based on the shares of our common stock outstanding as of January 31, 2021, we will have a total of shares of our common stock outstanding. Of these outstanding shares, all of the shares of common stock sold in this offering will be freely tradable, except that any shares purchased in this offering by our affiliates, as that term is defined in Rule 144 under the Securities Act, only would be able to be sold in compliance with the Rule 144 limitations described below.

The remaining outstanding shares of our common stock will be deemed “restricted securities” as defined in Rule 144. Restricted securities may be sold in the public market only if they are registered under the Securities Act or if they qualify for an exemption from registration under Rule 144 or Rule 701 promulgated under the Securities Act, which rules are summarized below. As a result of the lock-up and market standoff agreements described below and the provisions of our IRA described in the section titled “Description of Capital Stock—Registration Rights,” and subject to the provisions of Rule 144 or Rule 701, shares of our common stock will be available for sale in the public market as follows:

•beginning on the date of this prospectus, all of the shares sold in this offering will be immediately available for sale in the public market; and

•beginning days after the date of this prospectus, additional shares will become eligible for sale in the public market, of which shares will be held by affiliates and subject to the volume and other restrictions of Rule 144, as described below.

Lock-Up and Market Standoff Agreements

We anticipate that we and each of our directors, our executive officers and the holders of a substantial majority of all of our capital stock and securities convertible into our capital stock have entered or will enter into lock-up agreements with the underwriters prior to the commencement of this offering pursuant to which each of these persons or entities, with limited exceptions, for a period of days after the date of this prospectus, may not, without the prior written consent of Morgan Stanley & Co. LLC and Goldman Sachs & Co. LLC, (i) offer, pledge, announce the intention to sell, sell, contract to sell, sell any option or contract to purchase, purchase any option or contract to sell, grant any option, right or warrant to purchase, lend or otherwise transfer or dispose of, directly or indirectly, any shares of our common stock or any securities convertible into or exercisable or exchangeable for our common stock (including, without limitation, common stock or such other securities which may be deemed to be beneficially owned by such directors, executive officers and stockholders in accordance with the rules and regulations of the SEC and securities which may be issued upon exercise of a stock option or warrant) or (ii) enter into any swap or other agreement that transfers, in whole or in part, any of the economic consequences of ownership of the common stock or such other securities, whether any such transaction described in clause (i) or (ii) above is to be settled by delivery of common stock or such other securities, in cash or otherwise, or (iii) make any demand for or exercise any right with respect to the registration of any shares of our common stock or any security convertible into or exercisable or exchangeable for our common stock.

In addition, our executive officers, directors and holders of a substantial majority of all of our capital stock and securities convertible into or exchangeable for our capital stock have entered into market standoff agreements with us under which they have agreed that, subject to certain exceptions, for a period of 180 days after the date of this prospectus, they will not, without our prior written consent, dispose of or hedge any shares or any securities convertible into or exchangeable for shares of our common stock.

132

Rule 144

In general, under Rule 144 as currently in effect, once we have been subject to public company reporting requirements for at least 90 days, a person who is not deemed to have been one of our affiliates for purposes of the Securities Act at any time during the 90 days preceding a sale and who has beneficially owned the shares proposed to be sold for at least six months, including the holding period of any prior owner other than our affiliates, is entitled to sell those shares without complying with the manner of sale, volume limitation or notice provisions of Rule 144, subject to compliance with the public information requirements of Rule 144. If such a person has beneficially owned the shares proposed to be sold for at least one year, including the holding period of any prior owner other than our affiliates, then that person would be entitled to sell those shares without complying with any of the requirements of Rule 144.

In general, under Rule 144, as currently in effect, our affiliates or persons selling shares on behalf of our affiliates are entitled to sell upon expiration of the lock-up and market standoff agreements described above, within any three-month period, a number of shares that does not exceed the greater of:

•1% of the number of shares of our common stock then outstanding, which will equal approximately shares immediately after this offering; or

•the average weekly trading volume of our common stock during the four calendar weeks preceding the filing of a notice on Form 144 with respect to that sale.

Sales under Rule 144 by our affiliates or persons selling shares on behalf of our affiliates are also subject to certain manner of sale provisions and notice requirements and to the availability of current public information about us.

Rule 701

Rule 701 generally allows a stockholder who purchased shares of our common stock pursuant to a written compensatory plan or contract and who is not deemed to have been an affiliate of SentinelOne during the immediately preceding 90 days to sell these shares in reliance upon Rule 144, but without being required to comply with the public information, holding period, volume limitation or notice provisions of Rule 144. Rule 701 also permits affiliates of SentinelOne to sell their Rule 701 shares under Rule 144 without complying with the holding period requirements of Rule 144. All holders of Rule 701 shares, however, are required by that rule to wait until 90 days after the date of this prospectus before selling those shares pursuant to Rule 701.

Stock Options

As soon as practicable after the completion of this offering, we intend to file one or more registration statements on Form S-8 under the Securities Act covering all of the shares of our common stock subject to outstanding options and the shares of our common stock reserved for issuance under our equity incentive plans. In addition, we intend to file a registration statement on Form S-8 or such other form as may be required under the Securities Act for the resale of shares of our common stock issued upon the exercise of options that were not granted under Rule 701. We expect to file this registration statement as soon as permitted under the Securities Act. However, the shares registered on Form S-8 may be subject to the volume limitations and the manner of sale, notice and public information requirements of Rule 144 and will not be eligible for resale until expiration of the lock-up and market standoff agreements to which they are subject.

Registration Rights

We have granted demand, piggyback and Form S-3 registration rights to certain of our stockholders to sell our common stock. Registration of the sale of these shares under the Securities Act would result in these shares becoming freely tradable without restriction under the Securities Act immediately upon the effectiveness of the registration, except for shares purchased by affiliates. For a further description of these rights, see the section titled “Description of Capital Stock—Registration Rights.”

133

MATERIAL U.S. FEDERAL INCOME TAX CONSEQUENCES TO NON-U.S. HOLDERS OF OUR COMMON STOCK

The following summary describes the material U.S. federal income tax consequences of the acquisition, ownership and disposition of our common stock acquired in this offering by Non-U.S. Holders (as defined below). This discussion does not address all aspects of U.S. federal income taxes, does not discuss the potential application of the alternative minimum tax or the Medicare contribution tax on net investment income, and does not deal with state or local taxes, U.S. federal gift or estate tax laws (except to the limited extent provided below), or any non-U.S. tax consequences that may be relevant to Non-U.S. Holders in light of their particular circumstances.

Special rules different from those described below may apply to certain Non-U.S. Holders that are subject to special treatment under the Internal Revenue Code, such as:

•insurance companies, banks, and other financial institutions;

•tax-exempt organizations (including private foundations) and tax-qualified retirement plans;

•persons required for U.S. federal income tax purposes to conform the timing of income accruals to their financial statements under Section 451(b) of the Internal Revenue Code;

•“qualified foreign pension funds” as defined in Section 897(l)(2) of the Internal Revenue Code and entities all of the interests of which are held by qualified foreign pension funds;

•persons subject to special tax accounting rules as a result of any item of gross income with respect to our common stock being taken into account in an applicable financial statement;

•non-U.S. governments and international organizations;

•broker-dealers and traders in securities;

•U.S. expatriates and certain former citizens or long-term residents of the United States;

•persons that own, or are deemed to own, more than five percent of our common stock;

•“controlled foreign corporations,” “passive foreign investment companies,” and corporations that accumulate earnings to avoid U.S. federal income tax;

•persons that hold our common stock as part of a “straddle,” “hedge,” “conversion transaction,” “synthetic security,” or integrated investment or other risk reduction strategy;

•persons who do not hold our common stock as a capital asset within the meaning of Section 1221 of the Internal Revenue Code (generally, for investment purposes); and

•partnerships and other pass-through entities, and investors in such pass-through entities (regardless of their places of organization or formation).

Such Non-U.S. Holders are urged to consult their own tax advisors to determine the U.S. federal, state, local, and other tax consequences that may be relevant to them.

Furthermore, the discussion below is based upon the provisions of the Internal Revenue Code, Treasury regulations, rulings, and judicial decisions thereunder as of the date hereof, and such authorities may be repealed, revoked, or modified, possibly retroactively, and are subject to differing interpretations which could result in U.S. federal income tax consequences different from those discussed below. We have not requested a ruling from the Internal Revenue Service, or IRS, with respect to the statements made and the conclusions reached in the following summary, and there can be no assurance that the IRS will agree with such statements and conclusions or that the IRS will not take a contrary position regarding the tax consequences described herein, or that any such contrary position would not be sustained by a court.

134

PERSONS CONSIDERING THE PURCHASE OF OUR COMMON STOCK PURSUANT TO THIS OFFERING SHOULD CONSULT THEIR OWN TAX ADVISORS CONCERNING THE U.S. FEDERAL INCOME TAX CONSEQUENCES OF ACQUIRING, OWNING, AND DISPOSING OF OUR COMMON STOCK IN LIGHT OF THEIR PARTICULAR SITUATIONS AS WELL AS ANY TAX CONSEQUENCES ARISING UNDER THE LAWS OF ANY OTHER TAXING JURISDICTION, INCLUDING ANY STATE, LOCAL, OR NON-U.S. TAX CONSEQUENCES OR ANY U.S. FEDERAL NON-INCOME TAX CONSEQUENCES, AND THE POSSIBLE APPLICATION OF TAX TREATIES.

For the purposes of this discussion, a “Non-U.S. Holder” is a beneficial owner of common stock that is not a U.S. Holder or a partnership for U.S. federal income tax purposes. A “U.S. Holder” means a beneficial owner of our common stock that is, for U.S. federal income tax purposes, (1) an individual who is a citizen or resident of the United States, (2) a corporation (or other entity taxable as a corporation for U.S. federal income tax purposes), created or organized in or under the laws of the United States, any state thereof, or the District of Columbia, (3) an estate the income of which is subject to U.S. federal income taxation regardless of its source, or (4) a trust if it (i) is subject to the primary supervision of a court within the United States and one or more United States persons (within the meaning of Section 7701(a)(30) of the Internal Revenue Code) have the authority to control all substantial decisions of the trust or (ii) has a valid election in effect under applicable U.S. Treasury regulations to be treated as a United States person.

If you are an individual non-U.S. citizen, you may be deemed to be a resident alien (as opposed to a nonresident alien) by virtue of being present in the United States for at least 31 days in the calendar year and for an aggregate of at least 183 days during a three-year period ending in the current calendar year. Generally, for this purpose, all the days present in the current year, one-third of the days present in the immediately preceding year, and one-sixth of the days present in the second preceding year are counted.

Resident aliens are generally subject to U.S. federal income tax as if they were U.S. citizens. Individuals who are uncertain of their status as resident or nonresident aliens for U.S. federal income tax purposes are urged to consult their own tax advisors regarding the U.S. federal income tax consequences of the ownership or disposition of our common stock.

Distributions

We do not anticipate paying any dividends on our capital stock in the foreseeable future. If we do make distributions on our common stock, however, such distributions made to a Non-U.S. Holder of our common stock will constitute dividends for U.S. tax purposes to the extent paid out of our current or accumulated earnings and profits (as determined under U.S. federal income tax principles). Distributions in excess of our current and accumulated earnings and profits will constitute a return of capital that is applied against and reduces, but not below zero, a Non-U.S. Holder’s adjusted tax basis in our common stock. Any remaining excess will be treated as gain realized on the sale or exchange of our common stock as described below under “—Gain on Disposition of Our Common Stock.”

Any distribution on our common stock that is treated as a dividend paid to a Non-U.S. Holder that is not effectively connected with the holder’s conduct of a trade or business in the United States will generally be subject to withholding tax at a 30% rate or such lower rate as may be specified by an applicable income tax treaty between the United States and the Non-U.S. Holder’s country of residence. To obtain a reduced rate of withholding under a treaty, a Non-U.S. Holder generally will be required to provide the applicable withholding agent with a properly executed IRS Form W-8BEN, IRS Form W-8BEN-E, or other appropriate form, certifying the Non-U.S. Holder’s entitlement to benefits under that treaty. Such form must be provided prior to the payment of dividends and must be updated periodically. If a Non-U.S. Holder holds stock through a financial institution or other agent acting on the holder’s behalf, the holder will be required to provide appropriate documentation to such agent. The holder’s agent will then be required to provide certification to the applicable withholding agent, either directly or through other intermediaries. If you are eligible for a reduced rate of U.S. withholding tax under an income tax treaty, you should consult with your own tax advisor to determine if you are able to obtain a refund or credit of any excess amounts withheld by timely filing an appropriate claim for a refund with the IRS.

135

We generally are not required to withhold tax on dividends paid to a Non-U.S. Holder that are effectively connected with the holder’s conduct of a trade or business within the United States (and, if required by an applicable income tax treaty, are attributable to a permanent establishment that the holder maintains in the United States) if a properly executed IRS Form W-8ECI, stating that the dividends are so connected, is furnished to the applicable withholding agent. In general, such effectively connected dividends will be subject to U.S. federal income tax on a net income basis at the regular graduated rates applicable to U.S. persons. A corporate Non-U.S. Holder receiving effectively connected dividends may also be subject to an additional “branch profits tax,” which is imposed, under certain circumstances, at a rate of 30% (or such lower rate as may be specified by an applicable treaty) on the corporate Non-U.S. Holder’s effectively connected earnings and profits, subject to certain adjustments.

See also the section below titled “—Foreign Accounts” for additional withholding rules that may apply to dividends paid to certain foreign financial institutions or non-financial foreign entities.

Gain on Disposition of Our Common Stock

Subject to the discussions below under the sections titled “—Backup Withholding and Information Reporting” and “—Foreign Accounts,” a Non-U.S. Holder generally will not be subject to U.S. federal income or withholding tax with respect to gain realized on a sale or other disposition of our common stock unless (1) the gain is effectively connected with a trade or business of the holder in the United States (and, if required by an applicable income tax treaty, is attributable to a permanent establishment that the holder maintains in the United States), (2) the Non-U.S. Holder is a nonresident alien individual and is present in the United States for 183 or more days in the taxable year of the disposition and certain other conditions are met, or (3) we are or have been a “United States real property holding corporation” within the meaning of Code Section 897(c)(2) at any time within the shorter of the five-year period preceding such disposition or the holder’s holding period in the common stock.

If you are a Non-U.S. Holder, gain described in (1) above will be subject to tax on the net gain derived from the sale at the regular U.S. federal income tax rates applicable to U.S. persons. If you are a corporate Non-U.S. Holder, gain described in (1) above may also be subject to the additional branch profits tax at a 30% rate or such lower rate as may be specified by an applicable income tax treaty. If you are an individual Non-U.S. Holder described in (2) above, you will be required to pay a flat 30% tax on the gain derived from the sale, which gain may be offset by certain U.S. source capital losses (even though you are not considered a resident of the United States), provided you have timely filed U.S. federal income tax returns with respect to such losses. With respect to (3) above, in general, we would be a United States real property holding corporation if United States real property interests (as defined in the Internal Revenue Code and the Treasury Regulations) comprised (by fair market value) at least half of our assets. We believe that we are not, and do not anticipate becoming, a United States real property holding corporation. However, there can be no assurance that we will not become a United States real property holding corporation in the future. Even if we are treated as a United States real property holding corporation, gain realized by a Non-U.S. Holder on a disposition of our common stock will not be subject to U.S. federal income tax so long as (1) the Non-U.S. Holder owned, directly, indirectly, and constructively, no more than five percent of our common stock at all times within the shorter of (i) the five-year period preceding the disposition or (ii) the holder’s holding period and (2) our common stock is regularly traded on an established securities market for purposes of the relevant rules. There can be no assurance that our common stock will qualify as regularly traded on an established securities market for this purpose.

U.S. Federal Estate Tax

The estates of nonresident alien individuals generally are subject to U.S. federal estate tax on property with a U.S. situs. Because we are a U.S. corporation, our common stock will be U.S. situs property and, therefore, will be included in the taxable estate of a nonresident alien decedent, unless an applicable estate tax treaty between the United States and the decedent’s country of residence provides otherwise. The terms “resident” and “nonresident” are defined differently for U.S. federal estate tax purposes than for U.S. federal income tax purposes. Investors are urged to consult their own tax advisors regarding the U.S. federal estate tax consequences of the ownership or disposition of our common stock.

136

Backup Withholding and Information Reporting

Generally, we or an applicable withholding agent must report information to the IRS with respect to any dividends we pay on our common stock, including the amount of any such dividends, the name and address of the recipient, and the amount, if any, of tax withheld. A similar report is sent to the holder to whom any such dividends are paid. Pursuant to tax treaties or certain other agreements, the IRS may make its reports available to tax authorities in the recipient’s country of residence.

Dividends paid by us (or our paying agents) to a Non-U.S. Holder may also be subject to U.S. backup withholding. U.S. backup withholding generally will not apply to a Non-U.S. Holder who provides a properly executed IRS Form W-8BEN or IRS Form W-8BEN-E, as applicable, or otherwise establishes an exemption, provided that the applicable withholding agent does not have actual knowledge or reason to know the holder is a U.S. person.

Under current U.S. federal income tax law, U.S. information reporting and backup withholding requirements generally will apply to the proceeds of a disposition of our common stock effected by or through a U.S. office of any broker, U.S. or non-U.S., unless the Non-U.S. Holder provides a properly executed IRS Form W-8BEN or IRS Form W-8BEN-E, as applicable, or otherwise meets documentary evidence requirements for establishing non-U.S. person status or otherwise establishes an exemption. Generally, U.S. information reporting and backup withholding requirements will not apply to a payment of disposition proceeds to a Non-U.S. Holder where the transaction is effected outside the United States through a non-U.S. office of a non-U.S. broker. Information reporting and backup withholding requirements may, however, apply to a payment of disposition proceeds if the broker has actual knowledge, or reason to know, that the holder is, in fact, a U.S. person. For information reporting purposes only, certain brokers with substantial U.S. ownership or operations will generally be treated in a manner similar to U.S. brokers.

Backup withholding is not an additional tax. If backup withholding is applied to you, you should consult with your own tax advisor to determine whether you are able to obtain a tax refund or credit of the overpaid amount.

Foreign Accounts

In addition, U.S. federal withholding taxes may apply under the Foreign Account Tax Compliance Act, or FATCA, on certain types of payments, including dividends on our common stock, made to non-U.S. financial institutions and certain other non-U.S. entities. Specifically, a 30% withholding tax may be imposed on dividends on our common stock paid to a “foreign financial institution” or a “non-financial foreign entity” (each as defined in the Internal Revenue Code), unless (1) the foreign financial institution agrees to undertake certain diligence and reporting obligations, (2) the non-financial foreign entity either certifies it does not have any “substantial United States owners” (as defined in the Code) or furnishes identifying information regarding each substantial United States owner, or (3) the foreign financial institution or non-financial foreign entity otherwise qualifies for an exemption from these rules. The 30% federal withholding tax described in this paragraph is not generally subject to reduction under income tax treaties with the United States. If the payee is a foreign financial institution and is subject to the diligence and reporting requirements in (1) above, it must enter into an agreement with the U.S. Department of the Treasury requiring, among other things, that it undertake to identify accounts held by certain “specified United States persons” or “United States-owned foreign entities” (each as defined in the Internal Revenue Code), annually report certain information about such accounts, and withhold 30% on certain payments to non-compliant foreign financial institutions and certain other account holders. Foreign financial institutions located in jurisdictions that have an intergovernmental agreement with the United States governing FATCA may be subject to different rules. Under previously finalized Treasury Regulations and administrative guidance, withholding under FATCA generally also would apply to payments of gross proceeds from the sale or other disposition of common stock, but proposed Treasury Regulations provide that no withholding will apply with respect to payments of gross proceeds with respect to the disposition of our common stock. The preamble to the proposed regulations specifies that taxpayers are permitted to rely on such proposed Treasury Regulations pending finalization.

Prospective investors should consult their tax advisors regarding the potential application of withholding under FATCA to their investment in our common stock.

137

EACH PROSPECTIVE INVESTOR SHOULD CONSULT ITS OWN TAX ADVISOR REGARDING THE TAX CONSEQUENCES OF ACQUIRING, OWNING, AND DISPOSING OF OUR COMMON STOCK, INCLUDING THE CONSEQUENCES OF ANY PROPOSED CHANGE IN APPLICABLE LAW, AS WELL AS TAX CONSEQUENCES ARISING UNDER ANY STATE, LOCAL, NON-U.S. OR U.S. FEDERAL NON-INCOME TAX LAWS SUCH AS ESTATE AND GIFT TAX, AND THE POSSIBLE APPLICATION OF TAX TREATIES.

138

UNDERWRITERS

Under the terms and subject to the conditions in an underwriting agreement dated the date of this prospectus, the underwriters named below, for whom Morgan Stanley & Co. LLC and Goldman Sachs & Co. LLC are acting as representatives, will severally agree to purchase, and we will agree to sell to them, severally, the number of shares indicated below:


Name						Number of Shares
Morgan Stanley & Co. LLC
Goldman Sachs & Co. LLC
Total

The underwriters and the representatives are collectively referred to as the “underwriters” and the “representatives,” respectively. The underwriters are offering the shares of common stock subject to their acceptance of the shares from us and subject to prior sale. The underwriting agreement will provide that the obligations of the several underwriters to pay for and accept delivery of the shares of common stock offered by this prospectus are subject to the approval of certain legal matters by their counsel and to certain other conditions. The underwriters are obligated to take and pay for all of the shares of common stock offered by this prospectus if any such shares are taken. However, the underwriters are not required to take or pay for the shares covered by the underwriters’ over-allotment option described below.

The underwriters initially propose to offer part of the shares of common stock directly to the public at the offering price listed on the cover page of this prospectus and part to certain dealers. After the initial offering of the shares of common stock, the offering price and other selling terms may from time to time be varied by the representatives.

We have granted to the underwriters an over-allotment option, exercisable for 30 days from the date of this prospectus, to purchase up to additional shares of common stock at the public offering price listed on the cover page of this prospectus, less underwriting discounts and commissions. The underwriters may exercise this option solely for the purpose of covering over-allotments, if any, made in connection with the offering of the shares of common stock offered by this prospectus. To the extent the option is exercised, each underwriter will become obligated, subject to certain conditions, to purchase about the same percentage of the additional shares of common stock as the number listed next to the underwriter’s name in the preceding table bears to the total number of shares of common stock listed next to the names of all underwriters in the preceding table.

The following table shows the per share and total public offering price, underwriting discounts and commissions, and proceeds before expenses to us. These amounts are shown assuming both no exercise and full exercise of the underwriters’ over-allotment option to purchase up to an additional shares of common stock.

Total

Per
Share

No Exercise

Full Exercise

Public offering price

Underwriting discounts and commissions to be paid by us

Proceeds, before expenses, to us

The estimated offering expenses payable by us, exclusive of the underwriting discounts and commissions, are approximately $ . We have agreed to reimburse the underwriters for expense relating to clearance of this offering with the Financial Industry Regulatory Authority up to $ .

The underwriters have informed us that they do not intend sales to discretionary accounts to exceed 5% of the total number of shares of common stock offered by them.

139

We intend to apply to list our common stock on under the trading symbol “ .” The offering of the shares by the underwriters is subject to receipt and acceptance and subject to the underwriters’ right to reject any order in whole or in part.

We and all directors and officers and the holders of all of our outstanding stock and stock options have agreed that, subject to certain exceptions, that, without the prior written consent of Morgan Stanley & Co. LLC and Goldman Sachs & Co. LLC on behalf of the underwriters, subject to certain exceptions, we and they will not, and will not publicly disclose an intention to, during the period ending days after the date of this prospectus, or the restricted period:

•offer, pledge, sell, contract to sell, sell any option or contract to purchase, purchase any option or contract to sell, grant any option, right or warrant to purchase, lend, or otherwise transfer or dispose of, directly or indirectly, any shares of our common stock or any securities convertible into or exercisable or exchangeable for shares of our common stock;

•file any registration statement with the SEC relating to the offering of any shares of common stock or any securities convertible into or exercisable or exchangeable for our common stock; or

•enter into any swap or other arrangement that transfers to another, in whole or in part, any of the economic consequences of ownership of our common stock, whether any such transaction described above is to be settled by delivery of our common stock or such other securities, in cash or otherwise. In addition, we and each such person agrees that, without the prior written consent of Morgan Stanley & Co. LLC and Goldman Sachs & Co. LLC on behalf of the underwriters, we or such other person will not, during the restricted period, make any demand for, or exercise any right with respect to, the registration of any shares of common stock or any security convertible into or exercisable or exchangeable for common stock.

Morgan Stanley & Co. LLC and Goldman Sachs & Co. LLC, in their sole discretion, may release shares of our common stock and other securities subject to the lock-up agreements described above in whole or in part at any time.

In order to facilitate the offering of the common stock, the underwriters may engage in transactions that stabilize, maintain or otherwise affect the price of our common stock. Specifically, the underwriters may sell more shares than they are obligated to purchase under the underwriting agreement, creating a short position. A short sale is covered if the short position is no greater than the number of shares available for purchase by the underwriters under the over-allotment option. The underwriters can close out a covered short sale by exercising the over-allotment option or purchasing shares in the open market. In determining the source of shares to close out a covered short sale, the underwriters will consider, among other things, the open market price of shares compared to the price available under the over-allotment option. The underwriters may also sell shares in excess of the over-allotment option, creating a naked short position. The underwriters must close out any naked short position by purchasing shares in the open market. A naked short position is more likely to be created if the underwriters are concerned that there may be downward pressure on the price of the common stock in the open market after pricing that could adversely affect investors who purchase in this offering. As an additional means of facilitating this offering, the underwriters may bid for, and purchase, shares of common stock in the open market to stabilize the price of the common stock. These activities may raise or maintain the market price of the common stock above independent market levels or prevent or retard a decline in the market price of the common stock. The underwriters are not required to engage in these activities and may end any of these activities at any time.

We and the underwriters will agree to indemnify each other against certain liabilities, including liabilities under the Securities Act.

A prospectus in electronic format may be made available on websites maintained by one or more underwriters, or selling group members, if any, participating in this offering. The representatives may agree to allocate a number of shares of common stock to underwriters for sale to their online brokerage account holders. Internet distributions will be allocated by the representatives to underwriters that may make Internet distributions on the same basis as other allocations.

140

The underwriters and their respective affiliates are full service financial institutions engaged in various activities, which may include securities trading, commercial and investment banking, financial advisory, investment management, investment research, principal investment, hedging, financing and brokerage activities. Certain of the underwriters and their respective affiliates have, from time to time, performed, and may in the future perform, various financial advisory and investment banking services for us, for which they received or will receive customary fees and expenses.

In addition, in the ordinary course of their various business activities, the underwriters and their respective affiliates may make or hold a broad array of investments and actively trade debt and equity securities (or related derivative securities) and financial instruments (including bank loans) for their own account and for the accounts of their customers and may at any time hold long and short positions in such securities and instruments. Such investment and securities activities may involve our securities and instruments. The underwriters and their respective affiliates may also make investment recommendations or publish or express independent research views in respect of such securities or instruments and may at any time hold, or recommend to clients that they acquire, long or short positions in such securities and instruments.

Pricing of the Offering

Prior to this offering, there has been no public market for our common stock. The initial public offering price was determined by negotiations between us and the representatives. Among the factors considered in determining the initial public offering price were our future prospects and those of our industry in general, our sales, earnings and certain other financial and operating information in recent periods, and the price-earnings ratios, price-sales ratios, market prices of securities, and certain financial and operating information of companies engaged in activities similar to ours.

Selling Restrictions

European Economic Area

This prospectus has been prepared on the basis that any offer of our common stock in any Member State of the European Economic Area will be made pursuant to an exemption under the Prospectus Regulation from the requirement to publish a prospectus for offers of common stock. Accordingly, any person making or intending to make an offer in that Member State of shares of common stock which are the subject of the offering contemplated in this prospectus may only do so in circumstances in which no obligation arises for us or any of the underwriters to publish a prospectus pursuant to Article 3 of the Prospectus Regulation or supplement a prospectus pursuant to Article 23 of the Prospectus Regulation, in each case in relation to such offer. Neither we nor any of the underwriters have authorized, nor do we or they authorize, the making of any offer of common stock in circumstances in which an obligation arises for us or any of the underwriters to publish or supplement a prospectus for such offer. Neither we nor any of the underwriters have authorized, nor do we or they authorize, the making of any offer of common stock through any financial intermediary, other than offers made by the underwriters, which constitute the final placement of the common stock contemplated in this prospectus. The expression “Prospectus Regulation” means Regulation (EU) 2017/1129 (as amended or superseded).

In relation to each Member State of the European Economic Area, each underwriter has represented and agreed that it has not made and will not make an offer of shares of common stock which are the subject of the offering contemplated by this prospectus to the public in that Member State, except that it may make an offer of such common stock to the public in that Member State:

(a)to any legal entity which is a qualified investor as defined under the Prospectus Regulation;

(b)to fewer than 150 natural or legal persons (other than qualified investors as defined under the Prospectus Regulation), subject to obtaining the prior consent of the representatives; or

(c)in any other circumstances falling within Article 1(4) of the Prospectus Regulation,

141

provided that no such offer of shares shall require us or any of our representatives to publish a prospectus pursuant to Article 3 of the Prospectus Regulation or supplement a prospectus pursuant to Article 23 of the Prospectus Regulation.

For the purposes of this provision, the expression an “offer to the public” in relation to any shares in any Member State means the communication in any form and by any means of sufficient information on the terms of the offer and any shares to be offered so as to enable an investor to decide to purchase any shares, and the expression “Prospectus Regulation” means Regulation (EU) 2017/1129 (as amended).

United Kingdom

This prospectus has been prepared on the basis that any offer of shares of common stock in the United Kingdom, will be made pursuant to an exemption from the obligation to publish a prospectus under section 85 of the Financial Services and Markets Act 2000, or the FSMA. Accordingly, any person making or intending to make an offer in the United Kingdom may only do so in circumstances in which no obligation arises for us or any of the underwriters to publish a prospectus pursuant to section 85 of the FSMA or supplement a prospectus pursuant to the UK Prospectus Regulation, in each case in relation to such offer. Neither we nor any of the underwriters have authorized, nor do we or they authorize, the making of any offer of common stock in circumstances in which an obligation arises for us or any of the underwriters to publish or supplement a prospectus for such offer. Neither we nor any of the underwriters have authorized, nor do we or they authorize, the making of any offer of shares through any financial intermediary, other than offers made by the underwriters, which constitute the final placement of the shares of common stock contemplated in this prospectus. The expression “UK Prospectus Regulation” means Regulation (EU) 2017/1129 as it forms part of domestic law by virtue of the European Union (Withdrawal) Act 2018 in the United Kingdom.

In relation to the United Kingdom, each underwriter has represented and agreed that it has not made and will not make an offer of shares of common stock which are the subject of the offering contemplated by this prospectus to the public in the United Kingdom, except that it may make an offer of such shares to the public in the United Kingdom:

(a)to any legal entity which is a qualified investor as defined in the UK Prospectus Regulation;

(b)to fewer than 150 natural or legal persons (other than qualified investors as defined in the UK Prospectus Regulation), subject to obtaining the prior consent of the representatives; or

(c)in any other circumstances falling within section 86 of the FSMA,

provided that no such offer of shares shall require us or any underwriters to publish a prospectus pursuant to section 85 of the FSMA or supplement a prospectus pursuant to Article 23 of the UK Prospectus Regulation.

For the purposes of this provision, the expression “an offer of shares to the public” in relation to any shares means the communication in any form and by any means of sufficient information on the terms of the offer and the shares to be offered so as to enable an investor to decide to purchase or subscribe for the shares.

Each underwriter has represented and agreed that:

(a)it has only communicated or caused to be communicated and will only communicate or cause to be communicated an invitation or inducement to engage in investment activity (within the meaning of Section 21 of the FSMA) received by it in connection with the issue or sale of the shares of our common stock in circumstances in which Section 21(1) of the FSMA does not apply to us; and

(b)it has complied and will comply with all applicable provisions of the FSMA with respect to anything done by it in relation to the shares of our common stock in, from or otherwise involving the United Kingdom.

142

Switzerland

This prospectus is not intended to constitute an offer or solicitation to purchase or invest in the shares of common stock. The shares of common stock may not be publicly offered, directly or indirectly, in Switzerland within the meaning of the Swiss Financial Services Act, or the FinSA, and no application has or will be made to admit the shares of common stock to trading on any trading venue (exchange or multilateral trading facility) in Switzerland. Neither this prospectus nor any other offering or marketing material relating to the shares of common stock constitutes a prospectus pursuant to the FinSA, and neither this prospectus nor any other offering or marketing material relating to the shares of common stock may be publicly distributed or otherwise made publicly available in Switzerland.

Dubai International Financial Centre

This prospectus relates to an Exempt Offer in accordance with the Offered Securities Rules of the Dubai Financial Services Authority, or the DFSA. This prospectus is intended for distribution only to persons of a type specified in the Offered Securities Rules of the DFSA. It must not be delivered to, or relied on by, any other person. The DFSA has no responsibility for reviewing or verifying any documents in connection with Exempt Offers. The DFSA has not approved this prospectus nor taken steps to verify the information set forth herein and has no responsibility for the prospectus. The shares to which this prospectus relates may be illiquid and/or subject to restrictions on their resale. Prospective purchasers of the shares offered should conduct their own due diligence on the shares. If you do not understand the contents of this prospectus you should consult an authorized financial advisor.

Australia

No placement document, prospectus, product disclosure statement or other disclosure document has been lodged with the Australian Securities and Investments Commission in relation to the offering. This prospectus does not constitute a prospectus, product disclosure statement or other disclosure document under the Corporations Act 2001, or the Corporations Act, and does not purport to include the information required for a prospectus, product disclosure statement or other disclosure document under the Corporations Act.

Any offer in Australia of the shares may only be made to persons, or the Exempt Investors, who are “sophisticated investors” (within the meaning of section 708(8) of the Corporations Act), “professional investors” (within the meaning of section 708(11) of the Corporations Act) or otherwise pursuant to one or more exemptions contained in section 708 of the Corporations Act so that it is lawful to offer the shares without disclosure to investors under Chapter 6D of the Corporations Act.

The shares applied for by Exempt Investors in Australia must not be offered for sale in Australia in the period of 12 months after the date of allotment under the offering, except in circumstances where disclosure to investors under Chapter 6D of the Corporations Act would not be required pursuant to an exemption under section 708 of the Corporations Act or otherwise or where the offer is pursuant to a disclosure document which complies with Chapter 6D of the Corporations Act. Any person acquiring shares must observe such Australian on-sale restrictions.

This prospectus contains general information only and does not take into account the investment objectives, financial situation or particular needs of any particular person. It does not contain any securities recommendations or financial product advice. Before making an investment decision, investors need to consider whether the information in this prospectus is appropriate for their needs, objectives and circumstances, and, if necessary, seek expert advice on those matters.

Canada

The shares may be sold only to purchasers purchasing, or deemed to be purchasing, as principal that are accredited investors, as defined in National Instrument 45-106 Prospectus Exemptions or subsection 73.3(1) of the Securities Act (Ontario), and are permitted clients, as defined in National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations. Any resale of the shares must be made in

143

accordance with an exemption from, or in a transaction not subject to, the prospectus requirements of applicable securities laws.

Securities legislation in certain provinces or territories of Canada may provide a purchaser with remedies for rescission or damages if this prospectus (including any amendment thereto) contains a misrepresentation, provided that the remedies for rescission or damages are exercised by the purchaser within the time limit prescribed by the securities legislation of the purchaser’s province or territory. The purchaser should refer to any applicable provisions of the securities legislation of the purchaser’s province or territory for particulars of these rights or consult with a legal advisor.

Pursuant to section 3A.3 of National Instrument 33-105 Underwriting Conflicts (NI 33-105), the underwriters are not required to comply with the disclosure requirements of NI 33-105 regarding underwriter conflicts of interest in connection with this offering.

Hong Kong

The shares of common stock have not been offered or sold and will not be offered or sold in Hong Kong, by means of any document, other than (i) to “professional investors” as defined in the Securities and Futures Ordinance (Cap. 571) of Hong Kong and any rules made under that Ordinance; or (ii) in other circumstances which do not result in the document being a “prospectus” as defined in the Companies (Winding Up and Miscellaneous Provisions) Ordinance (Cap. 32) of Hong Kong or which do not constitute an offer to the public within the meaning of that Ordinance. No advertisement, invitation or document relating to the shares of common stock has been or may be issued or has been or may be in the possession of any person for the purposes of issuance, whether in Hong Kong or elsewhere, which is directed at, or the contents of which are likely to be accessed or read by, the public of Hong Kong (except if permitted to do so under the securities laws of Hong Kong) other than with respect to shares of common stock which are or are intended to be disposed of only to persons outside Hong Kong or only to “professional investors” as defined in the Securities and Futures Ordinance and any rules made under that Ordinance.

Singapore

This prospectus has not been registered as a prospectus with the Monetary Authority of Singapore. Accordingly, this prospectus and any other document or material in connection with the offer or sale, or invitation for subscription or purchase, of the shares of common stock may not be circulated or distributed, nor may the shares of common stock be offered or sold, or be made the subject of an invitation for subscription or purchase, whether directly or indirectly, to persons in Singapore other than (i) to an institutional investor under Section 274 of the Securities and Futures Act, Chapter 289 of Singapore, or the SFA, (ii) to a relevant person pursuant to Section 275(1), or any person pursuant to Section 275(1A), and in accordance with the conditions specified in Section 275, of the SFA, or (iii) otherwise pursuant to, and in accordance with the conditions of, any other applicable provision of the SFA.

Where the shares of common stock are subscribed or purchased under Section 275 of the SFA by a relevant person which is (a) a corporation (which is not an accredited investor (as defined in Section 4A of the SFA)) the sole business of which is to hold investments and the entire share capital of which is owned by one or more individuals, each of whom is an accredited investor; or (b) a trust (where the trustee is not an accredited investor) the sole purpose of which is to hold investments and each beneficiary of the trust is an individual who is an accredited investor, securities (as defined in Section 239(1) of the SFA) of that corporation or the beneficiaries’ rights and interest (howsoever described) in that trust shall not be transferred within six months after that corporation or that trust has acquired the shares of common stock pursuant to an offer made under Section 275 of the SFA except: (i) to an institutional investor or to a relevant person defined in Section 275(2) of the SFA, or to any person arising from an offer referred to in Section 275(1A) or Section 276(4)(i)(B) of the SFA; (ii) where no consideration is or will be given for the transfer; (iii) where the transfer is by operation of law; (iv) as specified in Section 276(7) of the SFA; or (v) as specified in Regulation 37A of the Securities and Futures (Offers of Investments) (Securities and Securities-based Derivatives Contracts) Regulations 2018.

Solely for the purposes of its obligations pursuant to Section 309B of the SFA, we have determined, and hereby notify all relevant persons (as defined in the CMP Regulations 2018), that the shares are “prescribed capital markets

144

products” (as defined in the CMP Regulations 2018) and Excluded Investment Products (as defined in MAS Notice SFA 04-N12: Notice on the Sale of Investment Products and MAS Notice FAA-N16: Notice on Recommendations on Investment Products).

Japan

No registration pursuant to Article 4, paragraph 1 of the Financial Instruments and Exchange Law of Japan (Law No. 25 of 1948, as amended), or the FIEL, has been made or will be made with respect to the solicitation of the application for the acquisition of the shares of common stock.

Accordingly, the shares of common stock have not been, directly or indirectly, offered or sold and will not be, directly or indirectly, offered or sold in Japan or to, or for the benefit of, any resident of Japan (which term as used herein means any person resident in Japan, including any corporation or other entity organized under the laws of Japan) or to others for re-offering or re-sale, directly or indirectly, in Japan or to, or for the benefit of, any resident of Japan except pursuant to an exemption from the registration requirements, and otherwise in compliance with, the FIEL and the other applicable laws and regulations of Japan.

•For Qualified Institutional Investors, or QII. Please note that the solicitation for newly issued or secondary securities (each as described in Paragraph 2, Article 4 of the FIEL) in relation to the shares of common stock constitutes either a “QII only private placement” or a “QII only secondary distribution” (each as described in Paragraph 1, Article 23-13 of the FIEL). Disclosure regarding any such solicitation, as is otherwise prescribed in Paragraph 1, Article 4 of the FIEL, has not been made in relation to the shares of common stock. The shares of common stock may only be transferred to QIIs.

•For Non-QII Investors. Please note that the solicitation for newly-issued or secondary securities (each as described in Paragraph 2, Article 4 of the FIEL) in relation to the shares of common stock constitutes either a “small number private placement” or a “small number private secondary distribution” (each as is described in Paragraph 4, Article 23-13 of the FIEL). Disclosure regarding any such solicitation, as is otherwise prescribed in Paragraph 1, Article 4 of the FIEL, has not been made in relation to the shares of common stock. The shares of common stock may only be transferred en bloc without subdivision to a single investor.

Israel

In the State of Israel this prospectus shall not be regarded as an offer to the public to purchase shares of common stock under the Israeli Securities Law, 5728 - 1968, which requires a prospectus to be published and authorized by the Israel Securities Authority, if it complies with certain provisions of Section 15 of the Israeli Securities Law, 5728 - 1968, including, inter alia, if: (i) the offer is made, distributed or directed to not more than 35 investors, subject to certain conditions (the Addressed Investors); or (ii) the offer is made, distributed or directed to certain qualified investors defined in the First Addendum of the Israeli Securities Law, 5728 - 1968, subject to certain conditions (the Qualified Investors). The Qualified Investors shall not be taken into account in the count of the Addressed Investors and may be offered to purchase securities in addition to the 35 Addressed Investors. We have not and will not take any action that would require it to publish a prospectus in accordance with and subject to the Israeli Securities Law, 5728 - 1968. We have not and will not distribute this prospectus or make, distribute or direct an offer to subscribe for our common stock to any person within the State of Israel, other than to Qualified Investors and up to 35 Addressed Investors.

145

Qualified Investors may have to submit written evidence that they meet the definitions set out in of the First Addendum to the Israeli Securities Law, 5728 - 1968. In particular, we may request, as a condition to be offered common stock, that Qualified Investors will each represent, warrant and certify to us and/or to anyone acting on our behalf: (i) that it is an investor falling within one of the categories listed in the First Addendum to the Israeli Securities Law, 5728 - 1968; (ii) which of the categories listed in the First Addendum to the Israeli Securities Law, 5728 - 1968 regarding Qualified Investors is applicable to it; (iii) that it will abide by all provisions set forth in the Israeli Securities Law, 5728 - 1968 and the regulations promulgated thereunder in connection with the offer to be issued common stock; (iv) that the shares of common stock that it will be issued are, subject to exemptions available under the Israeli Securities Law, 5728 - 1968: (a) for its own account, (b) for investment purposes only, and (c) not issued with a view to resale within the State of Israel, other than in accordance with the provisions of the Israeli Securities Law, 5728 - 1968; and (v) that it is willing to provide further evidence of its Qualified Investor status. Addressed Investors may have to submit written evidence in respect of their identity and may have to sign and submit a declaration containing, inter alia, the Addressed Investor’s name, address and passport number or Israeli identification number.

146

LEGAL MATTERS

Fenwick & West LLP, Mountain View, California, which has acted as our counsel in connection with this offering, will pass upon the validity of the issuance of the shares of our common stock offered by this prospectus. As of the date of this prospectus, individuals and entities associated with Fenwick & West LLP beneficially own an aggregate of 2,370 shares of our common stock. Latham & Watkins LLP, Menlo Park, California is acting as counsel to the underwriters.

EXPERTS

The financial statements included in this Prospectus have been audited by Deloitte & Touche LLP, an independent registered public accounting firm, as stated in their report appearing herein. Such financial statements are included in reliance upon the report of such firm given upon their authority as experts in accounting and auditing.

WHERE YOU CAN FIND ADDITIONAL INFORMATION

We have filed with the SEC a registration statement on Form S-1 under the Securities Act with respect to the shares of common stock offered hereby. This prospectus, which constitutes a part of the registration statement, does not contain all of the information set forth in the registration statement or the exhibits filed therewith. For further information about us and our common stock offered hereby, reference is made to the registration statement and the exhibits filed therewith. Statements contained in this prospectus regarding the contents of any contract or any other document that is filed as an exhibit to the registration statement are not necessarily complete, and in each instance we refer you to the copy of such contract or other document filed as an exhibit to the registration statement. We currently do not file periodic reports with the SEC.

Upon completion of this offering, we will be required to file periodic reports, proxy statements and other information with the SEC pursuant to the Exchange Act. The SEC maintains a website that contains reports, proxy and information statements, and other information regarding registrants that file electronically with the SEC. The address of the website is www.sec.gov.

We also maintain a website at www.sentinelone.com. Upon the completion of this offering, you may access these materials at our website free of charge as soon as reasonably practicable after they are electronically filed with, or furnished to, the SEC. Information contained in, or that can be accessed through, our website is not a part of, and is not incorporated into, this prospectus.

147

SENTINEL LABS, INC.

INDEX TO CONSOLIDATED FINANCIAL STATEMENTS


			Page
Report of Independent Registered Public Accounting Firm			F-2
Consolidated Balance Sheet			F-3
Consolidated Statement of Operation s			F-4
Consolidated Statement of Comprehensive Loss			F-5
Consolidated Statement of Redeemable Convertible Preferred Stock and Stockholders’ Deficit			F-6
Consolidated Statement of Cash Flows			F-7
Notes to Consolidated Financial Statements			F-8

F-1

REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM

To the Stockholders and Board of Directors of Sentinel Labs, Inc.

Opinion on the Financial Statements

We have audited the accompanying consolidated balance sheet of Sentinel Labs, Inc. and subsidiaries (the "Company") as of January 31, 2020, the related consolidated statements of operations, comprehensive loss, redeemable convertible preferred stock and stockholders’ deficit, and cash flows for the year then ended, and the related notes (collectively referred to as the "financial statements"). In our opinion, the financial statements present fairly, in all material respects, the financial position of the Company as of January 31, 2020, and the results of its operations and its cash flows for the year ended January 31, 2020, in conformity with accounting principles generally accepted in the United States of America.

Basis for Opinion

These financial statements are the responsibility of the Company's management. Our responsibility is to express an opinion on the Company's financial statements based on our audit. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States) (PCAOB) and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.

We conducted our audit in accordance with the standards of the PCAOB and in accordance with auditing standards generally accepted in the United States of America. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether due to error or fraud. The Company is not required to have, nor were we engaged to perform, an audit of its internal control over financial reporting. As part of our audit, we are required to obtain an understanding of internal control over financial reporting but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control over financial reporting. Accordingly, we express no such opinion.

Our audit included performing procedures to assess the risks of material misstatement of the financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the financial statements. Our audit also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the financial statements. We believe that our audit provides a reasonable basis for our opinion.

/s/ DELOITTE & TOUCHE LLP

San Jose, California
March 17, 2021

We have served as the Company’s auditor since 2018.

F-2


SENTINEL LABS, INC. CONSOLIDATED BALANCE SHEET (in thousands, except share and per share data)


	As of January 31, 2020
Assets
Current assets:
Cash and cash equivalents	$	45,360
Short-term investments	340
Accounts receivable, net	30,995
Deferred contract acquisition costs, current	8,431
Prepaid expenses and other current assets	3,590
Total current assets	88,716
Property and equipment, net	8,329
Deferred contract acquisition costs, non-current	12,826
Restricted cash	2,320
Other assets	263
Total assets	$	112,454
Liabilities, Redeemable Convertible Preferred Stock, and Stockholders’ Deficit
Current liabilities:
Accounts payable	$	4,624
Accrued liabilities	2,283
Accrued payroll and benefits	12,006
Deferred revenue, current	52,823
Total current liabilities	71,736
Deferred revenue, non-current	39,946
Long-term debt	19,598
Other liabilities	3,561
Total liabilities	134,841
Commitments and contingencies (Note 13)
Redeemable convertible preferred stock; $0.0001 par value; 113,523,948 shares authorized; 113,523,948 shares issued and outstanding; liquidation preference of $202,824	201,826
Stockholders’ deficit:
Common stock; $0.0001 par value; 183,000,000 shares authorized; 33,550,809 shares issued and outstanding	1
Additional paid-in capital	8,986
Accumulated other comprehensive loss	(201)
Accumulated deficit	(232,999)
Total stockholders’ deficit	(224,213)
Total liabilities, redeemable convertible preferred stock, and stockholders’ deficit	$	112,454