CrowdStrike Holdings, Inc. (CRWD) Earnings Call Transcript & Summary

Great. Thank you very much, Nate. Pleasure to have CrowdStrike here today. My name is Alex Henderson. I'm the networking and security analyst at Needham. And Burt Podbere, the CFO of CrowdStrike and one of my favorite CFOs, the indomitable Burt and I are going to do some fireside conversation. We know that there are a bunch of guys lurking out there in Zoom world, so if you'd want to ask a question, please use the dialogue box. The more you ask questions, less I have to do it and I love to be lazy when I can. So if you got a question, please put it in the dialogue box. And with that Burt, welcome.

Well, Alex, love having these fireside chats with you. Happy new year. Great to see you. Happy new year to your investors, and real pleasure for us to be here today.

So Burt, I want to hit a couple of broader commentary questions. But before we do that, I really was amazed at the exceptional results you guys have been posting. I just want to remind some people of just how good that was. I think the last quarter you printed, you had 75% growth in subscription customers. Your subscription ARR came in up 67%, well over 5% ahead of forecast. Your profits increased, your margins increased. You raised guidance really across the board, outstanding results. Yet the market seems to be in fear of high-growth companies. And you guys certainly are the class company out there in terms of this category. So I want to highlight that from our perspective, while there is this bias away from high-growth stocks right now, there are companies out there that really are justified to be owned regardless of the interest rate environment because their fundamentals are so strong. And around that point, I wanted to ask the first question. There's been tremendous conversation around XDR and people talking about you guys being a company that -- an endpoint company, which I think is a little bit too narrow of perspective on it. Can you talk a little bit about the importance of viewing you as a platform and not as an endpoint company per se?

Well, thanks, Alex, for your comments. Yes, we were very pleased with our performance last quarter and really proud of the entire CrowdStrike team. In terms of how we think about our company and as we roll back the clock and say, why was the company born, we were really born to stop the breach, right? That is the outcome. It goes beyond ransomware. It's all the tricks of the trade that the bad guys are using, whether it's insider, whether it's social engineering. Whatever it is, we were built to stop that breach. And one of the things that we did to be able to do that was we basically gave birth to our architecture in the cloud. And why does that matter? Well, when you think about Crowd for crowd sourcing, it allows us to get more data and to analyze and to be -- more data to analyze, and that's going to be, at the end of the day, yield better efficacy. And number 2 is it reduces the implementation time to virtually seconds, so the time to value is immediate. So those 2 things are really important when you think about cloud, efficacy and time to value. Second, we've been able to build this single data lake where we talk about data being collected once and being able to be reused many times. This is taking a lot of friction out of the system, and it's also allowing us to be better suited to solve more and more use cases. We're collecting the data wants. This is how we design the platform architecture. It allows us to build new workloads rapidly and innovate quickly and expand into adjacencies to beyond the comment that you made about being just an endpoint company. We're a cloud security platform. And when you think about our modules at IPO, we had 10 modules across 5 segments. Today, we have 21 cloud modules across 8 segments. And this includes things -- obviously includes core endpoint security but it includes cloud security, identity protection and log management markets. So when you think about a platform, you think about companies like Salesforce. When you think about how they were out there at the time, you had Siebel when you had Salesforce. Well, you saw the platform play win. And that's the area where we're going to. The majority of our module expansion has been organic. But on the inorganic side, we acquired Preempt in late 2020 in the area of Zero Trust and Humio in March 2021 really around XDR and log management and most recently, SecureCircle last year. So we're able to build upon this data lake, where we use a single lightweight intelligent agent to collect that data. You put all that together and you create separation between us and everybody else.

So within that context, there's a lot of people out there that want to claim that they have a product that competes with you guys. But most of them really are endpoint companies or companies and adjacencies that are now trying to redefine them as XDR. You guys came at this with an idea that you were going to design an agent and a data lake and a software platform that is cloud-native, micro service-based from the get-go and not do anything on-prem at all. Yet that platform becomes very extensible. So you've been able to take that platform and the content and the truth that you've built in terms of knowledge in your data lake and apply it into adjacencies that are not so much, say, in the endpoint probably but in VM and CM and other areas that are close to but not initially the core initial target. Conversely, I see a lot of companies redefining themselves as XDR companies, which strikes me as an attempt to look like a platform. But ultimately, that's not truly something that they can pull off because they weren't architected that way. So can you talk a little bit about why the architecture is so important and how easy it is to extend into those adjacencies? I think about a company in the CM space that has recently redefined themselves as an XDR company and wonder how their architecture suddenly changed from an on-prem/niche product to one that's now being described as a platform.

It's a great call. I think when you think about the word platform, that's been used and abused over the years, I don't know how many times. And then same thing with this XDR, right? All of a sudden, as you said, some vendors just, all of a sudden, called themselves XDR. And I think it's one of the most misused terms in the industry. If you ask 5 different vendors about what XDR is, you get 5 wildly different responses. We are -- we feel like we are very well positioned, and we have been called a mature XDR vendor well before we actually used the term. And it really stems from the fact that XDR is really an extension of EDR telemetry and enriching that with additional sources of data. And so when you're the #1 vendor in EDR, the XDR transition is much easier and it makes a lot of sense. XDR from our point of view is it's not a new term [ pursuit ] as you talked about. It's not ticking logs and putting them into a central location to correlate because that's what a [ chime ] achieves. XDR is really taking that platform of EDR and expanding it. It's looking to ensure that when you think about moving from and using AI to indicators of attack to threat hunting, this extends beyond just the normal CrowdStrike telemetry that we had, and then we have the third-party data sources to it to be able to just enhance those things that make us so different. And at the end of the day, how we think about it, EDR is essential to XDR. It's an advantage in the architecture. You have to start with best-in-class EDR. Players that don't have that, they make up stuff, right? And folks that are outside of XDR and that are SIM, they want to go with where the new buzzword is. And as you pointed out, they really haven't changed anything. They just rebranded themselves.

It's often done by the marketing team as opposed by the R&D team, which tells you a lot.

Tells you a lot. And the good news is that the experts in the field within customers, they know that too, for the most part.

So inherent in the idea that there's increasing competition from many, many XDR companies is the presumption that there's going to be a price to bottle in the space analogous to what happened in the AV space, which had a price reduction problem, a race to 0 pricing essentially. I think clearly, what happened in the AV space was they didn't do anything so they could price for it. But leaving that point aside, do you see any pricing pressure as a result of this XDR phenomenon that we've been seeing out there?

Not so much. Our discounting has remained the same quarter after quarter, and I think it goes back to what we've been talking about. We're selling a platform. We're selling value. We're actually going in and offering better efficacy. And then when you go through and you pull out all the other extraneous tools and consolidate on CrowdStrike, you're actually driving down the total cost of ownership. So you're getting better efficacy at a lower price overall. And that has been resonating with our customers since we really started the platform play. And it's only been enhanced. It's -- we've seen it in the numbers. You look at what you just talked about, what we posted last quarter and the proof is in the pudding. And so for us, when we think about pricing and pricing pressures and competition, we feel that we're in the most favorable competitive market we've ever been in. And we also think that when you think about pricing, because of that we've sold on value and we continue to sell on value, we win. We win. Our win rates have gone up across the board. So the fact that we're able to kind of maintain our pricing and increase our pricing in certain areas, that's great. And from where I sit, I see all of the discounting. And I see all the -- if there's an anomalous deal that comes out that has really low pricing, it would hit my desk. And my inbox has been pretty much empty on that stuff. So it is working. The value play is working and people are willing to pay for the best.

So I'm going to pop up a slide here. This is actually off of your website, but this is the Gartner Magic Quadrant. And I just want to highlight just how far ahead of all of the competitors you are. Microsoft, I think, is an anomaly in this space because Microsoft is seen as paramount to everybody, they get thrown in because everybody recognizes it. But this is a really outstanding Magic Quadrant. Now this happens to be for endpoint protection. But going back to your point earlier, endpoint protection is where you start the discussion because that ultimately feeds into the data lake, the information that's necessary to extend into the adjacencies. This is an amazing Magic Quadrant, Burt.

Yes, it's a great slide. I agree with you on the Microsoft side, but they're just so big. They're getting points on the board for just their size alone. But for us, yes, no, I think that we work hard at what we've done. I think we had the right strategy from the beginning. You were there, Alex. You saw it unfold in front of your eyes. Where we didn't go rush out and create just a little bit of mousetrap than somebody else and put a big, big marketing program around it with billboards and all that kind of stuff. What we did was we built -- we started with EDR. We started with getting the data, putting it into our threat graph, going to EDR, becoming an expert in EDR and then and only then did we go into prevention. And when we were ready, we didn't rush out. It's really funny when we think about how we're racing at our clip, but we won because we were patient. And we didn't rush out to market with something that was immature with -- and we did it with a competitive advantage, which was our data. It took more time. It took more time to collect all that data and to get it right and to be able to configure the data in a way that will be really beneficial for us in terms of its usage. And then what happened? We won. We didn't put some slideware together and have marketing have all the budgets and sell for the day. Okay. You might have won in the quarter, but who won the race, right?

So one of the fundamental things that we've learned about your company over the time that we've been following you guys, and your CEO loves to really stress, is you were built cloud-native microservice-based with no on-prem at all of capabilities because you don't want to be on-prem. And he would argue that any time there is a separate single-tenant version of it running on-prem, that inherently that implies there's something flawed in the architecture. Your competitors, S-One, all said they're cloud-native as well but they also, on their website, talk about an on-prem version of it. Can you talk about why that point is such a critical point relative to why the CEO is stressing it and why it's such an important strategic element?

It starts with community immunity, right? I think that when you have a cloud-native architecture, you're getting the full benefit of community immunity. If you're -- if you have some products and on-prem products and you stick the console in the cloud and call yourself cloud, well, that's not really cloud. You still have data that's resident on the on-prem version. They have to really store the data on the endpoint and you're not getting all the value of being able to drive it up into the cloud. And it's not just about the data itself. It's about the organization of the data and how to utilize the data. So it's all resident on-prem and then you got to bring it all up and figure it all out. That's very different than collecting it, setting it up and it's automatically going where it's supposed to go. And it's -- and I think that one of the things that matters a tremendous amount in security is speed. And so when you have real time, which is cloud-native versus fast mode, you could see the gap in speed. That's an easy 1 to see. And that matters. And so immediately, you're behind the curve when you have the wrong architecture. And so it goes back to your point about folks talking about on-prem versus cloud and trying to convince the market that I have -- even I'm on-prem, I have [ IM ] cloud architecture, it's just not true. And so that's the frustration that I've been trying to get again, you trying to get away from back in the '90s and the early 2000s with companies coming out and sounding the same but they're different. The good news is we -- the market -- the security market has been cleaned up a ton in terms of the FUD that's out there. Unfortunately, there are some that are still behind that the only way they can sell is to create the FUD is to confuse people, is to recognize that, "Hey, we're the leader and we're going to win." So in order to go against us, they're trying to come up with stuff that's just not true. And so well, at the end of the day, you just look to the scoreboard and that tells the truth and then people can make up their own decision now.

You're adding more revenue per quarter than any other company in the space by a huge amount. Your incremental revenue per quarter is larger than a lot of your smaller competitors. Clearly, you're gaining share. I wanted to talk a little bit about the point that you just made, though. So one of the other things that was drilled into the IPO commentary was the importance of the architecture of the data lake in the sense that when you first started doing this uplift of the data, you realized that there was no solution in the marketplace that could put the data in the right place at the right fidelity and understand particularly the time metric on it. And to that extent, it's not all data lakes are the same either. So the -- I think the primary point there is that the architecture of your data lake, combined with the architecture of the purpose-built nature of that with the agent is giving you a unique skill set around understanding not just what are the indications of attack and indications of compromise but how that attack vector unfolds over time so that you can intercede in it. Can you talk about the importance of that characteristic?

Absolutely. It's like hand in glove. You've got to have the right architecture on the Threat Graph side, combined with the lightweight agent that has an aperture that opens and closes dynamically to determine what data gets sent up to the Threat Graph to be able to analyze it. Look, you've got other companies out there that have lots of data. Think about it as just a big room with a bunch of -- with a bunch of file cabinets. And you knock them all down and you have data everywhere but it doesn't do anything for you. Whereas us, we built it -- we purpose-built it so that it's in different compartments, so that we know that when more data comes in, we know where it flows in so we can actually see the path of a potential attack. And then in the real-world example, if it's -- if you're -- if -- you take a bank robbery, for example. So if a black car pulls up, somebody comes out of the car and goes to the -- and is wearing a mask and well, pre-COVID, he's wearing a mask and goes to the teller -- pre-COVID, he goes to the teller. There's a chance that you're being robbed or they're just coming in and they just want to take a deposit. But if they come in and they've got a gun and they're fully in black and they're pointing around, that kind of indicates that something bad is going to happen. And that's how we see it in the cyber world, right? We put together these different bits of information. And if they go in a certain way, we know that's bad and we know we're going to stop it. And no one really -- no one out there today has been able to do what we've done.

So I want to take this to the next level, which is there's a claim that other companies might be more AI-enabled and machine speed-enabled than Crowd. But clearly, the efficacy implied by -- and the logic implied by what you just described suggests that you, in fact, have built the best AI in the sense that your data collection is delivering the best knowledge of the efficacy of the attacks and the efficacy of the stopping of the breach strategy.

Yes. It's funny that again, there's some FUD out there in terms of what that all means. But it boils down to the fact that machine learning and AI only gets better with the amount of data that you have to train AI and to train the machine learning. And when you look at us and since we started, as we talked about earlier, with collecting the data, we have more data than certainly any of the up-and-comers or the relatively new folks in the space or even the -- even some of the folks that have been out there for a while. I think that the idea that we're able to utilize this data in a way that nobody else has been able to do it really gives us that advantage in AI and machine learning. Internally, we talk about AI as the blood that runs through our business. And it's because the more data you have and the more useful data you have, the more you can learn -- the machine can learn and the AI that comes out. We're well ahead of anybody else. And so when you're known for high efficacy and the lowest false positives in the space, okay, that means that our AI and machine learning and our algorithms are winning. And so what we can do with that is we can actually operationalize our solution. And we see other vendors who just can't do it. And so the tagline is the more data you can put into your machine learning, the better. And because we're right out there, front and center, in terms of the quantities of data that we see and the ability to [indiscernible] it out, we'll -- of course, we're going to have the best efficacy. And that's proven time and time again when we go to the testing houses that, by the way, not all of our competitors go to and get the results.

So I remember when I looked at the data on your gross margins, they, at one point, were quite low. And the reason for that was you were uplifting a lot of data early on before you could resell the efficacy because the efficacy needed the data. So this is kind of this chicken and egg problem. And I was very interested in taking that realization to the Humio acquisition. Can you talk about why that is such a big acquisition, what it enables in terms of improved structure for the company, but more to the point, all kinds of incremental opportunities?

Yes. So we think Humio is a big deal for us and we think it's going to have a lot of legs for the years to come. So there are 2 primary motions for the Humio technology. One is it's XDR so we're going to come out with an XDR module on the Falcon platform itself, which we announced at Falcon, our user forum, and we're working towards GA within the next month; and two, as a stand-alone log management tool. And so we see that space is being a space that can be quickly disrupted. A stand-alone solution. We're selling Humio across a number of verticals and solving a wide number of use cases. We are seeing a lot of success we talked about earlier. We've seen a lot of success in customers to replace their SIM, their log management and even through their UBA tools that are struggling with the amount of data. I think we talked about this on our earnings call. We had 1 large multinational consumer goods company that struggled with their UBA tool that topped out at 1 terabyte per day. And we replaced the entire stack with Humio to take in all the security logs and we provided a better solution. Another data point was we talked about working with a large financial services company that was struggling with 20 terabytes per day with log management solution, and we deployed Humio and immediately enabled them to jump to 130 terabytes per day, which is what they needed to be able to trace issues in their system. So we are replacing SIM and log management solutions. We are replacing UBA tools, and we are helping DevOps teams to help them save time in troubleshooting support issues and shorten time to code releases.

Now this is a good example of why you shouldn't be thinking about the company as an endpoint company but rather as a platform. And I think the other element of the Humio technology is it sharply reduces the cost to bring to uplift the data, which gives you a huge cost advantage. So it's not just opening up additional functionality to customers and by the way, significantly improving the uplift but it's lowering your cost. It's a huge acquisition. I wanted to go to another subject briefly, which is the lower end of the market, the MSSPs, the incident response companies and the like. Can you talk about a, the enormous success you had last quarter? I think your MSSP business was up triple digits, if I recall. And why that's such a big opportunity for you and how you're driving it?

Yes. So we partner with many MSSPs and the idea is that, hey, we don't manage the IT solutions. We just handle the security solutions. We just handle the CrowdStrike solutions. So it fits really nicely into an MSSP offering. When they go to a customer and say, "Hey, look, we'll manage your entire IT landscape." And underneath that, underpinning the security will be CrowdStrike. And that's been a real advantage for us because of the way that we are able to be designed into the MSSPs. As you heard, it's very easy to deploy some of the manage, and they get a really nice dashboard to be able to see what's actually happening in the environment. And so for us, that's been hand in glove. We've been working with MSSPs for a long time. We feel that we've got the right technologies and APIs and everything else to make it all work seamlessly.

So I've been horrible. I've been having such a good time going back and forth with you, I forgot to check the Q&A. There's a bunch of questions that came in. So having done a lousy job of keeping track of that, let me go back to that now. There's a question here. There have been more concerns from channel and partners that Crowd is less favorable economically and operationally than other competitors. Do you see this as an issue? And if it is an issue, can it be fixed? If it's not an issue, can you explain why?

Yes. I mean, again, you go back to the fact that we're a channel-first company and understand the numbers that we've been posting are through channel. We've seen an uptick in deals that have been brought by the channel to us. I'm not -- obviously, we've got a large channel environment. Not every single channel partner is going to say the same thing. But for the lion's share, our partners are really happy with the tremendous amounts of success they've had. We offer something that no one else can offer the channel, which is high win rates. So maybe on an individual deal, 1 partner might make less, but overall, the total dollars coming into that partner will be more. So it's one of those things that we've been on calls like this and we've heard that, too. And you know how it works. Sometimes, there's -- someone does their channel checks and they hit maybe a similar noisy channel partner, and that kind of takes a volume that we can't muffle per se. But you take a look at what the scoreboard says from a channel-driven company and there's no doubt that the channel is happier. Our deal sizes are higher and more dollars can go into that partner. So again, I would categorize that mostly into the FUD category once again. There might be some exceptions. There always are when you've got such a large base of partners. But we've got a great strategy with our partners. We offer them to -- a lot of money. It's seamless. Our paper is easy to negotiate with. And at the end of the day, we have executive sponsorship on many of our larger partners, right, to make sure that there's alignment all the way through. I'm an executive sponsor on one of our largest, our VARs and as well as one of our strategic partners. And so I touch base with them every quarter. So you get executive oversight. You've got -- we've got opportunities for the partners to make more, they deal ridge. We even pay our partners for teaming for sure, and then obviously, fulfillment. So we have a whole gamut of what we can offer our partners based on the partner relationship. So again, the 1 thing you can go back to that is fact is you look at the numbers that you so graciously pointed out to everybody on the call -- at the beginning of this call.

So another question, this one's directed at SentinelOne, specifically. Any worries about competition from SentinelOne, areas where they might be underperforming or outperforming? And any impact on pricing or margins?

Yes. So obviously, we take all of our competitors seriously. At SentinelOne, hats off to them for doing a great job on setting up great demos. They look great. What happens after that is a different story. We've talked about it on many of our earnings calls that a vendor, for whatever reason, would choose them and then boomerang back to us because it just doesn't deploy. It just doesn't scale. There are a lot of false positives, right? And you see it again, you go back to the scoreboard. It's every quarter that they've been public, we've only expanded the gap between how much net new ARR we brought in versus how much they brought it. It's expanding. So again, we go back to, I think that this has been the most favorable competitive environment we've ever seen.

Okay. So there's 2 more questions here and I'm going to merge them into 1, having to do with the on-prem versus cloud-native characteristics. So the first question is with the convergence of IT and OT, the proliferation of IoT sensors, what is CrowdStrike's play in the environment? And the second question is, in terms of on-prem offering, what about trying to penetrate into highly regulated industries that might not be able to go to the cloud, air-gapped industries like oil and gas and power-gen and distribution or cloud-resistant geographies like Japan, Middle East? Are these not worthy of the incremental TAM to come up with that on-prem capability? Those are kind of interrelated.

Yes, they're related. I think the IoT, we've got a strategy and we're already working with some specific manufacturers on IoT to be helpful and beneficial to them as they meet the security for, you pick something, whether it's automotive, whether it's cell tower, whatever it is. So we -- you have to pick a specific manufacturer within those sectors or a group of manufacturers because their chips are all different, right? So we think there's a great opportunity in IoT. It's the biggest smallest 3-letter word out there. And it means a lot of things to a lot of people, but we're being very methodical about it and thoughtful about it in terms of how we can leverage where the market is going from an IoT perspective. So we're really comfortable with our IoT strategy and that will play out over the years to come. With respect to the on-prem and will we ever go on-prem? And are we not being able to go in different geos or different sectors? The fact of the matter is we sell everywhere. We sell across the world, we sell to every vertical. So we're already there. We have turned down many opportunities that ask for on-prem. And what happens? Those companies, those sectors, those geos come to the cloud. Eventually, it's going to happen for everybody. We've really come a long way since that argument. I mean, there was a time, maybe 5, 6, 7 years ago, certainly when George started the company, that people laughed at him for going all cloud. There is no on-prem version of CrowdStrike. There's no on-prem version of Salesforce and look what's happened there. So when we think about where we're going, we're really comfortable that people are going to come to cloud, if they're not already. And for the most part, everybody is going to the cloud. If you're not, you're not getting the best -- you're not part of the digital transformation that's happening around, right? And that's only going to hurt company's environments, whether it's on the IT side, whether it's on the security side. So we're actually benefiting from the tailwinds of, and I think it's a very long tailwind on digital transformation. We didn't talk about that. But digital transformation is basically underpinned by security transformation. And so when you're all cloud, you're really built right for where the world has been going and continues to go and will go for quite some time. So that's how I think about that question.

So there's another question here. Can you talk about the longer-term impacts of Log4j, particularly in terms of architectural shift? Does every hedge fund as the same view the same as SentinelOne versus Crowd question. What are you seeing in terms of those 2 questions?

Well, we see Log4j as a continuation of the heightened threat environment. It's a trend we have highlighted for quite some time. It's threats that go beyond malware, right? You need a platform designed to stop the breach, which is what we are. What I think Log4j did was it raised, again, awareness of cybersecurity to a broader level. So I think that what Log4j has done, like many of these material breaches and newsworthy breaches, it's just been raising an awareness that if you don't have the right protection, you're going to get burned. And then why would you go to a company that has less efficacy, that's been proven to be not as effective at all? Why would you do that? And so people have been coming more and more to us as evidenced by, again, I hate to keep coming back to it, but back to the scoreboard, right? More and more customers, more and more dollars are flowing to us than anybody else. And that goes back to the architectural design. It goes back to the way we've flighted, how we work with customers and partners. And so you put that all together and you're getting the results that you talked about again at the beginning of the call.

So the next question is around the expectations for stock-based compensation and share dilution associated with hiring environment. To set that up a little bit, can you talk about what your churn rate looks like not versus 2020 but rather versus 2019, and what your wage inflation looks like? And then in that context, can you answer the question about, do you need to expand your share-based compensation? Does it imply an increase in share dilution going forward?

So on the share dilution piece, not really. We've been hovering around that 5%, 6% range. I don't see any changes there. A lot of it also has to do with our ESPP. That's a great incentive for our employees, and they take advantage of it every quarter. In terms of our attrition rates, we're in a really good spot. I think that we look at the data, we talk to our peers and we're well below a lot of our peers. And the good news is we're not concentrated in 1 area. Before COVID, we were work from anywhere as a company. So we had designed our infrastructure to be able to accommodate folks working from home or working from remote offices, whatever it was. And we're a global company. We're everywhere, right? We have a lot of offshoring, even myself in finance. I have offshoring in more than 1 location. And that's mattered. And so you put all that together and it really helps reduce attrition in. From a stock-based compensation perspective, I think we've done a really good job in managing that and keeping it where it is. And I think that for us, when we think about attracting folks, that's part of it. Certainly, compensation, stock, that's part of it. But we all know that's not the #1 thing anymore for folks. They want to be doing something that matters, that's relevant. Certainly, in the earlier folks, those are the folks that are looking for companies that are doing more than building a widget, right? And that's -- we fit squarely into that arena. We are coming out -- we're stopping the bad guys, the cyber bad guys and there's an appeal to that. And then we work really hard at culture. We work really hard trying to keep people connected even in these really, really difficult times. We have a great group of people who are thinking of different ideas to keep people connected, whether they're games on Zoom or different activities that you can do digitally and then COVID had somewhat of a relaxation. We had more budget for folks to get together and be connected. So we think about attrition not just in dollars and cents, like most of you on the call, including myself. But we do all the softer things that people better than me are able to do and achieve and it's working. And I'm supporting it from a budget perspective.

Burt, I got to jump in here because we've got literally 1 minute left, and I want to make sure that we wrap this properly. So from my perspective, I think it's absurd that we're down to 16x EV to sales on a company that's profitable and growing at a 70% clip. Second, if we were to extrapolate this number out to -- from '23 to '24, which we'll probably do in the middle of the summer, you're down to almost 10x, which is below where stocks were selling 2016, '17 that we're growing at 20% to 30% clip. So clearly, the valuation has already compressed way below it. And this is not a company that's losing money. You're delivering very high growth profitably and expanding margins. So with that as a backdrop, can you give us the elevator pitch, the 3 things that you absolutely want people to take away, very tight because we're running out of time?

Yes, yes, of course. So number one, I think we've started with, we're not an endpoint company. We are a cloud security company, number one. Number two, I think we've got tremendous opportunities for TAM expansion and we're flighted to be able to do that. And number three is, I think we've got multiple areas of growth, whether it be geo, whether it be cloud, whether it be new segments, whether it be new technologies. So I think everybody should realize that, hey, there is a tremendous amount of headroom that we have to be able to go after growth. And then finally, I know it's a fourth thing. Finally, if you look at the number of subscription customers we have today in the mid-teen thousands, that's great and we're super proud of that. But it's a drop in the ocean...

And I can't believe we got through this whole thing and we didn't even get to talk about cloud workloads, which are better subjects. I can't believe I didn't -- we didn't get there, but too many other key elements. We've got to wrap it there. Over 100 people in Zoom listening to this. This is a name you should be buying here on this weakness. It's a ridiculous valuation. Burt, thanks so much for joining us. And I want to thank Nate for doing a great job in the background and Maria, who's lurking down there for keeping me on the subject target. Thanks, guys.

Thank you, Alex. Take care.