ROI is also hard to quantify. We have definitely gained business having Threat Stack. Being able to check some boxes and having an intrusion-detection service is probably where we've seen the biggest increase in revenue.

As far as development time goes, we weren't spending a lot of time on security until we got Threat Stack. So that's more of an investment.

It's hard to say how many deals we have won specifically because of Threat Stack security. We don't really have a return on investment because we didn't have a ton of security engineers that were wasting a ton of time.

What it's given us is way better security posture, way better answers to our clients. We can be proactive about security now and we can start that conversation, rather than being embarrassed to start that conversation. It's definitely gotten us into a lot more revenue opportunities. Had we not had Threat Stack, we could have been eliminated from many conversations. It's just hard to say exactly how many of them.

The ease of audit tracking for Sarbanes-Oxley audit was a dramatic change from last year. That's a key win. I don't know that it paid for itself there, but it certainly contributed to paying for itself there.

We have seen return on investment but I can't come up with a number because of how much we've changed. When we had Trend Micro, we had only some 500 instances, and now we're at 5,000.

I don't know that there's an ROI. We purchased the product that gives operations center oversight. We're basically replacing some FTE-equivalent in that budget pool. In security products, there's never really an ROI, although preventing one breach is like a return on investment.

Return on investment with security tools is hard to gauge. It's not unique to us, but for some companies, security is a sales driver and we're definitely one of those companies. Having Threat Stack in place, being able to provide meaningful artifacts to our customers, has definitely shortened sale cycles for us.

Where we had to abstract ten different sets of data to create an artifact for an audit or customer review, we don't have to do that anymore. It's very easy for us to demonstrate our security controls. We've been able to pick up multi-million-dollar accounts from very large technology companies that have extremely strict security requirements because we have this tool in place.

With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products.

We have seen a measurable decrease in the mean time to remediation.