This research establishes a theoretical model to test the interrelationships among R&D investment, intellectual capital, organizational learning, and firm performance. Based on the collection and investigation of a panel dataset gleaned from 26 software companies in 28 time periods, we find that: (1) R&D investment of software enterprises and firm performance are positively correlated; (2) intellectual capital fully mediates the R&D investment– performance relationship; and (3) organizational learning of software security vulnerabilities moderates the relationship between R&D investment and intellectual capital in the form of human capital. Based on our findings, we draw both theoretical and managerial implications