Key Takeaways
- Rubrik reported FY2027 Q1 revenue of $387.1 million, a 39 % year‑over‑year increase that exceeded the high‑end guidance of $376 million.
- Subscription ARR reached $1.57 billion, up 32 % YoY, with Cloud ARR growing 43 % to $1.4 billion.
- GAAP net loss narrowed sharply to $41.8 million from $102.1 million a year earlier; operating cash flow rose to $81.7 million and free cash flow to $73.6 million.
- Subscription ARR contribution margin improved to 13.2 % (up >500 basis points) reflecting scale, higher sales and cost efficiencies.
- CEO Bipul Sinha emphasized that AI‑driven autonomous agents (exemplified by the Mythos model) have made detection nearly impossible, shifting the focus from prevention to continuous cyber‑resilience and rapid recovery.
- Rubrik’s Preemptive Recovery Engine is positioned to enable “AI‑speed” recovery, and the company raised its FY2027 revenue outlook to $1.643 billion (± $5 million), a 24.5 % increase at the midpoint.
Financial Performance Overview
Rubrik’s first quarter of fiscal 2027 delivered strong top‑line growth, with total revenue climbing 39 % year‑over‑year to $387.1 million. This figure surpassed the company’s high‑end guidance of $376 million, underscoring robust demand for its cyber‑security platform. On the profitability front, the GAAP net loss improved dramatically to $41.8 million, down from $102.1 million in the same quarter a year earlier. The reduction in loss was driven by higher subscription revenue, improved gross margins, and disciplined expense management. Operating cash flow more than doubled to $81.7 million versus $39.7 million a year ago, while free cash flow rose to $73.6 million from $33.3 million, indicating that the business is generating increasing amounts of cash despite still posting a net loss on a GAAP basis.
Subscription Growth and ARR
Subscription revenue was the primary engine of growth, increasing 41 % to $374.2 million. Subscription ARR—annualized recurring revenue from subscriptions—stood at $1.57 billion at quarter‑end, representing a 32 % year‑over‑year increase. Within this, Cloud ARR grew 43 % to $1.4 billion, reflecting the accelerating shift of customers toward cloud‑native data protection and SaaS offerings. The company also expanded its high‑value customer base: the number of subscription accounts with ARR exceeding $100 K rose to 2,946, up 24 % year‑over‑year and 14 % sequentially. Net retention remained strong, with a dollar‑based NRR of 120 % and a Net Promoter Score above 80, signaling high customer satisfaction and expansion potential within the existing base.
Profitability and Cash Flow Metrics
Gross margin improved to 80.5 % from 78.3 % a year earlier, benefiting from a higher mix of subscription and cloud services that carry lower incremental costs than legacy hardware‑centric offerings. Subscription ARR contribution margin—a metric Rubrik uses to gauge operating leverage—rose to 13.2 % for the last twelve months ended April 30, up from 8 % in the prior year, an improvement of over 500 basis points. This uplift stemmed from higher sales volumes, economies of scale, and ongoing cost‑management initiatives. The stronger cash generation, reflected in operating and free cash flow increases, provides Rubrik with additional flexibility to invest in product development, sales expansion, and potential acquisitions while maintaining a solid liquidity position of $1.85 billion in cash, cash equivalents, restricted cash, and marketable securities.
Geographic Revenue Breakdown
Revenue growth was broad‑based across regions. CFO Kiran Choudary noted that Americas revenue rose 38 % to $279 million, while revenue outside the Americas grew even faster at 43 % to $108 million. The accelerated international growth highlights Rubrik’s expanding global footprint and the universal relevance of its cyber‑resilience proposition. The balanced contribution from both geographies reduces reliance on any single market and supports the company’s goal of diversifying its revenue streams as it scales worldwide.
Leadership Commentary on AI and Cyber Resilience
CEO Bipul Sinha framed the results within a broader strategic narrative: Rubrik is evolving into an “agentic cyber resilience” platform that unifies data, identity, and AI in a single architecture. He expressed confidence that the company is in the “early innings of the AI acceleration opportunity,” suggesting that the current growth trajectory is just the beginning of a longer‑term AI‑driven market expansion. Sinha’s remarks underscore Rubrik’s intent to leverage its existing data protection strengths to address emerging threats posed by autonomous AI agents that can infiltrate, breach, and encrypt data at machine speed.
Impact of Mythos and AI Threat Landscape
During the earnings call, Sinha referenced the Mythos AI model as a catalyst for industry‑wide change. He argued that Mythos and similar frontier models have rendered traditional attack detection nearly obsolete, because once an intrusion occurs, breach and encryption follow almost instantly. Consequently, he asserted that cyber resilience—rather than pure prevention or detection—has become the fundamental requirement for security in the AI era. Sinha warned that AI agents increasingly run business processes, assume identities, access sensitive data, and act autonomously; once compromised, they can inflict up to ten times more damage in one‑tenth the time of conventional threats. This heightened risk profile, he argued, makes rapid recovery capabilities essential.
Hardware Supply Chain Insulation
When asked about potential headwinds from hardware supply chain disruptions, Sinha emphasized that Rubrik’s exposure is minimal. He pointed out that Rubrik is fundamentally a software company, and the enterprise data protection segment that relies on hardware now constitutes a smaller portion of the overall business. The company’s portfolio has expanded to include cloud, SaaS, identity management, Microsoft 365 protection, and other solutions that are less dependent on physical hardware supply chains. Consequently, Rubrik’s customers are evaluating cyber resilience holistically across platforms, recognizing that modern attacks do not discriminate between data‑center and cloud environments.
Strategic Shift to Cyber Resilience
Sinha articulated a clear strategic pivot: the industry’s focus has moved from a prevention‑detection mindset to a squarely cyber‑resilience orientation. He explained that this shift is largely driven by the realities exposed by models like Mythos, which make detection impractical and elevate the importance of being able to recover quickly and continuously. In this new paradigm, organizations must assume that breaches will occur and therefore need architectures that enable continuous readiness to restore operations at the speed of AI‑driven attacks.
Preemptive Recovery Engine Vision
To address the need for AI‑speed recovery, Sinha highlighted Rubrik’s Preemptive Recovery Engine as a core component of its vision. The engine is designed to allow organizations to be ready to recover at any moment, matching the velocity of AI‑generated threats. By integrating predictive analytics, automated orchestration, and rapid data restore capabilities, the engine aims to minimize downtime and limit the impact of breaches. Sinha positioned this technology as the answer to the growing demand for solutions that can keep pace with the evolving threat landscape.
Guidance Raised for FY2027
Building on the strong quarterly performance and the momentum generated by AI‑centric conversations, Rubrik raised its full‑year FY2027 revenue outlook. The midpoint guidance was increased from $1.602 billion to $1.643 billion, representing a 24.5 % year‑over‑year increase at the midpoint. For the upcoming quarter, the company expects revenue of $396 million ± $1 million, a 27.8 % YoY increase at the midpoint. Sinha attributed the upward revision to heightened customer dialogue around cyber resilience and recovery spurred by the Mythos narrative, which is translating into stronger pipeline and conversion rates.
Operating Metrics and Definitions
For transparency, Rubrik provided definitions of key non‑GAAP metrics used in its reporting. Subscription ARR Contribution Margin is calculated as Subscription ARR Contribution divided by Subscription ARR at the period‑end. Subscription ARR Contribution itself equals Subscription ARR at the period‑end minus (i) non‑GAAP subscription cost of revenue and (ii) non‑GAAP operating expenses for the preceding twelve‑month period. The company believes this margin offers a useful gauge of operating leverage, reflecting how effectively incremental subscription ARR translates into profit after accounting for direct subscription costs and operating overhead.
Conclusion
Rubrik’s FY2027 Q1 results illustrate a company successfully capitalizing on the growing importance of AI‑driven cyber resilience. Robust top‑line growth, expanding subscription ARR, improving margins, and strong cash generation collectively signal healthy business momentum. Leadership’s emphasis on the limitations of traditional detection in the face of autonomous AI threats reinforces a strategic shift toward continuous recovery capabilities, exemplified by the Preemptive Recovery Engine. With upgraded guidance for the remainder of FY2027 and a broadening global customer base, Rubrik appears well positioned to capture the expanding market for AI‑centric cyber‑resilience solutions. The company’s ability to insulate itself from hardware supply chain volatility and to leverage a diversified software‑first portfolio further strengthens its outlook as it navigates an increasingly complex threat landscape.