CrowdStrike - AI driven Cloud Cyber-security
Please note that this article does not constitute investment advice in any form. This article is not a research report and is not intended to serve as the basis for any investment decision. All investments involve risk and the past performance of a security or financial product does not guarantee future returns. Investors have to conduct their own research before conducting any transaction. There is always the risk of losing parts or all of your money when you invest in securities or other financial products.
Business model
CrowdStrike uses artificial intelligence and pattern matching to analyze all the data it gathers from every customer and then quickly and efficiently detects threats.
CrowdStrike main cloud-based platform, Falcon, bundles together various endpoint (such as desktops, laptops, servers, virtual machines, and IoT devices) security, threat detection, and cyber-attack response services for large organizations. It serves many of the world's largest banks, healthcare providers, and energy companies.
CrowdStrike focus is protecting the endpoints from which enterprise clients, their employees, and their end users access key information. These endpoints are the most vulnerable to potential breaches, and in the digital age, they include not only network servers and workstations but also tablets, smartphones, and even the rising number of devices equipped with Internet of Things connectivity capabilities.
But the real genius of CrowdStrike solution is its Threat Graph breach prevention engine. The Threat Graph works with Falcon's monitoring agents, collecting data from across CrowdStrike entire customer base and using artificial intelligence, behavioral analytics, and human experts to predict where the next big threat will appear before it comes.
What that means is that when one CrowdStrike client gets attacked, the entire Falcon platform learns from that experience. It then proactively comes out with countermeasures not just for the company getting attacked but for its entire client network. The more clients CrowdStrike has, the stronger and more effective Falcon becomes, making it even more valuable to current and prospective enterprise customers.
Falcon is designed to be easy for enterprise customers to install and use. The platform deploys highly effective security-monitoring software "agents" on the ground to detect and provide alerts about security problems.
CrowdStrike differs from older cybersecurity companies, because it doesn't deploy on-site appliances. Instead, its tools are all cloud-based, which are easier to scale and update than on-premise solutions. Falcon also accumulates crowdsourced security data and analyzes it with AI tools.
The company offers 16 cloud modules on Falcon platform via a SaaS subscription-based model that spans multiple large security markets, including corporate workload security, security and vulnerability management, managed security services, IT operations management, and threat intelligence services. It uses a "land-and-expand" strategy, in which a customer can subscribe to any number of cloud modules and tack on additional modules in the future as needs arise.
Customer Growth
CrowdStrike had 8,416 customers at the end of October 2020 (this represent 85% growth YoY).
According to the U.S. Bureau of Labor Statistics, in 2019 there were 50,000 businesses, which got more than 250 customers in the U.S. That is a lot of domestic opportunity for CrowdStrike and its competitors. The international opportunity is additive.
CrowdStrike client list includes many of the top companies in the world. The cybersecurity specialist boasts nearly half of the Fortune 100 among its customers, along with 40 of the top 100 global companies and 11 of the world's 20 biggest major banking institutions.
Annual Recurring Revenue (ARR), calculated as the annualized value of customer subscription contracts as of the measurement date, assuming any contract that expires during the next 12 months is renewed on its existing terms, increased 81% YoY and grew to $907.4 million as of Oct 2020, of which $116.8M was net new ARR added in three months ended Oct 2020.
CrowdStrike has also hung onto the clients it attracts. Its dollar-based net retention rate in fiscal 2020 was 124%, meaning that existing customers are expanding their relationship with CrowdStrike and spending more on enhanced platform capabilities. The combination of new clients and existing customer loyalty should keep CrowdStrike growing well into the future.
The Big-Picture Opportunity
With the growth of digital revolution and so many mission-critical resources are stored in the cloud, the number of threats rise exponentially. Also, complexity of IT infrastructure has risen, so, too, have the complications involved in making sure that key information and resources are safe.
The global cybersecurity market is currently worth $173B in 2020, growing to $270B by 2026. By 2026, 77% of cybersecurity spending will be for externally managed security services.
CrowdStrike’s end markets global TAM is $32.4B by 2021 and expected to grow by 9% CAGR to $38.7B by 2023.
CRWD has 2.3% current market share based on FY21 LTM revenue of $761M, which clearly shows great opportunity before CrowdStrike moving forward.
By effectively helping its entire base of enterprise clients collaborate with one another about the attacks they've faced, CrowdStrike's Falcon platform learns from past experience and immediately puts that knowledge to use in detecting threats and anticipating the next attack.
Current (2020) cloud IT spend for IaaS and PaaS vendors, according to IDC, is $106 billion going to $217 billion in 2023.
The cloud security spend is $1.2 billion/2020 going to $2 billion/2023; this is 1.1% (=1.2/106) for of the overall cloud IT spend on security, going to 0.9% (=2/217).
IDC expects most organizations should spend between 5% to 10% on cyber security as percentage of overall cloud IT spend. Gartner expects in the range 5.7%. With this penetration, looking at cloud security opportunity of $6.1 billion in 2020 going to $12.4 billion in 2023.
With current spend, $1.2 billion, CRWD believes - the real opportunity in 2023 is $12.4 billion. This is 10x opportunity, underrepresented, and CrowdStrike is the perfect company to take advantage of this wide-open market.
Management
Co-founder and CEO George Kurtz has a long and storied history in the cybersecurity industry. He sold his first start-up to well-known industry player McAfee and subsequently stayed on as McAfee's chief technology officer. He's been at the helm since CrowdStrike founding in 2011, but at age 49, the CEO has a long future ahead of him. Moreover, he holds more than 18 million Class B shares in CrowdStrike dual-class stock structure. That gives him a roughly 8% economic stake worth $1.5 billion at recent prices, but because of the super-voting shares, Kurtz has more than 22% of the voting power over the cybersecurity company.
Competition
In its S-1 filing during IPO in June 2019, CrowdStrike is growing the fastest by a wide margin and it seems that there’s still quite a lot of room to grow. For example, in the traditional anti-virus market, Symantec is actually shrinking year-over-year at $4.7b revenue and -2% growth; McAfee is at roughly $2.5b revenue growing in the mid single digits % .
The closest competitor to the Falcon platform would be Vmware's, Carbon Black. Carbon Black is a developer of cloud-native endpoint protection and was acquired by VMware (VMW) in October 2019. Carbon Black offers a similar solution to the Falcon platform that involves AI/ML and a proactive approach to endpoint security. However, Carbon Black is only one of the numerous solutions VMware provides. In addition to endpoint security, VMware provides solutions for network and cloud security. VMware is also a much larger company than CrowdStrike with $10.8bln in revenue for the most recent fiscal year.
Palo Alto Networks (PANW) is similar to VMW with solutions for endpoint protection, network security, and cloud security. PANW is a larger competitor as well with $3.4bln in revenue in the most recent fiscal year. PANW offers a similar endpoint protection solution as CrowdStrike as well.
It will be difficult for CrowdStrike to compete against these larger players who already offer similar endpoint protection solutions and solutions outside the realm of endpoint protection. Nevertheless, I think CrowdStrike's ability to extend the functionality of the Falcon platform with the addition of modules is an important differentiator among its competitors. This will allow customers to manage endpoint security, network security, cloud security, and other solutions CrowdStrike develops in a single platform. The modular architecture of the Falcon platform combined with the ease of deploying new agents provides a user experience competitors don't offer.
Financial position
Revenue surged 93% to $481 million in fiscal 2020, which ended on Jan. 31. Its ARR rose 92%, its number of subscribers soared 116%, and it ended the year with a net retention rate of 124% (compared to 147% a year earlier).
CrowdStrike's non-GAAP net loss narrowed from $119.0 million in fiscal 2019 to $62.6 million in 2020. That trend extended into the first half of the current year as it actually posted a non-GAAP profit of $12.5 million -- compared to a loss of $45.2 million a year earlier -- on revenue of $377.0 million.
On a GAAP basis, which includes stock-based compensation, the net loss also narrowed year-over-year from $77.9 million to $49.1 million in the first half of the year.
CrowdStrike's bottom line is improving, because its margins are expanding. It ended the fiscal third quarter with an adjusted subscription gross margin of 74%, up from 70% a year earlier. Its non-GAAP operating margin also reversed from a 19% loss to a 4% profit.
CrowdStrike expects to remain profitable for the full year with a non-GAAP net profit of $12 million at the midpoint, or $0.05 per share. Analysts expect that number to more than quadruple next year as margins further expand.
Investment Thesis
Businesses of all sizes recognize the need to take maximum advantage of digital resources, and recent events have made it clearer than ever that the companies that can help those businesses transform themselves effectively will be successful in the long run. With an increasingly remote workforce, cybersecurity is now critically important — and CrowdStrike PaaS offering has competitive advantages that will keep its rivals at bay.
CrowdStrike cloud-native approach toward cybersecurity handles threats more effectively than older, more traditional products that its rivals offer.
Co-founder and CEO George Kurtz has a long history in the cybersecurity business and continues to drive his company forward. His vision has created big expansion opportunities, and his ownership of a substantial stake aligns his financial interests with those of shareholders.
CrowdStrike revenue growth rates are extremely strong, justifying the stock's high valuation, and the ever-evolving landscape of cloud and hybrid enterprise solutions should support future growth.
Risks
Failure to enter new markets
Failure to expand customer base
Breach of or impairment to Falcon platform
Is CrowdStrike stock too expensive?
Based on management's guidance, CrowdStrike trades at 40 times fiscal 2021 revenue. This frothy valuation could throttle CrowdStrike near-term gains, and investors may still be wary of its decelerating sales growth and competition from companies like FireEye and Palo Alto Networks, which both offer similar cloud-based services.