Crowdstrike | SaaS Table

Security cloud company that leverages network effects of crowdsourced data

Product

CrowdStrike Falcon Platform (19 modules)
- Falcon Prevent: Antivirus
- Falcon X: Threat intelligence
- Falcon Device Control: USB device control
- Falcon Firewall Management: Host Firewall Control
- Falcon Insight: Endpoint detection and response
- Falcon Overwatch: Threat hunting
- Falcon Discover: IT hygiene
Crowdstrike Services:
- Incident Response and Proactive services

Crowdstrike Falcon Platform:

Cloud agnostic: AWS, Azure, GCP
Kernel level security agent
Proprietary distributed threat graph:
- 5+ Trillion events/week

Business Model

Sell subscriptions to Falcon platform and cloud modules that leverages channel partners
Also generate revenue from response and proactive professional services
Low friction land-and-expand sales strategy
1-3 year contracts
Revenue:
- Subscription revenue (94%):
  - Endpoints per customer and number of cloud modules
- Professional services revenue:
  - Incident and proactive services
  - Forensic and malware analysis
  - Attribution analysis
Cost of Revenue:
- Subscription cost: hosting Falcon platform in data centers, costs with operations and support personnel
- Professional services: employee-related costs

Cloud security spend (~1% of IT spend):
- 2020: $1.2B
- 2023: $2B est
Revenue: $1.4B
- Geography
  - 72% US
  - 28% Other

Core Metrics

Revenue: $1.4B (+70% YoY)
- Revenue Q2 2021: $337M
  - Subscription: $315M
  - Prof services: $21M
- Cost of revenue: $90M
- Gross Profit: $247M
- Gross margin: 73%
94% Subscription revenue
Customers: 13080 (+81% YoY)
- 234 of F500
66% customers with 4+ modules (57% last year)
NDR: 125%
Gross margin: 76%

Competitors

Symantec: acq by Broadcom
CarbonBlack: part of vmware suite
SentinelOne: not as mature product
- Performed better in MITRE test: https://attackevals.mitre-engenuity.org/enterprise/participants/crowdstrike/?adversary=carbanak_fin7
McAfee
Cylance

Competitive Moat

Crowdstrike is the Gardner magic quadrant leader for cybersecurity
Lightweight robust agent:
- Well optimized user agent with more functionality compared to other security agents
- Agile deployment (quick frictionless update w/o reboot)
- Supported on all OS
Detection
- Doesn’t require signature for every single threat
Data and AI
- 5+ trillion datapoints for Crowdstrike to learn from
- High precision models to detect threats
Threat intelligence
- Actor attribution, sandbox analysis and malware search

Analysis

Cybersecurity is a quickly growing market as IT spending increases and security breaches become more frequent and prolific. I believe Crowdstrike’s sole focus on creating a cloud native cybersecurity platform puts their product at the front of the line and IT departments for enterprise customer will only want the best cybersecurity platform to protect their systems and data.

As new attack vectors grow and expand, I believe Crowdstrike can develop and scale new products to upsell to address the never ending arms race in cybsersecurity.