With everything going up onto the internet and on the cloud, cybersecurity has definitely become a growing trend. Investors are now rushing to invest in cybersecurity tech companies like CrowdStrike and ZScaler. Let’s take a deep dive into CrowdStrike (NASDAQ: CRWD) and truly understand what investors are buying into.
Business Overview
CrowdStrike is a multinational cybersecurity business with one objective, to stop attacks and secure organizations. Combining next-generation AV, endpoint detection and response, and a 24/7 controlled hunting service, powered by AI and cloud computing, CrowdStrike has revolutionized endpoint security.
Crowdstrike was formed in 2011 and sells its cybersecurity software “Falcon” to large businesses and government customers, including major global banks, medical and energy firms. Goldman Sachs, Amazon Web Services, MIT and different US states and cities are among Crowdstrike’s clientele.
Crowdstrike has also helped the US government in running cybersecurity investigations. For instance, for more than a decade, Crowdstrike has tracked North Korean hackers.
CEO & Key Management
CrowdStrike’s CTO and co-founder, Dmitri Alperovitch, has a long history in the Cybersecurity industry. He has worked at a number of security startups in the late 1990s and early 2000s, including email security startup CipherTrust where he was one of the leading inventors of the TrustedSource reputation system. After CipherTrust was acquired by Secure Computing in 2006, he lead the research team and launched the SaaS business for the company. After Secure Computing was acquired by McAfee in 2008, Dmitri took over as Vice President of threat research. In late 2011, Dmitri was brought onto Crowdstrike as a co-founder and CTO. With Dmitri’s long history in the field, he serves as a valuable key to CrowdStrike’s huge success.
CrowdStrike’s CEO and co-founder, George Kurtz, started off as a CPA at Price Waterhouse but later became part of a new security group in the company. In 1999, he co-wrote “Hacking Exposed”, a book about cybersecurity for network administrators. In the same year, he started a cybersecurity company, Foundstone, one of the first dedicated security consulting companies. Foundstone focused on vulnerability management software and services and developed a well-recognized incident response practice, with much of the Fortune 100 among its customers.
Foundstone was later acquired by McAfee in 2004 and George Kurtz went on to be the Senior Vice President and General Manager of risk management at McAfee. In late 2011, Kurtz joined private equity firm Warburg Pincus as an “executive in residence” and began working on his next project, CrowdStrike. Together with Gregg Marston and Alperovitch, they announced the company’s launch in February 2012 after securing a $25 million in funding. With Kurtz’s long history in the field, he also serves as a valuable key to CrowdStrike’s huge success.
Products and Services
CrowdStrike has an in-depth suite of products and services to help clients with maintaining the highest level of security. In this section, I’ll be covering some of their products and services.
Falcon Endpoint Protection
CrowdStrike’s Falcon is very well known for its in-depth suite of products, offering the highest level of security for all businesses and enterprises, big or small. The suite itself has several modules such as the Falcon Prevent, a Cloud-native Next-Generation Antivirus, Falcon X, an automated threat intelligence module which includes malware sandbox analysis and malware search.
Pricing
The pricing plan for CrowdStrike’s Falcon is pretty unique, being a per endpoint/month subscription plan. It is unique because they charge based on a per endpoint basis rather than just a regular subscription plan, making it very flexible for clients.
This pricing model allows smaller companies to tap onto CrowdStrike’s services without spending too much over their budget. It also allows larger companies to reduce spending by only securing key endpoints throughout their network as compared to full coverage, which could be excessive and unnecessary.
CrowdStrike Cloud Security
CrowdStrike also offers cloud security solutions for companies that leverage more on cloud services such as AWS, GCP, or Azure. Companies that already use CrowdStrike for their own endpoint security would definitely want to use CrowdStrike for any of their cloud deployments as it is far easier to aggregate all their security products under 1 suite.
Competitors
Being in such a huge yet growing niche market, there are bound to be competitors. Let’s take a look at how CrowdStrike fairs against these competitors.
McAfee
Comprehensive Security Protection
CrowdStrike consolidates security solutions and eliminates on-premise infrastructure with the CrowdStrike Falcon Platform. It protects against all threat vectors, even when computers and servers aren’t connected to the internet.
Fully Operational in Seconds
No need for signatures, fine-tuning, or costly infrastructure. Just unmated prevention from the moment you deploy. Improve your visibility across on-premise, cloud, and mobile devices to discover and hunt advanced threats with the Falcon Platform.
CrowdStrike offers a single one-line install using your deployment tool. Quiet mode ensures interruption-free installations and Falcon runs alongside your current antivirus. The Falcon Platform then monitors security events in real-time.
Enhanced Risk Management
CrowdStrike’s team of elite threat hunters work 24/7, proactively searching for threats that other solutions miss. This provides maximum effectiveness in security by harnessing the power of big data and artificial intelligence to reduce the number of incidents and total time to remediation. Falcon’s ability to identify and stop sophisticated attackers can decrease dependency on IR consulting and improve business availability.
VMware Carbon Black
One Vendor, One Platform, One Agent
Thousands of customers chose CrowdStrike’s Falcon Platform to consolidate security products, eliminate agent bloat, and eradicate the unnecessary burden of on-premise infrastructure.
Unlike legacy and infrastructure vendors, the CrowdStrike Falcon Platform delivers every feature and capability through a single agent which is deployed and managed from the cloud, protecting users wherever they are, giving an immediate boost to a company’s security posture.
Better Protection
CrowdStrike stops breaches by going beyond basic signature-based prevention and leverages threat intelligence to provide the context needed to pivot to a proactive security posture. Built in the cloud, CrowdStrike’s single-agent detects and prevents known and unknown threats, from ransomware and malware to zero-day exploits.
Falcon’s Threat Graph powered prevention and detection utilizes trillions of data points combined with machine learning, proactive threat hunting, and behavioral analytics to protect customers against the entire threat lifecycle.
Silences the Noise, Speeds Up Investigations
CrowdStrike provides maximum effectiveness by harnessing the power of big data and artificial intelligence to reduce the frequency of incidents and time to remediation. Utilizing Falcon to identify and stop sophisticated attackers can decrease dependency on IR consulting and improve business availability long term.
Competitive Edge
CrowdStrike is a cybersecurity growth leader. In the years ahead, the company has a strong business model, excellent execution, and plenty of room for more growth. The stock is priced according to aggressive expectations, and if there is any disappointment down the road, this can be a source of uncertainty. Recognizing this, the upside potential is obviously appealing to long-term investors of CrowdStrike.
Powerful Business Model
In terms of endpoint defense, CrowdStrike has a revolutionary business model. Artificial Intelligence is used by the company’s cloud-native Falcon platform to learn from the data it gathers, permanently enhancing the platform’s efficacy to offer the right solutions in an ever-changing cybersecurity setting.
When a customer is targeted, the business collects data from the attack and learns from it, creating better strategies based on a single incident encountered by one customer for all CrowdStrike customers.
In a way, the network impact helps CrowdStrike and its users, which ensures that the platform’s value increases as it grows in scale. The more users CrowdStrke has, the more data it gathers from those users, making the platform more efficient for all users. This establishes a self-sustaining virtuous cycle for CrowdStrike over time of steady development and expanded competitive power.
Besides, a cloud-native platform such as Falcon is much easier to scale and easier to enforce, which is a key benefit in times of working from home and expanding cybersecurity endpoint defense needs.
The business model can scale very well, too, from a financial perspective. In contrast to sales, most of the costs of delivering the service are relatively fixed, so profit margins can be expected to increase as revenue increases over the years. In conjunction with a greater share of sales being retained as income, vigorous revenue growth could provide a double boost over the years to earnings.
Financials
Last but not least, the numbers behind CrowdStrike. Let’s take a dive into the numbers part of the company and whether or not the price is justified with the company’s current growth rate.
3QFY21 Results
CrowdStrike just released their results on the 2nd of December so Let’s take a quick dive into the details and how well it fared for the quarter.
Starting with the income statement, the total revenue segment increased by 86% year on year for the quarter and 85% for the 9 months ended. The subscription segment of the revenue also increased by a whopping 87% year on year for the quarter. The company is still aggressively growing as you can see from the rapid growth in Sales and Marking as well as Research and Development.
The company also shared that the Annual Recurring Revenue (ARR) increased 81% year-over-year and grew to $907.4 million as of October 31, 2020, of which $116.8 million was net new ARR added in the quarter, including $6.8 million from the acquisition of Preempt Security. Crowdstrike’s customer count is also rapidly growing and has reached a total of 8,416 subscription customers as of October 31, 2020, representing 85% growth year-over-year.
CrowdStrike has managed to increase its operating cash flow from $33.8m to $242.1m for the 9 months ended as well as its free cash flow from $7m to $76.1m.
Revenue Growth
Taking a look at CrowdStrike’s growth trend for the past 11 quarters, we can see a tremendous growth with the revenue as well as its operating expenditures such as R&D and S&M. This shows that the company is spending more and more money to grow rapidly and their hard work has definitely paid off. The revenue growth trend is definitely much faster than the operating expense growth trend.
Balance Sheet Stability
CrowdStrike has definitely grown their cash position stronger and stronger each quarter and now has more cash than short term liabilities. This gives the company room to breathe and even acquire other companies should favorable opportunities come.
Rule Of 40 Test
Since CrowdStrike is a SaaS company, the Rule of 40 is a good valuation method to use when evaluating if the company’s growth is currently justified. To calculate the rule of 40, you simply use the company’s revenue growth rate and add it to the profit margin. CrowdStrike’s FY2020 revenue growth rate stands at 92.7% and its profit margin stands at -29.5%.
Therefore, CrowdStrike’s rule of 40 score is 63.2 which is way above 40. This means that the company’s current growth rate is high enough to justify investors paying a higher premium to own shares in the company.
Final Thoughts
CrowdStrike is definitely a company to watch for the next 5 years to come as Cybersecurity is a growing trend in the tech industry. The company has huge growth potential and it has barely scratched the surface with what it has in store for investors.
I recently accumulated CrowdStrike during the dip and it has since gone up almost 10%. I am not planning to sell any of my positions and will continue to accumulate should there be any more dips in the near future. CrowdStrike will definitely a huge hit with Cybersecurity becoming the next biggest trend.
Pingback: 20 Things You Didn't Know about CrowdStrike