CrowdStrike Holdings, Inc. (CRWD) Earnings Call Transcript & Summary

During today's presentations, we will be making forward-looking statements. These statements reflect our views and expectations only as of today, and we undertake no obligation to update these forward-looking statements as a result of new information or future events. While we believe these forward-looking statements are reasonable, outcomes are subject to risks and uncertainties, so actual results could differ materially. Please see the Risk Factors section of our latest Form 10-Q for further information about risks and uncertainties. Additionally, Unless otherwise stated, excluding revenue, all financial measures discussed in this presentation will be non-GAAP. Please refer to our disclosures on why we use non-GAAP financial measures and the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures in the presentation section of our Investor Relations website. Please welcome to the stage Chief Financial Officer, Burt Podbere.

Good morning, everybody. It is great to be here live with you guys for the second year in a row. It's great to see so many of the faces that I've missed and great to see so many new faces as well. So we have got an action-packed day today for all of you. We're going to go through quite a bit of material. I think you're going to be excited about material. I think you're going to be full of, as you always are, questions and comments, and we're going to be happy to do questions at the end. So let me quickly run you through the lineup. So today, we're going to start with, I would say, the father of cloud security, our CEO and founder, George Kurtz. He's going to walk you through vision, opportunity and how today's announcements and there were many build on that. Then we're going to move over to Mike Sentonas, our President, how we're in the early innings of our platform journey and our innovation. Mike basically is responsible for delivering cybersecurities future today. We're going to take a break after Mike. We'll have a 40-minute break at which time you can go to the back of the room. We've got demo stations by our product experts. You'll see how easy it is to use. You'll see how you can navigate through our platform. It's click, click, click. It's that simple. I use it, and I can assure you that if I can use it all of you can as well. After lunch, we're going to bring Mike back on stage. He's going to have a customer that he will talk to and share some insights with all of you. Mike will stay on stage and he will bring up some of our executive team. We're going to have Jennifer Johnson, come up, our Chief Marketing Officer, responsible for this incredible event. We'll have Daniel Bernard, DB. He's our Chief Business Officer. He'll come up on stage as well, and then we'll have Raj Rajamani. He'll talk about -- he's our Chief Product Officer in charge of DICE, which is Data, Identity, Cloud and Endpoint. So you'll be able to hear from him. After that, we'll keep Daniel Bernard, DB, on stage. He's going to talk to some of our partners. So you'll gain and glean some insights from that discussion. And then lastly, I will bring home the financial opportunity, bring it all together. And then we'll take some Q&A. So without further ado, please give a warm welcome to our Founder and CEO, George Kurtz.

We are back at Fal.Con. So I want to thank everyone for coming to the conference. Hopefully, it's been an enjoyable and productive event for you. We've had a lot of time -- a lot of fun putting it together. And obviously, one of the things that we look forward to, we actually do look forward to today. I mean it sounds like we don't, but we actually do, is talking to you about the CrowdStrike journey, what we're doing, how we're protecting customers and most importantly, how we're stopping breaches. So I want to start with what do customers want today? First thing they want is stopping the breach. You heard Mike Sentonas talk about that this morning. This is the goal of the mission of the company, and this is really what we focused on and what we've built from a technology perspective. The second thing is really consolidating to a single platform. I'm sure many of you have talked to customers and partners. In fact, I'm positive you have because they told me. You talk to customers and partners and the message is consolidation, and it's more and more how can they consolidate around CrowdStrike and then the third one is reducing the overall total cost and complexities, too much cost complexity and just integration challenges that customers have. So as I spoke about, hopefully, you've got a chance to see the keynote, but I'll just recap some of it. From a platform perspective, we built the right architecture at the right time. And when I started the company in 2011, there were things that we hadn't contemplated. And some of the early engineers, I'd sort of say, "Hey, when is this feature or when is this piece of the product coming out," and they say, "Well, we're working on it" And I said, what are you putting in gold plated plumbing in they said, "Yes, we are, but you'll need it one day." And the day is today. And all of the things that you've seen all the announcements are because of the decisions that we made early in the life of the company to be able to create that single agent architecture, the data layers and the graph technology that are bespoke to CrowdStrike, the AI native capabilities, right, AI was something that when I started the company, that's what we did. Now AI algorithms have changed over time with generative AI, but the whole core of the company and the DNA of the company was from inception. And we created workflows to actually help get things done, manage time, manage costs. And then we created this whole modular concept and framework, wrapped it with services. Some of the services that we created didn't even have names, MDR, Managed Detection Response as a category didn't even have a name when we actually did this. So we really pioneered a lot of these services and it all came from the data gravity that we have within the product and the ability to actually create data, first-party data. I'm really excited about Charlotte AI. We'll talk a bit about that in a moment, but the ability to actually wrap a whole generative AI, workflow and technology around what we do is really going to drive better outcomes for customers and reduce the overall cost. And more importantly, and I spoke to a customer last night, he said it's going to make our analysts way, way more productive. Okay. So some breaking news before we get into the meat of the slide is the -- it just happened that the MITRE ATT&CK framework test were released today. And we had 100% protection, 100% visibility, 100% analytic detections. I'm a guy that always likes to do better, but it's hard to beat 100%. So 100 across the board. And why I want to talk about this is, something I've been saying for a long time is we've innovated in this industry. We've created a lot of the things that you see today from us and certainly competitors try to copy. But it proves we're at the forefront of stopping breaches. We've got the best technology and it's proven and validated by test like MITRE. So we're super excited about that. Obviously, there's more you can read on our blog. The question I always get is, was the platform. I was actually looking at one of the other security conferences that I go to and just looking at the company names and it was a platform for this and a platform for that and a platform, platform, platform. And it's like, well, that's really a point product. I don't see how it's a platform. So I think the term platform, it's easy to put on a PowerPoint, but what does it really mean? And that's what I wanted to walk you through my view of the world of what a platform is. And I think it's the view of what a customer wants. First thing they told us is, CrowdStrike, we want your platform to be open, not closed. They deal with too many vendors that require all of their own technology actually make something work. They basically have said, open your ecosystem make it flexible, make it work with other vendors that are out there and help us solve problems. And that's important for us because when we look at CrowdStrike, yes, we do a lot in the security industry, but there are other players that are out there, people are solving different problems. We obviously have core capabilities, which we focused on in the platform slide, but you have to be an open player in this ecosystem, and that's really important from a customer perspective. They don't want that lock in. The second thing is when we think about the single agent console perspective is customers want one thing, they want to log in one time. They want a single agent, they want one platform. They don't want multiple platforms. They don't want multiple agents, they don't want multiple UIs, and that's a lot of what we see in the industry. So it's hard to just kind of broad brush something with multiple things and call it a platform. The idea is it's one thing. You get a single agent, single console in a single platform that works and it's not disjointed. The other thing is it was a platform by design. What do I mean by this? And many of you who have been with us since the IPO and have been on the IPO road show, you've heard me talk about this. When I started CrowdStrike, I looked around and I looked at Salesforce, and I looked at ServiceNow, and I looked at Workday and then I looked at security, and there was no one there in the industry. Pick-a-Player, they weren't a built -- native built cloud-built platform company, just did not exist. And I thought to myself, well, why shouldn't there be the sales force of security, and that's really what I wanted to create with CrowdStrike. And I think what we've put together and what we've demonstrated certainly in financial success in our technology gives you the view of what we built many, many years ago was by design. It wasn't stitched together with acquisitions. It was built from day 1 to be that cloud-based platform. One of the things, and I would like telling the story when I hired Burt, I think it was -- I had him at a low, and I said, "Hey, Burt, we're not going to have any perpetual licenses and we have no hardware", and he just about gave me a hug. And if you look at our business, this is not something where we've got mixed models. We've got transitions. We've got hardware. We've got different things that we have to showcase in different ways. We've got 1 platform that's designed to stop breaches and provide the best security outcomes to customers. And then the next piece is infinite customization, apps, workflow and experiences. We talked about many announcements this week, Falcon Foundry is one of them. The ability to actually customize and create your own workflows. And for me, that really is the culmination of what a platform is, can you build your own apps? Can you turn security analysts into security creators? That's what we've delivered. Right? And we have the ability to monetize that. So customers are looking for that level of flexibility. And I haven't seen them so excited. I went to dinner with 15 customers last night, and they were just giddy with all the new technologies we came out with and Falcon Foundry was one of them that they were super excited about to just solve different and unique use cases from a platform perspective. And then, of course, it's all about producing outcomes, right? The security outcomes, which were don't be breached, save time, save money, consolidate, make it easier for security practitioners. And I hear this time and time again from customers, make the technology work for me, don't make me work for the technology. And that's really what we've done. If you saw the Charlotte demo, that was real. That's what we're delivering to customers, the ability to take many, many hours of work and condense it into just a few minutes. Why do we produce these outcomes? There's a couple of things that I want to point out that are really, I think, unique to us and how we've created these and how we've integrated them. From an incident response and threat intelligence and a managed threat hunting perspective, we get many, many unique insights that others don't get. You read the news. You know what's going on. We probably get half of the big breaches to respond to. There's really 2 big players in the industry. And what that does for us from an incident response perspective, yes, it certainly drives product attach rate but it gives us unique insights into the tip of the spear of what the breach is actually. What the adversaries are doing in that breach. We have the latest TTPs, we know what's going on. We're way ahead of the curve when competitors are trying to figure out what happened. All of that goes into our threat intelligence combined with our threat hunting, where we've got trillions and trillions of signals every day, every week that are combined together to give us an idea of what's actually happening. We put all of those together, again, to produce the best outcome. It's not just about technology. It's not just about intelligence, not just about service. It's the fusion of all those together. It's a secret sauce in the right ingredients. You can have all three, it's the right ingredients and how you make it work. And that is one that I really wanted to highlight because it does give us a unique advantage of understanding the adversary and the breach. So when we think about the platform and the features, you can't take a point product and reswizzle it in the platform. You can't buy a bunch of things and wrap a PowerPoint on it. It has to be purpose-built from day 1, and that's what CrowdStrike was focused on. And that's really what I set out to do day 1. So what has CrowdStrike Falcon become for customers, and you'll hear it from them. It's really the source of truth. Right? It's the data that we create that they're using every day, and it's this data gravity concept where they've continually tell us that the CrowdStrike data is the most valuable security data that's being created in the environment. And I do want to make a distinction between the creation and the ingestion of data. We're a first-party creator of security data, and that's super valuable to our customers, and it's certainly really valuable from an artificial intelligence perspective in finding and training -- finding adversaries but also training the algorithms to get the best outcomes. So let's talk about the next chapter of CrowdStrike and the way we look at it. I started the company from 25 slides, here we are today, almost a $3 billion company. We've got almost 4,000 people, I guess, over 4,000 people at the event. It's been an incredible Falcon just beyond expectations. But what's the next journey? Where are we going? And I wanted to lay this out and Burt is going to talk in more detail. He will certainly reinforce this is not a guidance slide. So he'll say that about 10 times. But we wanted to give you an idea of the way we're looking at the business and the 5- to 7-year journey to get to $10 billion in annual recurring revenue. And I want to walk you through the solutions and the segments and the geographies and the expansions and more importantly, the partners that are going to help us get there. So almost $3 billion today, heading to $10 billion, the market opportunity is there, the platform opportunity is there. We're at the right time, right place with the right technology and customers are wanting to buy more from CrowdStrike. So let's talk about the solutions, right? And I'll walk you through how we can put pieces together and where the opportunities fall out. One of the areas on the last earnings call that I spoke about was SIEM and next-gen SIEM. And this has become a big business for us via our LogScale acquisition, Humio to LogScale. And what are we seeing in this market? Well, first of all, it's a huge budget for customers. I talked to so many customers over the last couple of days, they said, "We can't wait to get rid of our SIEM". Why is that? Well, we spent too much money. It's ingesting a lot of nonnative data. It's slow. It takes forever to get a query done. We have to constantly configure, it doesn't run well in the cloud. We want something different. And this is an area that has gotten a lot of attention with our customers. And I've talked to actually 3 of them this morning, they said, we've got LogScale, it's amazing. It's fast. It works and it's saving us a tremendous amount of time and money. So when we look at the legacy SIEM market, right, I think it's analog to the legacy AV market that we disrupted in the early days of the company, right? You had high dissatisfaction. You had incumbent vendors that weren't innovating and customers that were willing to do something different. And that's part of what we see here on our opportunity in this SIEM data business that we've mentioned in the past. So one of the things that I want to highlight here is the introduction of the Falcon platform release. So this is a release for basically the fall here in Q3 of 2023. It's not a product, it's a release. But what it does is it incorporates the LogScale technology that we acquired into the platform natively, okay? So that gives us the ability to remove some other dependencies that we had in the product and actually put native capabilities into the product. What is it going to do, faster outcomes, lower cost for us, lower cost for our customers and ultimately, the ability to ingest massive amounts of data into our platform. If we're already creating 85% of the valuable data, customers are telling us, they don't want to take our data and just move it somewhere else. They want to take the 15% of the data that's being created in other places and put it in the Falcon platform. Raptor and LogScale are going to help us be able to deliver on that. And that's going to help us deliver on the ability to capture the SIEM budget and next-gen SIEM opportunity. So what does it all look like? And what does the market look like? From a data gravity perspective, as I mentioned, 85% of the data is being generated here. What this means now is through our connectors and LogScale, we can ingest almost any type of data, and that's a huge advantage to us. And one of the things I know Burt will talk about is on the cost side. given the fact that we control this technology, given the fact that it's faster and much more scalable than some of the technologies we were using to provide this presentation layer. It's going to really drive efficiencies in our own business. But as I said, more importantly, it's going to drive the right outcome for our customers. And this sort of XDR and SIEM market begin to converge into a single budget item, which is the ability to ingest data, store data, search data at lightning speed, visualize the results and respond automatically. And that's really what customers are looking for. And the challenge that you have with SIEM is it is an aggregator of data. It's just kind of on the side, and it just takes data in, but it's really not in the main flow of things. And if you can put the data that you generate and any other data that you put together, create new detections and new workflows in the stream of how a customer is actually using it, that's a win for a customer. So that's a bit about Raptor. And Mike will -- he'll cover some of this in his presentation as well. So the next-gen SIEM opportunity. It is a $16 billion market opportunity for us. And one of the things that's interesting is you can see where the Falcon data goes today. that's actually where it goes from our system. So if someone is taking Falcon data and they want to put it somewhere, these are the places that it actually goes. So this represents an opportunity for us to keep the data within the platform and again, that data gravity, data moat that we've created, I think accrues value to CrowdStrike. You can see the platform traction from when we launched the technology $5.5 million in ARR to over $100 million, pretty impressive. And again, given the market opportunity and given the willingness for customers, we think it is a game-changing technology and a big business for CrowdStrike on our journey to $10 billion. Some of the other challenges with SIEM. This data creator, as I mentioned, data aggregator and cost optimizer. We're a native creator of this data, right? So we understand the context. And there's a big difference between taking a bunch of data and throwing it into a data lake because you lose the context of how it actually got there. One of the unique things that CrowdStrike has done with its technology is creating this massive graph in the cloud. And we have a data graph that runs locally on each endpoint. So when we move data to the cloud, we never lose the context of that data. And that means that when we're trying to detect things or put things together, it's much easier and more cost-effective for us because we're not taking a 20-megapixel file dumbing it down to 1 megapixel, shipping it somewhere and then trying to rehydrate it. When you look at data aggregators, again, from the standpoint of pulling data in, I think the data aggregators are going to have a hard time unless they are actually in the flow of being able to stop breaches. And then certainly, with our technology from LogScale, it is index free. So the searches, and we have customers that have told us this. They have 40 terabytes a day they're ingesting. Those searches were taking them 2 days in a competing technology. They take a couple of minutes in CrowdStrike. All right. So that is the SIEM opportunity, and we'll move along now to identity security. This is one business that has just been on fire over $200 million as we talked about in the last earnings call. But we do get a lot of questions on it. And I think there's a lot of confusion when we talk about Identity. So I wanted to again go through how we look at Identity and just put some context around this. In the Identity space, there's really 3 key areas. One is the creation of an identity, which would be things like Active Directory. So create an identity. And that's fine if you have one identity, but I think we all have like 20 places that we have to log in. So we have to aggregate all these identities and you have the ability to manage and aggregate with folks like Okta, Duo, Ping, et cetera. And that's the control access. What we're focused on is the securing of those identities with CrowdStrike identity, threat detection and response, which really prevents these identity-based attacks. What you're reading in the news, all the things that you read over the last couple of months. These are all identity-based attacks. I can assure you that. What that means is there is a huge need for companies to have this technology. They're scrambling as an industry saying, okay, if this can happen to all these different companies that are out there, what are we doing about it? Standard technologies are not going to prevent identity-based attacks. Somebody gives up their credentials and then uses it to log into multi machines, puts back doors, that's not going to be picked up by standard products. You're going to need to have an identity threat detection and response solution, which is why we actually acquired some technologies years ago, built it into our agent. It's a single agent today and it's effortless to actually turn on and light up. So look at the success, this is one of our fastest-growing modules, $6.8 million to over $200 million. This is a big business, and you've heard me say this in the past, just from a category perspective, it can be as big or bigger than EDR in my opinion, because identity-based attacks are so prevalent. So from our standpoint, what we've been able to create is needed by customers, it's integrated. And there is one area that I want to mention. When we think about the high ground that we have, we run on things like domain controllers. These are not easy for other companies to get on to because of the sensitivity of what they actually do. Our agents are already running on these domain controllers. It's as easy as literally flipping a switch because there's no deployment, the agent has all the functionality needs. And all we need to do is relicense that customer for identity. So we see this as a continued growth area for CrowdStrike. There's more that we can do in these areas, and we'll continue to expand that out over time. And the last area, again, just kind of lining this up to the last earnings call is cloud security that I wanted to talk about. What we hear from customers is it's complex, it's fragmented, it's immature. There's too many acronyms. We're going to go through some of them, but we're going to try to demystify cloud security. And it's hard for me to even remember some of the acronyms as we go through it. But why is this such a growth area for us? Well, from a threat perspective, we've seen an increase by 95% of threat actors taking advantage of cloud-based attacks. And even the identity attacks that we've seen are actually taking advantage of cloud-based identity solutions. So let's jump into a little more detail of what the opportunity looks like here and what a modern CNAPP technology looks like. So CSPM, CIEM, Cloud Workload Protection, right? These are all technologies, both agent and agentless that are needed to actually be able to secure, identify misconfigurations in the infrastructure and secure it. The market opportunity for cloud is about $31 billion. You can see where our partners. We've got a lot of traction. Obviously, we're in a lot of marketplaces. We've got some big cloud partners, 56% Cloud ARR are sourced from partners. And we've got 28 of the Fortune 100 are cloud customers, right? We've got one of the largest cloud businesses on the planet, Cloud Security. And the platform traction is incredible. $100 million to almost $300 million last quarter. So what does all that mean? It means that we're going to continue to grow and continue to add capabilities. We're really excited to acquire Bionic. Fantastic technology. It might be one of the worst kept secrets I guess. But now we actually put the press release out. The team has been amazing, and the technology is amazing and they fit into the application security posture management space. We'll explain how all this fits together. So not only will we have leading cloud workload protection, that is the ability to actually prevent breaches, combined with Cloud Security Posture Management and Cloud Infrastructure Entitlement Management, so many acronyms, but now we're going to put this together with the Application Security Posture Management to have the most complete picture of risk and the best prevention in cloud code to cloud workload security protection. So we're going to give you a picture of risk. We're going to protect what's running on the cloud, and it's simple and frictionless for our customers. Now what does all this mean? And how do we make sense of it? So what we wanted to do, because it's hard to keep track of all this is explain a bit on what all this means and put it into kind of a simple analogy here, right? So we're going to use a room, and we're going to talk about Cloud Security. So securing the cloud is like securing a room, right? We've got Cloud Security Posture Management. And that really is asking, is the room itself structurally secure? Do you have misconfigurations? Do you have vulnerabilities? And it's more of a compliance-centric view, a point-in-time scan. So looking at everything in this sort of house, right? Is it foundationally secure? And is it misconfigured. And it's more of a compliance and reporting check box. It doesn't stop the breach. This is an important element. CSPM doesn't stop breaches. It tells you whether you have misconfiguration. Potentially could be exploited to create a breach, but it doesn't do anything really in real time. So that's CSPM. Now we'll move along to Cloud Identity Entitlement Management, which is who is entering the room. Right? So now you've got to figure out, you've got a cloud environment who is actually allowed to be in that cloud environment. How do you manage access? Are they good actors? Are they bad actors? I just talked about identity being one of the #1 reasons why cloud infrastructures are breached. This is the type of technology that you need there. But it doesn't necessarily stop the breach. It tells you where again, you have access control issues and some problems. So it identifies who is entering the room. So now Cloud Workload Protection is really about, are bad things happening in the room? And this is really the preventative control. And you see this is agent-based. The others were agentless-based. How do you prevent and stop attacks in real time? So you can't just have one that's kind of looking for structural integrity without actually protecting the room. And that's why you have to combine all of these together. And of course, we built our bones on our agent, our Cloud Workload Protection across Windows, Linux, multiple platforms that are out there. But it's designed to prevent and stop attacks and also is that motion detector alarm. The other piece to all of this, too, is all this telemetry then comes back into things like Overwatch and Complete, where we can deliver cloud detection response, which is really an emerging category. So not only preventing all this and giving you visibility but actually having the ability to take action from a managed service perspective. So now what is application Security Posture Management mean? I hope you got all the acronyms now. And I know the deck will be available, so you can go back through it. But this is really now a complete inventory of what's in the room, right? And it identifies what software is being used, how it's configured? Is it configured correctly? How it's deployed? The beauty of this technology is it's not invasive in how it actually works. So it can pull all the configurations for all of the application infrastructure. And hopefully, you saw the demo, it can actually recreate a complete map of your cloud environment. Ask any cloud, ask any company about their cloud infrastructure, ask them to show you a map, you're going to get a blank stare, and you're not going to get anything back. So the way this stuff works is magic, and the ability to actually understand where the risks are, point those out and help customers identify and remediate those risks are key. The amount of feedback that we got on this acquisition has been off the charts for customers that have said "Okay, we've been looking at this technology in the space. Now that CrowdStrike has it, like this is what we want". And the ability to actually now combine it with the infrastructure piece, right? So we've got infrastructure, we've got applications and we've got workload protection and everything in between, really creating the most complete cloud security offering in the business. So that's how we're bringing it all together. And obviously, we're excited about that acquisition. So you heard us talk about friction between IT and security. This one, I got so much feedback on. It's crazy. I had so many customers say, you nailed it when you talked about IT in one corner, security in another corner. And I've actually been told stories that the IT group, they've got lots of tooling that are out there and they're literally going to the security team. saying, "Hey, can you help us what our asset inventory, can you fix this? Can you take a remediation action?" We actually had one customer who has a different IT tool, say they use Falcon to fix the IT tool. So when we look at this opportunity and what this means, it really is opening up the IT market to CrowdStrike. It's opening up a new TAM opportunity for us. And it's not going to solve everything in IT, but it's going to give us a huge opportunity into organizations that are looking for better visibility around their assets. Most companies don't know what they have, they lack visibility. They've got too many agents that are out there. The ability to do real-time queries, the abilities to take action, all built into the agent and the architecture without deploying something else, right? And I mentioned this on the keynote, think Tanium on steroids. That's the capabilities that we're bringing created natively within the product and then obviously support it with things like Charlotte AI. Okay. So what does this mean from a market opportunity, at least $10 billion in TAM, I think it could actually be bigger than this. But from an IT perspective, it gives us high ground with the CIO. It gives the ability for the security team and the eye teams to -- IT teams to actually work together, which sometimes it's more of an org chart problem than a technology problem. But the ability to manage assets, find unmanaged assets, create this application inventory. One of the demos that I did earlier yesterday was tell us all the software that we have installed that we're not using. This is a CIO request. And last night, I had -- I was with one of our CSOs, a big company, and they said, "Okay, we're going to give you a list of things that we want from -- queries that we want from Falcon for IT because our CIO keeps asking us about all this information, and we're the only guys that have visibility. So this is what we're looking for" And they actually said, hey, they want to continue to help us kind of develop what the IT teams want in their own shop. So we're really excited about what this means and when you put all of it together, it gets back to the common theme, how do you do more with less? How do you consolidate? How do you save money for customers? And this market opportunity, again, is going to be part of our journey to the $10 billion goal that we talked about. Foundry, another announcement that we made, more announcements in this Falcon than we've ever had. This one I'm super excited about because it really puts the power of development back into our customers' hands, right? So before they would request a new Falcon capability and they'd have to wait, right? We prioritize it after they can create it. And that's really cool. And we'll talk about some of the monetization mechanisms around this, but there really -- there will be a platform charge and ingestion charge for these workflows so that as they create and use more applications, the more they use, the more they create, the more we can create revenue opportunities for CrowdStrike. So this is just one example of apps created in minutes. This is a MITRE Investigate application we created in minutes. This is an Insider Threat Monitoring application because we've got asked many times, "Hey, what can you help us with from an insider threat perspective? And this is an emergency response to sort of a braking like move IT type exposure that was out there. And you can do this low code, no code and even the goal is to have Charlotte build these applications for you. So how do we turn security analysts into security creators? This is the power of foundry. And we've got monetization mechanisms around this as well. Okay. So Charlotte AI, I know you've all been waiting for this. So do more with less and faster. And the biggest example of this is the productivity gains and this is what we heard from customers. You're going to make our people more productive. We can't hire enough stock people. We don't have enough stock automation. We can't keep the people, right? We can't read all the threat reports. So how can you have something do all this busy work for us? That's what we delivered. If you haven't seen it, you should go down to the pavilion and take a look, we'll give you a live demo of it. It's turning 8 hours into 8 minutes of work. Market opportunity, we estimate to be about $7 billion. And the pricing model. Okay. I had to give you -- I had to have you wait a little bit. So it's going to be priced per endpoint with a list price of $20 per year, so our view of the world per endpoint, less than a cup of coffee per month per endpoint. And then there will be additional query packs that you can buy. And that's the way we're going to monetize it. There's a tremendous amount of value in what we've created, and that's something that we'll be demonstrating to our customers. So if you buy more of it, obviously, the price points move around depending on the volume, but list price is $20 per year per endpoint. So I'd like to just close off here on the market opportunity on a journey to $10 billion. We've got 160-plus partners, each with $10 million or more in total business to CrowdStrike. Partners are critical to us. You're going to hear from Daniel Bernard, who is actually known as DB later, and he will talk about what we're doing with partners, how we're driving additional incremental revenue, how we're enabling them, how much focus we're putting on them, how we're going down from a segment perspective. Many know we start in the enterprise, and we're seeing tremendous success in the SMB, particularly with things like Falcon Go in our managed service partners that we're working with. So partners are going to help us tremendously on our journey to $10 billion. Current TAM today, about $100 billion, right? You can see all the different slices there and when we look at where we're going and on our journey, what is that TAM opportunity, and this spans 9 categories to get to this $100 billion opportunity. But in CY '28 we believe it's a $225 billion TAM, okay? So when you look at our journey to get to that $10 billion, we've got plenty of TAM opportunity. We've got the right technology in place. We've got the right people and customers want to buy more and more and harmonize on CrowdStrike. And this is something that we hear time and time when we talk to them. How do we go through your road map CrowdStrike and how do we go through a customer road map at the same time so they can make buying decisions based upon what our road map looks like. We have customers to tell us every day, can you please let us know what you're building? what you're buying? Well, we can't let you know what we're buying, but what you're building because they want to make decisions. They don't want to go to an alternate provider if we have it or we're coming out with it. And that really is, I think, makes the platform really sticky. I know from our own perspective internally when we think about Salesforce, Burt and I, first question we asked, if someone comes in and wants a different tool, we say can we get it from Salesforce? Does it work with them? Does it integrate right? It's all about the platform because that's where the data gravity is and that's what we're seeing from customers. Okay. So with that, I'm going to transition and welcome Mike Sentonas to the stage. I'll bring Mike up. So Mike, we promoted Mike to President. He's got a lot of responsibility in sales and marketing and engineering and intelligence and a whole bunch of things, and he's been an all-star for us. I think you've seen just how much new technology and innovation that we've been able to drive very quickly just for this release here in Falcon. And Mike, and his team are a big part of it. So we really wanted to put things together to be able to kind of control things sort of end to end in terms of what customers want, what we deliver. And it's a real pleasure to introduce Mike Sentonas, our President. Warm round of applause, please.

There we go. How are we all doing. It's good that I'm not doing demos. I think we broke a world record summer along the way with the number of demos over a couple of sessions. So George talked a lot about what the team builds. I talked a lot about it in the earlier session for you here around core values, operational philosophy, some of the things that we want to bring to market. So I hope you are all in that session, if you want. If you weren't there, please have a look at that video. So incredible feedback from a lot of the people that were here if -- glad you're all here. But if you were in the hub, the Bionic section is about, I'm told, 8 people deep right now, and they have no more slots for demos. So incredible excitement around what we're doing together with Falcon Cloud Security as well as with Bionic, which is huge. So let's jump into some of the content. We talked a lot about this in the last earnings call. Super excited. And it's just awesome seeing George go through the history of what we've done, going beyond what you all think of as ADR as an example, what the industry knows of as ADR and start to talk about some of the additional things that we've been working on, Identity, Cloud, LogScale. Identity becoming a $200 million-plus business going from a couple of hundred customers to over 2,000 in such a short period of time. On the last earnings call, we talked about Cloud and the success that we had with Cloud. And I think you're going to see that accelerate with not only the new features that we've announced this week, the acquisition of Bionic and pulling together that complete code to cloud story with a lot of the capabilities that we have there, pretty cool demos and everyone is really excited about that. LogScale has gone from strength to strength. I talked about doubling down in terms of the investments, the number of people working on the road map, the Raptor release that we talked about integrating the log scale capability into the platform. What it ultimately means is people have the ability to, as George said, take the last 5%, 10% of data, pull it into the platform. It's going to drive additional adoption of LogScale where people want to get involved and create their own custom environments, go beyond that capability, they have the ability of stand-alone LogScale as well. So whilst we're massively excited about those capabilities, there's just such a significant opportunity to go beyond this, even in the core as well as the new announcements that we made during Falcon this week. So if we think about that long-term opportunity, as George said, an illustrative example of how we go over the next 5 to 7 years and how we continue to build out that capability, where we are and the opportunity today to where the opportunity of just these 3 products where we can go into the future. So very excited about LogScale, Identity and Cloud. You are going to hear us talk about LogScale, Identity and Cloud and keep that group, because I think it's easy to track and understand where we are, but that opportunity continues to amaze us. And it's really driven by the fact that the adversary is so focused on these areas. And the tools that come with operating systems, the tools that our customers have access to have traditionally not worked. When I say haven't worked, it's the complexity of the operating system. It's just the lack of a capability, so that demand and people coming to us asking for assistance just continues to go from strength to strength to strength. Okay. So let's talk a lot about the opportunity ahead. And this is a question that many of you have asked me, well, where are you in the journey of adoption of the CrowdStrike technology? And I did want to bring it back to grassroots because I do believe passionately that even if you look at the endpoint opportunity, we are still at a very early innings. We've been widely successful with the Falcon platform, and that wild success has allowed us to get close to 18% market share in modern end point, but close to 50% of the market is still using Legacy AV. Why? Well, a lot of these organizations did multiyear contracts. They're waiting for them to come up for renewal. There's many reasons for it. As they go through and get closer to the time of renewal or they work with us, because unfortunately, those Legacy products had a failure, they've called us to do incident response that George talked about, there's an opportunity then to go and displace it. So 48% of the market is still on Legacy AV. It means they don't have the Falcon Agent. They don't have the ability to then deploy next-gen AV, the prevent modules, they haven't got the ability to deploy our identity, you kind of get the story where we can go and build out. So a huge opportunity just there to talk about. But then if we double-click, and we go a lot further down, you can see here in terms of just a broader view of the market and the market opportunity across global enterprise as well as SMB. So if we think about public sector globally, I'll kind of start there. I'll jump around on the slide. If you think about public sector, less than 1% penetration there. It's a huge opportunity. Again, many reasons for it. We talk about it on the earnings call. You need certain certifications. You need to build your products in a different way. We have traditionally focused on the North America market, but we have opportunity across Europe, many countries across Europe, all the 5 [ eyes, ] they think U.S., Canada, Australia and New Zealand and the U.K. as well as others that we have the opportunity to work with, whether it's with the platform, whether it's Intel and other capabilities that we have, less than 30% penetration estimated across the Global 2000. So again, an opportunity to continue to service those accounts and build out our capabilities. A real massive opportunity in SMB. And many of you have asked why are we so focused in that area. We talked a little bit about this a couple of calls ago. If you look at this sector, and we model between 5 and 250 users, there's over 50 million businesses around the world. So that is an incredible opportunity. That is an incredible amount of end points. We'll talk a little bit about how we can go and address and make sure that we cover that opportunity. And then we talk about mid-market, we talk about the global opportunity. So good illustration around being in the early innings with so much more opportunity to go as we build out the organization. So double-clicking a little bit around where we are in our journey to go after the SMB and what capabilities and how we go over that over 50 million global businesses. I believe we do have the right offerings. It's something that we've been working on very heavily. And with the addition of DB, Daniel Bernard and Raj Rajamani, we've really double-clicked on that. And we really thought about how we can focus and build out the technology that's easy to deploy, easy to manage as well as a capability ultimately to stop the breach, whether you are the largest bank, the largest government, whether you are the smallest SMB, you have the same need, which is to stop the breach. So we have those offerings today, Falcon Go, Falcon Pro didn't set that up. So Falcon Go entry-level next-gen AV as well as device control. Falcon Pro, having the next step of protection that includes next-gen AV, device control, easy-to-use EDR and threat intelligence. So different ways of working and super excited about the work that we have been doing with strategic partners like Pax8, which DB will talk about, so I won't go into that, because that's a huge opportunity to create an easy-to-use offering with a world-class partner that has a lot of these accounts to go and work with. Okay. So just to give you an example of where we are from a logo perspective, I'd like to say from a customer perspective. And I think it's, again, a good illustrative example of where we sit. We talk a lot about this on the calls with you, incredibly successful, over 23,000 customers. But if you look at other examples of organizations in this space, even if you think of some of the legacy AV vendors, if you think of the McAfee's or Trellix, you think of the semantic Broadcom, whether it's 40,000 customer names, 100,000 customer names. If you look at Trend Micro, there are over 500,000 customer to their portfolio. There's a huge amount of opportunity for us to continue to demonstrate why we can provide a better outcome, stop the bridge, do it a lot easier and provide an economic vehicle that is providing that better technical and financial option to that end user. So I really just wanted to spend a little bit of time on that, because it is a question that you will ask when we catch up every quarter. So you've seen this a lot. I love the new platform slide. It's very simple to follow how we've built out that architecture. But really, our goal when George and I were thinking about this chart and how to represent the architecture, we wanted you to understand the opportunity that, that sensor provides. When George founded the company, it wasn't to build an EDR product. He talks about that. It wasn't to build to next-gen AV module. It was to build that lightweight agent that could scale across hundreds of thousands of end points. We have customers today with over 1 million endpoints, easy to deploy, easy to install, and that matters. You may hear us talk about that time and time again, you're thinking why you keep telling me this, I get it. But if you go and talk to one of those banks, if you go and talk to one of those organizations that has 1 million end points, go and talk to an organization that's had a cyberattack. If you have to try to roll out technology that requires a reboot, if you add complexity, it's going to take months to quarters to even 1 year to roll out this technology, because you can't just simply go and install a product on a server. When we talk about identity, you can't just go and dump something on to a domain controller and think the business is going to install it. And you see a lot of the legacy technologies. People don't use new versions, because they can't get it out. And this is a huge opportunity. It's a huge setup. There's no requirement of hardware. There's no data silos, there's no friction. Think about it from a partner perspective, they don't have to invest in all of that hardware. They don't have to invest in the complexity. It's easy for them to demo, to solve a customer's problem and then to move beyond and look at other opportunities. So super important for us. We will keep talking about how we embed AI and everything that we do, make it simple -- very simple, make it very easy. You heard George talk about our Mitre success. The best thing about that, no signatures, we don't have an operating system, but we didn't have to update our agent to try to get a good result. So have a look at some of those examples. Getting a good score by having to update your products halfway through, it's not the way the world works. So all of the modules built on top of that platform. You saw a lot of the demos, and we'll keep building that out. We're excited about the additional capabilities. You heard us talk about all the different new releases this year. And we will keep moving beyond that and adding to that portfolio. Okay. So it's not just about the product. And one of the things that George left you with was just the velocity that we have in these new releases, the new capabilities. But it's important to note, it's also going back to the existing modules and continuing to build them out. I'm incredibly excited about what we're doing with exposure management, the ability to go beyond what we've done with the agent and to start to do scanning of network devices. It's the ability to go beyond what we've traditionally done and brought in third-party telemetry, whether it's from Tenable today or Qualtrics tomorrow and giving people a center of gravity, all of the data inside the CrowdStrike platform. So you've seen the work that we've done really getting the product and the engineering team working closer and closer together. And I truly believe if you have a look at the last 6 months, the innovation that we've come out with, the scale and the quality is absolutely phenomenal. It's about bringing together product and marketing. And it's changing the process within CrowdStrike, so that when we make an announcement, we're ready to go. The team is enabled. It's articulating the strategy and the capabilities, the differentiation and making sure that everybody understands all of that work that we've been building, and it's not just sort of thrown over the fence, which is super important. It's pulling together sales and engineering. I do believe I've been here for nearly 8 years. I've never seen such a partnership between the sales and the engineering team. And it's understanding the needs of the customer, the team in the front, the sales engineers that are dealing with customers every single day. Having a closed loop process where they can come back and say, "Hey, look, this is what I'm hearing." it's also bringing the engineering team into customer meetings and you think, guys, you should be doing that. It's not as prevalent in the industry as you think, but having engineers going out and sitting down, spending a day, a week, and looking at what our customers are doing. So when we're building products, we're not the only ones excited about it, our customers are, because we've heard them, we've listened and we've built for their specific requirements. And then finally, the sales and the product team, of course. Making sure that it's not only tech that we believe customers need, but it's listening to them. We've heard the questions, help me replace my DLP. Can you help me with my log management? Can you help me solve some of these other problems like IT? So market-driven innovation. So let's summarize that. Obviously, we've talked a lot in the last couple of days. George's keynote, my keynote, this morning. We've talked a lot about what we're doing but let's summarize some of those key Falcon announcements, because we've thrown a lot at everybody, and there's possibly going to be more things coming along that you should all be aware of. But when we talk about cloud, the most comprehensive code to cloud security suite in the industry. We've been doing incredible work in this space, one click XDR, the ability to do infrastructure as code scanning, the ability to do side scanning, the ability to use an agent to stop a breach, which many people cannot, cloud vendors that talk just a lot about how you visualize your issues. We want to visualize it with an agentless solution, but we want to actually stop the breach. So we give you all of that capability. Data security, we've worked very closely with the organizations that have said to us, help us get rid of DLP. They have been part of the build process. Over 30 brand names, many of them, which you will know that have deployed the agent, they've deployed the capability, they've agreed to be a development partner and to buy the product when it is available, they are prioritizing the features that we should build on first and super excited. And we are using native capability in the sensor. We're using capability that we have created, and we're using some of the capability of Secure Circle, which is the reason why we bought that company. Look, I don't think I need to go on Falcon for IT. I think we all get the benefit of Falcon for IT. The demo that I showed earlier on stage was to see which machines have got risk, which machines had a Microsoft update that didn't work. This is what organizations deal with every month. When the slide went up, when the demo went up, the cameras went up, and people started taking photos of that capability, we can now go and query the registry. We can query the configuration of the machine. We can give customers quick fixed playbooks, so they can roll out fixes or they can create their own. So massively excited about those capabilities. Charlotte AI, Generative AI to do more faster. We've talked a lot about that. Charlotte everywhere. We are spending time, everything that we do from a product perspective, have you worked with the Charlotte team to make sure that Charlotte is everywhere with the real one who I saw running around earlier, so literally everywhere. Foundry, think it, do it 100% Falcon. I've said to you with the capability that we have with Fusion, with real-time response. If you can think it, you can script it, you can execute it. And now with foundry, we take it a step further to allow you to build your own workflow. So what does this mean? We have customers that say, "Hey, this patch came out. I've tried to get it out, I struggle. It would be good to use the Falcon platform to just very quickly push out an emergency patch and get feedback as to whether it worked, build the app." It's a workflow. So it's not a full feature module. It is a workflow and then as we wrap up, I talked about exposure management earlier, so I won't go into more detail about that. But as I wrap up, the Falcon Raptor release. There's been an incredible amount of work that has gone into that. It's connecting LogScale with our threat graph. It's having that visualization engine with LogScale together with our LogScale -- with our Threat Graph telemetry. What does that really mean? It means getting native first-party data from CrowdStrike in the threat graph and combining it together with data from any third party. So that customers can pull in their firewall logs, their e-mail logs, their web logs, and they can ask queries, and they can threat hunt using the Falcon platform with our data and any other vendor data. If you saw that demo, we can query millions and millions of logs of events in a second. It is performance that I have not seen, and customers are getting the demos, and we've got demo stations here where you can see this capability. So it's a project that we have been working on for a very, very long time. So as I said, that pace of innovation, never been faster. We're going to see continued releases. We've got a whole lot of ideas in terms of what we want to do. We really want to double down on Falcon Fire IT, because that's a huge problem that we want to solve for our customers. And we've had such an overwhelming response with regards to that announcement. And then I'm sure there'll be a lot of questions on this, a lot of interest on this. The last one that I talked about in my keynote is how do we make it easier for the customer, not only from a technology perspective, but from a licensing perspective. And I just want to be clear on a couple of things. How do we make consolidation easier with CrowdStrike? Many of you have been working with us and following us for a long time. You remember the days when we would tell you about 3, 4, 5 module adoption and then we went from 4, 5 to 6, then we built that out. And today, we talk about 8, 9, 10. You're going to see very soon, we're going to be talking about 10, 11, 12. Well, there's an interesting thing here. Customers are saying we want to consolidate with CrowdStrike. We want to do more with you, how many other things can you replace? We talk in use cases, how many use cases can we solve for you? And we come out with modules that solve those use cases. And the reason why those modules come out and the reason why people buy them is because they solve those problems for customers. But from a procurement perspective, we want to make it easier. If we come out with Falcon for IT as an example, the team has to go back to procurement. They have to go through a procurement cycle. It can be -- it can take a long time as an example. Equally, people want to use the new features. They want to move to them very quickly. They may want to move from one product to another. They may want to use more licenses of one capability within the Falcon platform and less of the others. So we announced Falcon Flex, we have worked again with customers. We've talked about this. We've understood what they need from the program. And just to be clear, super proud of this, single subscription licensing model removed procurement friction. That is what it's about. It's about flexible module adoption, so that people can scale up and scale down, so they can switch modules. Clearly, the benefit of this is people having the ability to buy more from CrowdStrike in an easier way, which is why we launched Falcon Flex. So let me wrap up some takeaways here, early innings on this platform journey. What you are seeing today is the vision that George had way back when, where we could give people the ability to use modules that solve specific problems that solve specific use cases that they're looking at a better way to implement a technology. For me, I want to make sure that we continue this innovation consistency, releases, qualities, solving the hard problems for our customers with one agent using that unified platform that we have. Customers tell us, you are the consolidator of choice, so help us adopt more. So what we're talking about with things like Falcon Flex. So we are going to take a lunch break now. We're throwing a lot at you, so we're going to pause, give you an opportunity to regroup. After lunch, I'm super excited. I'm going to introduce you to a customer, a longtime caller, repeat caller as well, who has used and deployed CrowdStrike in several organizations because of the benefit that they've got. So we're going to talk about why he became a customer, why became a repeat customer and why good enough security is not good enough for him. Enjoy lunch, we'll see you soon. [Break]

Outbound on. For example, we just had 24 hours of pipeline generation. We had the global SDR team together to see if we could break our pipeline generation, daily goal. We didn't just beat it. We actually doubled the goal, which is already going to be a record. So that just shows you the strength of bringing our teams together. So we couldn't be more aligned. Secondly, one of the things that we really did was look at our marketing tech stack. So we talk a lot about point tools and security. We also have a lot of point tools and marketing. So we really looked at what are the growth tools for that kind of the modern growth marketing stack and one of the things we really did is how do we bring AI into the top of the funnel. So we can get really predictive in terms of understanding both, prospects and customers, where they are in a buying cycle, what projects that they have, what products that they're looking for based on their online activity, what they're searching for? And therefore, we can be super hyper targeted with the messages, not just the marketing messages, but what the SDR team will go in and call. So in the moment, we know where someone is in a buying cycle. So we can target them with the right offer to where they're at. We understand what products that they're looking for. So that think about how do we bring the breadth of the platform and start really thinking about not just new logos, but platform expansion as we can be super hyper targeted? So those are just 2 examples. Also with our partner ecosystem. It doesn't stop with just our direct sales force is. How do we enable our entire ecosystem to go out and be able to bring the platform message to all of their prospects and customers? So we're running CrowdConnect. So we do local events around the globe with local partners to get them enabled on the entire platform. We bring special offers with them. We have SPIFs in place. We have something called The Grid. So basically, it's a digital campaign in a box. So for every campaign that we run enable our partners to be able to download things, download assets, be able to localize it, be able to run it against to their databases, to their prospects and customers. So those are just a couple of examples of the things that we're doing.

I remember when you joined CrowdStrike and we sat down and we went through the platform and we talked about what it is that we do, one of the first things that you did was get to work to talk about the platform and what we do outside of what people traditionally knew us of with EDR or end point security, the work that you've done on cloud with the team. Obviously, we saw the benefit of that in Q2. Talk a little bit about how you're building awareness, how you approach that, a lot of new stuff today.

Yes, absolutely. So one of the other things that we've implemented is global integrated campaigns. So for every key market across our entire platform, whether it's end point, identity, cloud, next-gen SIM, et cetera, we have global integrated campaigns. We're running cloud is an amazing example of one of the campaigns that we've been -- that we're currently running and that we've been running. So we really think about marketing as the air in the ground. We need to own the air, so we need to own shaping the market, shaping the market around our point of view, building awareness, not just with our own installed base to expand, but also with new logos. We see that as a land opportunity, not just an expand opportunity. So how do we run these large-scale awareness campaigns? PR, social, digital, our thought leadership. Our threat intelligence is a big source of interest at the top of the funnel to drive thought leadership and awareness and then really hook people into our platform story. So utilizing all of those at our disposal, specifically around cloud. And then how do we connect it to the ground, really, how do we help the sales team, and our partners really get that message out to the market. We ran a series of events last quarter. One of the things that we ran was the Cloud Threat Summit, which was a virtual summit that we ran. Around the globe, we had over 12,500 people join in both, prospects and existing customers. They want to hear the message. They want to understand how do they consolidate on CrowdStrike, and we didn't just stop there. Now we're running at 20-plus global roadshow around cloud, so we can bring our message out with partners out to the market. So those are just some of the examples of what we're running.

So last question for you. One of the things that you've also done since coming on board was drive platform expansion, but it's also been creating through one of the ways that you've done it is through creating these executive relationships. And one of the things that you and I talk about is having this opportunity to create these moments that people remember CrowdStrike that they just cannot get from anyone else. Can you share a little bit about that because, I mean, the feedback that we've had, you launched the Falcon One program this week, which has been huge success. Spend a little bit of time and just talk through that.

So we talk a lot about we don't create events, we create experiences. And it's really important, right, as we're thinking about how do we go and build deeper, broader relationships with our accounts at all levels, not just the CISO, but the CIO and the broader C-suite, building those deep executive relationships and having forums for them to be able to come and get educated and build a community and learn from each other in a safe setting is really important. So as you mentioned, one of the things that we've done at Falcon this year is we had our Falcon One Executive Summit yesterday. We had about 150 CISOs in the room from our enterprise larger accounts down to our mid-market accounts, talking about the future of cybersecurity, not just talking about our technology, but bringing in outside speakers. We had the NACD here talking about the new SEC breach disclosure mandate. So we really want to provide these forums where people can come together and not just do it once a year here at Falcon, but really how do we bring it out on the road and make it a more sustainable program. I think also what we're doing with racing is really important. I mean obviously, Formula One and our sponsorship with Mercedes is a big part of our brand, but it's more than just the logo on a shirt or the logo on a car, right? And you obviously do this all the time as we go to all of the Grand [indiscernible] and we actually do activations there, where we're bringing CXOs together. They have this amazing experience that they get to experience the race in a way that they probably wouldn't normally be able to. But they're also coming together and I know you run a lot of the CXO Summits, where again, it's a kind of a safe confidential place to talk through with their peers, what are the challenges that they're experiencing, how do we solve them, how do we solve them together as a partner? And by the end, everyone is exchanging contact information with each other, they're exchanging it with us. And we're really creating -- we're creating a family in a way, right? And so we're creating a community. So those are just some of the examples of the things that we're doing.

JJ, awesome, thank you. I'm going to let you get back to this incredible event. I appreciate your time here.

Thank you, everybody. Thank you.

I think a lot of great questions in this next session as well. We're going to keep it coming, thick and fast, a man who has been incredibly busy since joining CrowdStrike, Raj Rajamani. Come on down, Chief Product Officer of CrowdStrike. So you've been with us a few quarters. Many of these people will know you from previous conversations that they've had. But I do want to get straight into the last quarter. We did an incredible amount on LogScale, Identity and Cloud as well as automation. I'll get to other technologies. Since coming on board, I mean, look, give us what's excited you? What's been some of the things, the feedback that you've had, an eye opener you've had since coming on board?

I think I have the best job at CrowdStrike, because I'm the only one with a time machine key, right? I live both, in the present and the future, because we're building the future. And I cannot wait to be in the future, because there are so many interesting, great things that we are building. Sadly, I have -- actually, I should say, fortunately, I'm blessed with 2 young kids, and I don't want time to move too fast. So it's a little bit of a paradoxical thing. I want time to move faster. At the same time, I wanted to move slowly. In terms of what's really been working for us, Mike, I think the couple of small adjustments and tweaks that we made at the beginning of the year with cloud has helped tremendously. The big change that I think we kind of hit the nail on the head, that was moving away from slew of packages and SKUs for cloud to a single SKU. Every CrowdStrike customer just has to buy one SKU, which is Falcon Cloud Security, and they get the full spectrum of cloud security protection. They can do shift-left capabilities or engage in shiftless with our admissions controller, our image scanning capabilities. They have the best in the world, runtime protection for contained rising virtualized environments. And we also have the agentless capabilities of CSPM and CIEM. More importantly, we also made a small change in the way the product strategy brought everything together. We started focusing on actually bringing together on-prem and the cloud. Most adversaries do not actually think about, hey, let's just go target the cloud. They are actually getting in through the path of least resistance, which is frequently an e-mail that someone clicks and provides a credential with the compromised credential. And I think most of you saw, George mentioned that over 80% of attacks actually use a stolen or a loss credential. So they use the stolen credential to get into your organization, and from inside the on-prem, they move into the cloud. And we've been able to bridge that entire gap with the same technology with a single platform. And I think that's resonating. That's one of the reasons why cloud's really taken off. And talking about credentials, I definitely had to talk about identity threat protection as well, right? It's been our fastest -- one of our fastest-growing modules. And the reason behind its success is that it actually identifies weaknesses and exposures in your active directory, and it also prevents online attacks, any time there's an adversary with hands on keyboard activity by doing live traffic inspection. There are very few other products that actually do it. There are even fewer that bring in the telemetry from the cloud, from the identity, from your on-premise straight into to the same XDR platform. And XDR is really coming into its own, especially with the Raptor release. We are so excited about it because it's actually a single data plane for all our modules as well as third-party data. You bring in the data, we provide a really world-class collaborative experience. It's almost like editing a Google docs. So if you have a complex incident or a scenario that multiple analysts are triaging or analyzing, they can actually collaborate. They can see the edits of the other analysts, their notes, their annotations, and sometimes they are just chasing a certain path of reasoning. And they can actually see all of that in one single place without having to refresh the screen over and over again. I think it's going to be a game changer when it comes to reducing or making all these analysts far more productive. So the whole theme for us also has been around making our analysts more productive with fewer or lesser resources. And that's where Charlotte also kind of enough comes in. Charlotte is more than -- I was super excited with watching George do the demo yesterday, but it has a lot more than just being able to answer questions, right? Charlotte is what stitches together the related incidents from our own sources as well as third-party sources into the incidents, which then makes it much easier for analysts to work off. It access our central nervous system, building connections across all the different modules. And I think George also alluded to this when he said Charlotte will actually start writing code for you. It will start building UI for you. It will start creating workflows for you through foundry. So Charlotte is going to be this interface that actually brings everything together. And I think this is going to be a platform like no other, perhaps because the technology and things have advanced to a point where it is possible now for us to create something like this. So super excited about what we are building. I just cannot wait to be in the future.

So whilst you've been so busy working on the existing platform, and some of the road map items that we've been talking about for a while, we worked together with the wider team on the acquisition of Bionic. So you are part of the due diligence, you had to look at the tech. We've looked at other players in this particular space. Talk a little bit about what you think of the technology, the technology advances, the differentiation. A lot of people obviously talked about ASPN, but I think there's something unique about what we can do together with Bionic. So great to hear your perspective.

So I'll start with the technology and then I'll shift to the types of problems that can actually solve for our customers. The technology is exciting because it's just one of those most complex things that you can even dream of trying to solve. And what the Bionic team has done is without access to any source code by just reading the [ bike ] code or the object code of the applications, they just figure out and map what all the application does, what are the other services that it invokes. What are the types of data it touches and is it reading data? Is it writing data? If there are certain vulnerable libraries being imported, are they actually getting loaded in memory and so on and so forth? So the type of work that they've done is very unique, and I don't think any other ASPM has taken this type of approach. Arguably, it's also a very big challenge, and they probably kind of tried it out and maybe they got lucky, I suppose they also worked really hard in making it really -- work really well. But when I talk to customers, our customers even our own internal IT team, Mike, what I find is that most IT organizations do not even know how many applications they have. There is just so much complexity, especially when someone has acquisitive assets, we are bringing in more companies, there are legacy applications, written years and years ago, some of them may be running at a small server [indiscernible] somewhere. We don't even know how many applications we have. And let's say you get past that point, then the question becomes, hey, are these applications vulnerable? And CSPM has become just this commodity. Everyone is using a CSPM to essentially get a bunch of alerts. But these alerts do not have the contextual information. For instance, if an application is not loading a library that has a vulnerability, maybe you don't need to go and fix that application in a hurry, right? Those are the types of prioritizations that Bionic can help us with. They have already integrated with most of the leading CSPMs, including our own CSPM and are actually acting as a final filter for most of the organizations that are cloud Bionic customers today. So my hope here is that we'll be able to take it into every CSPM shop and help them reduce 80% of the alerts by giving them that application-level visibility. But the goodness doesn't just stop there, right? Because of the way they do the application fingerprinting or analysis, they can also generate highly accurate SBOM, which actually tied to the supply chain attacks that we are very worried about. And I think in some industries, generating SBOM is a big challenge. So now we can generate accurate SBOM. And one other really small thing, but customers have been asking us for which we had in the road map, which we can escape now, is a support for serverless functions, right? Lambda functions, Azure functions and so on, which Bionic had already built. So I'm so glad that we already have it instead of waiting for another 3 months to go build it ourselves. So we'll get it integrated into the platform, but there's a lot of goodness and my main hope and goal here will be to actually take Bionic, make it the final filter for every CSPM regardless of who it is that customers are using. CSPM is a commodity. I think what customers are really looking to do is stopping the breaches and reducing the amount of time you're spending on unnecessary irrelevant alerts will help them focus on things that really matter.

Well, I pulled your away from customer meetings. I'm going to let you get back to it, because I want you to get back to customer meetings, and I'm going to swap you with another speaker. Thank you, Raj. I appreciate it. All right. final guests before I jump off the stage. Daniel Bernard, Chief Business Officer here at CrowdStrike. Put your hands together for DB. Another person who we brought into CrowdStrike and put to work, day one. So I wouldn't have it any other way. I talked a lot about the SMB opportunity. You have been the man spearheading a lot of that work. So could you talk specifically about the SMB opportunity and what you see in the market and the opportunity for CrowdStrike specifically?

Sure. Thanks, Mike. Let's start and first talk about the SMB market, and then we'll come back to CrowdStrike and talk a little bit about our technology. I think if you look at SMB security today, it really looks a lot like it looked 10 or 15 years ago. Most small and medium businesses are using some form of Legacy AV technology. That doesn't stop the breach. And I think if you go down to the SMB space, and I'm talking about organizations 500 and below, 300 and below. Their reality is ransomware. Their reality is 1 out of 4 businesses being hit by a cyberattack. Their reality is it might have been them or their friends, they know people like it's so topical. You open the newspaper, you read it about an attack. So I think this is a market that's really ripe for better. So many technologies in that market are just for that market. No enterprise would ever deploy those technologies. So I kind of -- I talk about it in the form of kind of like a medical analogy, like why would you prescribe -- if somebody has an illness, everybody deserves access to the right cure. And that's what we have at CrowdStrike. They just need the right dose of the medication. So that's the opportunity that we have with products like Go and Pro that Mike walked us through before. But the underlying technology moving from signatures to AI, that's the transformation that we're going to bring to this market and that we're in the very early innings of.

So a couple of things just to drill into. Obviously, we talked in my session and George's session. We've talked a lot about the great success that we've had in every market that we've gone into. But specifically to SMB, why do you think we've got the right strategy to win in this space as well? Huge opportunity, obviously.

Let's talk about the technology, and then I'll hit some other factors in the market. What does an SMB need? They need the ability to deploy the technology fast, easily and have rapid time to value. And nobody in the market can deliver that like CrowdStrike. Back to the gold plated architecture that George talked about, having the ability for the install process to be quick, seamless, not clunky, no reboots, no configuration and then have a product that starts working that shares the analytics and tells you what it does. And I think there's so much potential for us to even take what's there today and grow it further with the capabilities of Charlotte AI and really transform how cybersecurity is done in the small, medium business in a much more user-friendly intuitive way. So the bedrock, the foundation, the technology elements that are so hard to build, that are so hard to copy are here on our platform natively. And we've demonstrated that so well in other areas of the market. The second is who is CrowdStrike. Like you go to a small medium business, and some of you in the audience have already done some preliminary research. We read what you guys write. You've done the research, and it indicates that Small and medium businesses know our brand. They know CrowdStrike. Who's CrowdStrike? We stop breaches. That's what they want, simple. There's a lot of companies in cybersecurity, they're saying a lot of different things. It's crisp, and it tells them what the outcome of the technology is. So whether they've been on satellite radio, whether they've read the news and heard that we stopped a breach for a large organization, there's a trust factor here that we have that all these other no-name companies that serve the SMB don't have. What do you want? Do you want to know no-name company? Or do you want to -- I want CrowdStrike. Why? It stops breaches. I know that, I trust it. I've heard of this guy, George Kurtz before. So we're very uniquely positioned in the market, and it's something you can't replicate. And I think the combination of having the right technology and the right architecture, coupled with the ability to drive some serious partnerships and have a brand and have that trust factor, really sets us up to go win in this market.

So since you came on board, great success in this space. We've announced -- you have announced a lot of partnerships. Can you talk a little bit about the go-to-market that you've been building? Can you talk about some of those announcements, the focus that you have building our capability in this space?

Sure. What's really exciting about this market is, Mike mentioned earlier, estimates of $50 million or more of these businesses. And underneath each of these businesses, there's a couple of people to 20, 30 people. There's a lot of end points here. The opportunity and the challenge is finding these businesses and meeting them where they are. The way to enter this market and serious mass isn't through going out and hiring a bunch more CrowdStrikers. That's not the way we're going to do it. It's a heavily partner-leveraged motion. So categorically, we start to look at this market and determine where are the pools, where are the opportunities to engage with these customers? And one of them that we're going to talk a little bit more about later is the MSP market and broadline MSP and then narrowing it down MSSP, the difference in that S is security. Some have figured out the security thing and others haven't yet. But going there and activating that channel in a very serious way, because so many of these small businesses, they don't have IT staff. They need somebody to do it for them. And so activating that on a global scale, very important. Of course, we have our website. We sell on crowdstrike.com. CrowdStrike is one of the only companies in the space where you can actually go to the website and within a couple of clicks, it's actually like 2 clicks, have the technology and deploy it yourself. It's that easy. In addition, there's other partnerships that we're working on, brought on somebody to lead specific BD for SMB, where we can bundle and we're working on bundling ourselves to other software providers that -- and hardware providers that SMB is consumed from, so we can meet these customers where they are and make the purchase process really frictionless.

Amazing. We could talk for a while, but you have your own guest that you're going to bring up. I hope you enjoyed those sessions with JJ, Raj and DB. You obviously speak a lot to George, Burt and myself. The goal was to show you some of the team that is working on marketing, that's working on product, that's driving a lot of these great go-to-market opportunities. So DB, appreciate it. I'm going to leave you with these good people. And you can invite your guests. Thank you.

Thanks, Mike. Today, as we talk a lot about the power of the crowd at CrowdStrike. And I think if you're here at the show and have walked around and talked to our customers, our partners, it's really evident that cybersecurities ecosystem is here. Somebody told me yesterday that I really love coming to Falcon because it's like the woodstock of cybersecurity. So it's just pretty cool to see our partners talking to one another, creating integrations with -- between themselves, our customers being involved in that dialogue and the whole ecosystem factor here. So the next section of our time today is really going to shine a spotlight on that ecosystem and highlight some of the transformational work we're doing with different partner types. And rather than have them all up here at once on a panel, we're going to break it up. So first, I'd like to invite Mona Chadha to the stage. And while she's walking up, Mona is the Director of Category Management at Marketplace. Some fun facts about Mona. She's been at AWS for a little more than 10 years, and her arrival coincides with -- and thanks for coming up, Mona. Pleasure to see you.

Yes. Thank you, everyone.

Her arrival coincides with the creation of the Marketplace, the AWS Marketplace, something that I think everybody in the room knows a lot about. So it's really a pleasure to have Mona here with us, and congratulations again on winning our Partner of the Year Award.

Yes. Well, thank you. So excited to be here, and thanks again for the award and also the partnership. It's been on this rocket ship and it's just going to continue to build and build. So really excited about it.

Perfect. Well, that's exactly what I want to dig into. So the AWS Marketplace, it's transformed how enterprises, medium-sized businesses consume software. Can you talk about that transformation? And then loop it back to CrowdStrike and what you've seen our journey on the marketplace to be.

Yes. No, that's really -- so what we've seen with AWS Marketplace is that, first of all, for those of you who may not be aware, Marketplace is really our digital procurement software store, as well as data and professional services. And today, we have thousands of ISVs that are across different -- like 70 different categories. So not only security, but networking, storage, database, AI, and now CloudOps, DevOps, so we have a variety of different ISVs that actually list their solutions in the Marketplace. And really, what we found is that, everything that we do at AWS is rooted in end customers and what they want. A lot of them wanted to see choice and selection in the Marketplace. And as a result, we've evolved it to having, like I said, thousands of ISV solutions. We have 300,000 plus active subscribers transacting millions of transactions. And as a result, it's really resulted in billions of dollars transacting through the marketplace. So again, that's all about the customers wanting to evolve the way that they procure software in a more -- in a faster and actually more -- in a more select way. So -- and all through AWS. There's benefits that customers get not only about getting the consolidated procurement of software, but also what they're getting is consolidated procurement of their AWS services, all in one bell. So when you see that, it's just truly helps end customers, whether it's an enterprise or a small to medium-sized customer, really manage their IT spend and their overall software spend. So it truly has been a sort of a revolutionary sort of approach to software procurement. And so where CrowdStrike comes in is that, we've been -- you've been such a great partner in that one of the key things that I've been a huge proponent of and really, in general, AWS is a proponent of, is just test and pilot. And CrowdStrike has been such a huge supporter in how we develop some of our road map and our capabilities. So one of the key areas that we find a lot of enterprise customers want to see more of is things called private offers. What that is, is basically customized terms and conditions where as an ISV, you maintain that engagement, but then you leverage the marketplace for that acceleration of opportunities. And so early on, as CrowdStrike has been an early adopter of AWS Marketplace, you started talking to us a lot about the way that your customers want to go to market. And it was the channel. And we didn't actually have that incorporated when we first started. It was all a direct engagement with through the Marketplace. So buying software, subscribing to software and working direct. But what we found is that we need to get that channel partner motion integrated with the Marketplace. And so CrowdStrike helped us really figure out what does that motion look like? How do we develop private offers for consulting partners? As a result, when we developed channel partner private offers and CrowdStrike is one of our largest ISVs that's leveraging channel partner private offers for our end customers. So I think just that innovation that we've been working on together has really helped accelerate, right, business for our end customers, our joint end customers. So it's just been -- I think that, that continues to evolve. We're figuring out other areas in which we can also further develop around service providers, how do we accelerate that business together. And then we're continuing to innovate from a road map perspective. Taking feedback from not only our ISVs such as you, but also end customers as well, and just making the marketplace more robust and really accelerating procurement.

Mona, I think you bring up a couple of really interesting points there and one that I want to highlight specifically that you said is Marketplace emerges, it is very disruptive route for customers to buy software, but it had a lot of the people out there. Our partners upset because they thought they were getting completely removed from the transaction process and they have these relationships with the customers. And the transformation that we've seen over the past couple of years, and it's really accelerated in the last year or 2 around -- you go talk to all those channel partners, they're buying it from the AWS Marketplace. So together, aligning the supply chain to benefit the customer, faster deal cycles, I mean, we were just sitting backstage, talking about a deal that you referred in to us yesterday that closed today, it's not a bigger deal. I mean, that's the kind of velocity we're talking about. It's so exciting. What are some things that you've seen us do, and before you're talking about things you've done. What are some things you've seen us do that differentiates us from the other 3,000-plus ISVs on the marketplace that have created us as the reason why -- that have created us as the reason, we got the Partner of the Year Award from you this year, 2 out of all 3,000-plus.

Yes. Well, I will say that everything that we do, again, is all rooted in the customer. And a thing that we share in that -- it really is our top partners and ones that we really lean in on with like CrowdStrike is our shared vision for customer obsession. That's key. You have that shared vision with us. And we always are working backwards from the customer together. So I see that as a way. The other thing that I think what sets CrowdStrike apart as well is really the product. Let's be real. Everything really comes with the product. And so everything kind of starts there. When we talk about what customers want, when they want a 0 trust type of solution, we have also AWS services and security, we have all these other partners that are in the marketplace that have security solutions, but the holistic view that CrowdStrike provides from a product perspective, that is the key. And so I think the product -- how you're evolving and continuing to innovate and listening to your customers is really key. The other thing that you're doing really well is that and what's setting you apart is the integrations that you have with AWS services, right? I mean, it's not only -- you've also integrated with our security services such as guard duty, security hub, et cetera, but you also are integrating to things around AI, right? We had some announcements early on. Bedrock, one of our services, one of our AI ML services that we recently launched. So we have over 20-plus integrations, right? CrowdStrike has integrated 20-plus API integrations with us. So I think that's a key part of evolving our partnership. And it ultimately results in creating better solutions for our end customers. So I think that's been really key. And then the other area is marketplace, right? I mean, you have definitely a marketplace -- I'd say CrowdStrike has been an early adopter. So I've been with AWS for 10-plus years, and I've been working with CrowdStrike that long to really help sort of figure out how do we sort of streamline businesses for our end customers. So I think the go-to-market motions that you're leaning in with us, that really does set you apart. That and also not being afraid to disrupt yourself. So let's be real. What ended up happening was that we had a business that was -- it's continuing to skyrocket that was going really well. But CrowdStrike came in and said, well, but we got to add channel partners in here. So while our business is going like this, we got to kind of figure things out.

We can do more.

Yes, we could do more. Completely dismantled. I mean, I will say change, okay, we're going to change the direction of what we're doing with private offers. We're going to go with channel partners. And it was like, wait, how are we going to do that? Completely we architected that and you got that through. So I think also your ability to be like, hey, we're not afraid to hit pause and sort of figure out how we can actually go even faster. So I think all those areas have really sort of differentiated you from some of the other security partners that we have today.

People matters and team alignment is super important. What's the change you've seen us make people side to really make this thing work at a global scale.

Yes. So the resourcing that you have available. So one thing that you'll see with the partnership that we have with CrowdStrike is that it's global. It really is global. So the amount of resourcing, the amount of not just resourcing from an engineering integration perspective, but also resourcing from a like a sales alignment perspective. So in the marketplace, our field teams are comped and quoted on AWS Marketplace and transactions that go through the Marketplace. But you've done something commensurate on your side as well. And so that's really helped get that alignment, that sales alignment in the field and globally. The other thing that you've done is, I think, to really been a champion of AWS Marketplace with your channel partners. And so that has also helped us really scale with channel partners because they're like, wow, there's a trusted -- their trusted vendor, right, in CrowdStrike is saying, hey, you need to go through AWS, AWS Marketplace. So that's been just a tremendous value to both of us. So I think all of the changes that you've made in that direction have really helped. And then obviously, on the cool technology, I mean, come on, at the end of the day, this is really about solving end customer challenges. And today, all the announcements that you made tremendous, and I think that's really helped us to really help us solve end customer challenges, especially when it comes to cybersecurity.

We're -- look, we're a super committed partner with AWS. We see the value. We see the acceleration. It's so powerful having the global AWS team amplify our message of cloud security. And one of the big changes we made on our side that you're referring to is every member of our alliances partner team is AWS certified. This isn't a -- it's your job over there. That's everyone's job right here. We're all selling to get to the marketplace all the time.

The cloud partitioners, so we have a program and your team is set up to be cloud practitioners. And I will say, it's literally a classroom setting almost like this, right, where everyone gets in a room and there's a lot of enablement happening. So that has been tremendous to really get the word out. And ultimately, it is to help end customers build their business and make sure that they have all the solutions they need to be secure. So it's been really great.

Well, thank you so much for joining me here today. Thanks, Mona.

Thank you so much and really appreciate. Bye-bye. Thank you.

Appreciate your time. Thanks. So look, key takeaways here: Disruptive go-to-market route, we've unified the entire ecosystem around the AWS Marketplace, major deal velocity creator, major demand generator creator and something where we've been able to really change the game and do things very different from other ISVs in our space. As we reset the stage, we're going to go to a very different partner type next that serves a different part of the market. And I kind of like marketplaces today. So this next partner that's coming up is Pax8, a name that hopefully you've all been hearing a little bit about. They're creating a lot of disruption in the SMB market. And I'd like to invite on to the stage, Scott Chasin, CTO, and he actually worked with George back at McAfee in the day. And Nick Heddy, the Chief Commercial Officer. It's a pleasure to have you guys with us here today. Look forward to it. Great. Thanks guys for making the trip, and we're super excited about the partnership we announced a couple of months ago. I want to bring everybody into the front -- to get a front row seat of what's going on in SMB today and really understand who is Pax8 and what do you guys do? Because I think maybe for some of the people in the audience, it's a new name.

Yes, a quick show of hands. Who heard of -- has heard of Pax8 before George mentioned us a couple of months ago? Okay. Pax8 is a cloud commerce marketplace. Okay, explain further. Everyone has a marketplace now. We've carved out a nice niche for ourselves, and that is SMB, which is one of the biggest TAMs, which is underserved. And we do so through managed service providers and managed security service providers, so MSPs and MSSPs. We are now the world's largest MSP marketplace, which means that we have 30,000 managed service providers around the globe in 46 countries. They are serving 500,000 customers, and that equates to north of 10 million users. So we make it easy to procure, to aggregate billing into the systems that they are using today. And we recently just added a start to the team, Scott Chasin.

Maybe talk to us a little bit about specifically the cybersecurity opportunity, Scott. I mean you guys bring a wide variety of technologies to these SMBs. What's so unique about security? Why now? Why is it one of your fastest categories?

I mean, SMB is needed. And a lot of them have traditionally just rolled the dice when it comes to cyber. But there's so many elements that go into why they needed data protection, massive. They hold very sensitive records on their customers. IP protection, financial loss, SMBs, they can't absorb a breach, right? I mean, it's a business disruption issue. Employee productivity, supply chain, a lot of the small businesses that we know are being attacked so that the attackers can get access to the larger enterprises, right? So supply chain security is obviously very top of mind for them as well. Customer confidence, they've got to assure their customers that they have the right security posture and the list goes on and on. So to your point earlier, we're still dealing with a ton of legacy, specifically an endpoint or the old school AV that we all know. There is a massive opportunity to convert into really start to manage the life cycle of the customer as they grow and as their digital footprint grows so does there tax surface area.

I would also add, SMB is a little bit of a laggard. So I love coming to these shows and saying what's happening very cutting edge. And I know that some of these things are going to be hitting SMB land in 3 to 5 years. So it's exciting to be ahead of the curve. But I think for the first time, SMBs are waking up and realizing their targets. Especially managed service providers who are aggregating 50, 100 SMB customers. So they look like a mid-market enterprise customer when you aggregate them all together. And so they are being targeted and they are waking up and leaning more into security. So now is the time.

MSPs have existed for some time. Why do you think that they're flocking to Pax8? What's this transformation that you've created in your market?

Yes. I think it's pretty simple. We've been disruptive for our first 5 years. And for the last 5 years, we have really built a community of enablement. And this is spending the time to understand their business. You mentioned it assessing where someone is meeting them where they're at and then helping them define and take that next unique step for them. And so we're doing this at a pretty large scale, 30,000 MSPs at a time, and so it requires a lot of automation, a lot of ways that we're efficiently assessing where partners are in that unique next step.

So let's shift gears a little bit and talk about CrowdStrike and what you see in our technology and what the opportunity is that we're going and pursuing together with these MSPs to really serve this mass SMB market.

Yes. I would say, one of the unique attributes for Pax8 is really, we're in the business of understanding customer life cycles, understanding the life cycle of all of these SMBs. And when you look at the platform that we heard about this morning, that's very attractive because as we leverage data and the insights the data services, we know what's the next module. And so for us, it's that next logical opportunity that we can then provide in front of our managed service providers, allowing them to then sell that into their client base. So I would say it's the platform. And it's the opportunity that we have to grow the SMB security posture with their life cycle.

Yes. The go-to-market for SMB needs to be simple. And they know that -- they've seen George on Mad Money, and they've heard them on the radio. And CrowdStrike stops the breach. How did this partnership come together? Our partners are asking for it. And it has not been easily consumable for a 5 or a 10 or a 20-person company because it's challenging to aggregate it. So Pax8 is excited to take an enterprise product that partners are asking for by name and make it consumable and deliver it to the SMB market.

Yes. I mean, that's it. I mean, it's got to be frictionless. And that's what our partnership represents as well. We've also got that plumbing that was mentioned earlier. And so it's about that instant provisioning. It's about being able to -- with a lot of volume rollout Falcon to these 30,000 MSPs and then ultimately to the hundreds of thousands of end SMB customers, and doing so in a very seamless way.

Yes. I think one of the other pieces that was exciting from George's keynote yesterday is talking about all the insights. It takes somebody 8 hours now, it takes 8 minutes. Those insights suggest the next logical product for the 500,000 customers that we have. And so once you get CrowdStrike in at a customer level, the Pax8 platform is suggesting to the partners and the customers what that next module is that they need to unlock on a customer-by-customer basis. And so our platform is the SMB go-to-market as a service and opening up a new segment in a real way.

Perfect. Well, thank you so much, guys, for the time here today. Pleasure having you here with us at CrowdStrike. Perfect. Key takeaways here on Pax8: Amazing access to the SMB market. These guys have built a go-to-market machine in the SMB and it's a pleasure to work with them and do so at an automation and scale level like never before. Next, I'd like to invite Patrick Dennis to the stage, different kind of partner type altogether, ExtraHop at 1 of our ISV partners, that's part of our XDR Alliance, has been a long-time strategic partner of CrowdStrike. Patrick, thank you so much for your time today. Welcome. Good to see you.

Yes. Great show going on here.

Yes, great show. And thanks again for your sponsorship. Maybe as we get started, why don't you introduce ExtraHop to the crowd literally. And let's dig a little bit about what you do, and then we'll talk about some of your integrations with CrowdStrike.

That sounds great. So for those of you who may not be familiar, ExtraHop helps with network observability and visibility. We've been working with you a long time. And one of the things that jumped to the forefront is I think one of the few relationships where we have had extra hot customers, we've introduced crowd to that have picked up crowd. Crowds introduced us to the customers. They've picked up ExtraHop. And I think it really just speaks to the necessity to marry up endpoint data with network data. So when we take all the great products that CrowdStrike has to offer, we integrate it deeply with what we're doing in the network. You just get an amazing customer outcome. And I mean, think about some of the customers we share largest insurance companies in the world, big financial services firm. So obviously, is a really big need, and I think the 2 of us have help take friction out of that relationship.

Totally a lot of companies talk about tech integrations. So lot of talk about that. What do you think has made this relationship transcend from a technology integration to a real go-to-market force?

Yes. So let's talk about the integrations and watch and layers. So earlier this week, we announced our commitment to marketplace; Check, right? The first and most meaningful integration that our customers got benefit from is an integration between ExtraHop and Falcon, where you can actually use ExtraHop to go look for a threating [ contain ] right in Falcon. I was talking to a customer this morning and showed him literally 4 clicks to light the integration up between the 2 products. So cloud-to-cloud, deep integration. Also this week we announced that the threat intelligence platform from CrowdStrike will be in ExtraHop in Q1 for both our on-premise and our cloud customers. So we've really aligned on the threat intelligence platform, and that brings the same context to our customers. And then there's our last announcement, we're doing that now.

Go for it.

All right. The big news, if we're really trying to light up this third-party XDR platform, and I think we're both passionate about that, you get a bunch of network information, and we have to go put that network information someplace. We've made a commitment, the 2 of us, that we're going to migrate that back-end intelligence platform for network security information to LogScale. And to put that in perspective for everybody, we're moving well in excess of 10 petabytes a month on our way to 20 petabytes a month of metadata into the platform. I think it's an amazing proof point for you folks. I think it's going to be an amazing way to match up XDR data, which is exactly where our customers have been asking about for at this show.

Perfect. I mean, what's so exciting about this partnership is, there's customer demand for the technology that we have together. We've made integration so easy, but it goes well beyond that. To them, utilizing our threat intelligence and bringing that to their customers, as well as really making log scale, the backbone of their infrastructure and leaving a legacy SIEM product doing it.

100%. And let's put that in perspective, right? This is financial audience, I'm running a business that's on its way to $200 million of ARR. It's growing really quickly. It's not an inconsequential business. We do service the same enterprise customers. We're going to put LogScale as a real centerpiece to the solution. I think it's going to bring all the XDR benefits we've heard at the show. And not to go too far out, you could picture how you can really enrich AI ML services, large language models when we have a really well curated set of information for our customers.

Sure. And I think this kind of really amplifies the power of an ecosystem when you have third-party ISVs really seeing CrowdStrike is the platform of choice. What was it? I mean there's other vendors out there in the market. What is it about CrowdStrike that make you decide that we're the horse you want to bet on?

Well, you and I love this part, like, we love going fast. We are incredibly customer-centric, and we want to have an outsized impact. And so when I think about the partners that want those same things like that's your DNA, it really makes it easy for the teams to work together. And honestly, I think that shows through to our customers. I think that's why so many customers prefer using our 2 products together. And hey, that's the real reason why like -- it all comes down to people. We love working with you.

It's great to hear. This isn't a partnership just in the U.S., it's really global. What do you think is created? And how have you succeeded in having this global alignment with CrowdStrike?

So one of the things that's maybe a little interesting about our relationship specifically since we service many large multinational corporations, like we really did need to build knitting together around the world so that we can do a great job servicing a customer that's maybe based in Europe but has a giant U.S. presence, right? I'm thinking of that one insurance company or some of our financial services companies based here that have big global footprints. We've made the commitment with you to have tightly integrated alliance teams. That's always a big deal. But what I think is really like the new change, remember like our engineering teams were just working together on the LogScale project a week ago. Those are the kind of bonds that get built. So problems don't just have to get fixed between you and I or solutions that get created here. They get created in the fabric of the organization. I'm super excited about that. And that's the part that will power scale.

Sure. Maybe coming around to some of the unique aspects of the CrowdStrike platform, our threat intelligence. There's no short -- there's plenty of threat intelligence out there. What made CrowdStrike the one that your team really got excited about in making this decision to have that be something that you bring to every one of your customers?

So I know I want me to answer this question because he knows we evaluated them all. In fairness, we did. And in earnest, we did. And, listen, this one was the best. It was the best for us. It was the best voted by our customers. And we believe very much in the strength-to-strength thing. We want to work with real leaders. We went -- we did -- we ran all the traps. We made an informed decision, and we picked this.

And shifting to the second aspect of the partnership back on the product side, the move away from legacy SIEM. I mean there's a lot of talk. You heard George's comments earlier in terms of the opportunity that SIEM transformation represents moving to a next-gen SIEM. Can you talk a little bit about that process? Maybe what were some of the pitfalls of legacy SIEM and how we can do it better, faster and more effectively?

Yes. I think if you look at security technology, you think about the last section, we were just talking about AV, still having a long tail, maybe an SMB, right? One of the things that's been interesting about the history of security tech is sooner or later, something leapfrogs, like, the best example of that going, right? And it's that time in SIEM. And so I think when I talk to our customers, there's some dissatisfaction with SIEM as it exists today. George just spot on, and I see the same thing. There is a giant pile of money spent on something that people are nearly universally dissatisfied with. And I think we can do it better. So if we work together, there's a portion of that market that is absolutely yours and you have a right to win. There's a portion of that market where I have a right to win, and we're both going to make it better than it is today. If I were a customer, I would want the friction out. I met with the giant communications company today, and we've had this talk a little prematurely, but they wanted to understand where we're going. We spend our time on this subject. They're super excited about the ability to get a platform together, get the XDR benefits, get the old SIEM cost out. It's just the right time. We talked about the moments. There's a moment. And I think there's a moment right now in SIEM where we can display some spend.

Excellent. Well, it's definitely the moment where our partnership is going to the next level. It's great that there's business going in your direction, business going our direction, technology integration, really powerful partnership. Thank you, Patrick, for the time today. I appreciate having you here.

Good to see you. Thank you.

Folks, key takeaways for our session with ExtraHop is: You have a vendor that's doing innovative things at the network layer integrating seamlessly into CrowdStrike, creating end-to-end workflows, leveraging our APIs, not only is there integration, there's full on go-to-market effort globally where we're sending business to them, they're sending business to us. So we're both winning. Threat intel OEM, moving their back end to LogScale. I mean, it's sort of like partnership Nirvana of what you want in a long-term sticky partnership. We make the customer outcome better. We grow each other's businesses, and we all win. And I think that's really emblematic of the partnership practice that we have here at CrowdStrike, the power of the crowd, coming together, helping produce the best outcomes. And it's why there's over 75 vendors downstairs that want to be here. They made the choice to be here. They want to be part of the movement we're creating in security. So really the pleasure is being with everybody we covered. We covered marketplace of the future with AWS and how the software supply chain is changing and how CrowdStrike was an early adopter, and we continue to innovate and have a best-in-class security partnership and go-to-market with AWS. We talked about how we're leveraging partnerships to access the SMB, doing so in a highly velocity and optimized fashion with Pax8. And we ended with an ISV where a lot of people in technology talk about integrations but we actually have gone well beyond integration to real go-to-market, deep integration, leveraging -- they're leveraging our technology and really building on the Falcon platform. So it's been a pleasure spending this time with everybody. I hope this session brought what we're talking about, the power of the crowd to life, really excited about where we're taking things here. Thank you.

Please welcome to the stage, Chief Financial Officer, Burt Podbere.

All right. Thanks, everybody. I hope you've enjoyed the day so far. I know we've thrown a lot at you. But for me, it's how does it all translate into the financial opportunity. So I'm going to walk you through that. I'll walk you through some of my thoughts. Some of the things you've seen before, but I might have a little extra to share with you in terms of how I think about it. This is a biggie, right? So how are we going to get to $10 billion? George, Mike have talked about it. I'm going to talk about it as well. It really comes down to the solutions to start with. I think there are many ways to look at how you get to $10 billion. The solutions Mike went through in quite amount of detail so to George, how it all fits together. Then we're going to look at segment or new logos as well as expansion. I think we have a lot of headway in both of those, right? So much though that today, we pay all our sales reps the same on a deal for a new logo as we do for an [ upsell ]expansion. Geographies, I think we have a lot of room to grow in terms of where we think we can go outside of the United States. And of course, DB walked us through all our partners, and that's a big part of how we go to market and how we're going to get to the $10 billion. So let's kick it off. You've seen this slide before. I think that this is an illustrative view of how I think about getting there. These are some of the segments we called out -- some of the solutions we called out on our earnings call, from Cloud to the Identity to LogScale. The Cloud at $300 million, growing at 70%, that one doesn't include obviously the acquisition that we just did, Bionic, which George and Mike talked about. So I got excited when I think about getting to $2.5 billion to $3 billion with a market TAM of $31 billion in CY '28. Identity is a big win for us. I can't tell you how many customers have talked to me about Identity. And I'm the CFO. But they're so excited to talk about it. They say, thank you. Thank you for investing in it. It's a big win. Both Identity and LogScale, we put out there $1 billion to $1.5 billion each on $17 billion and $16 billion in terms of TAM. And I think we've got great folks, great sales folks, great product to be able to get us there. The beauty of this is, of course, you throw on the products that we came out earlier, the solutions that we came out earlier. Mike kind of went through how much more room we have to go with respect to new logos and modern end point. We have a long way to go. And for me, I get excited about thinking about adding that plus this, plus all the things that we've been talking about today and yesterday, right, from Falcon for IT. So this is a big one in my view. You heard from Gary from Liberty Mutual. He sits on that fence between IT and security, and he's extremely excited about being able to take advantage of our platform, to things like foundry. Right Foundry, we've been talking about Foundry internally for quite some time. The ability for our customers to go out and be able to build on their own different modules. And so this is part of George's big vision to be able to empower our customers, to be able to do those things that they want to do unique to them. We can only build stuff so fast. And I think we've done an incredible job at this Falcon showing you just how fast. But there are literally thousands and thousands of customers, and they all have unique use cases they want to solve. Well, this is our answer for that. And so as we go on and I think about on the product side, I think we've got just such an opportunity to be able to get there in any way. I had a dinner party last night. There were 40 customers, and there were 4 tables of 10. And the interesting thing was, when I went over to each table, they were talking about different things. One table could have been talking about some of the products that we came out in our earlier days. And then you go to another table and they'd be talking about Falcon for IT. At another table they'd be talking about Charlotte AI. It was just fascinating to see how the conversation was evolving. And then I would go back 25 minutes later to see how everybody was doing during the dinner, and it would be another topic at the table. About another one of our products or initiatives. So those were some of the things that got me really, really excited. Let's talk about new logos. You've seen the slide once or twice. When you think about it, our Estimated Logo Penetration for the Global 2000 under 30%. Hey, we're really happy where we are, but we got a long way to go. There's so much more that we can go capture. And then if you look at our SMB mid-market and our public sector, what we've penetrated is a drop in the ocean compared to what we can go after. There's so much more. We've talked a lot about the $50 million in terms of global businesses between 5 and 250. That's a big number, right? You heard from some of our partners talking about how they're trying to help us get there. You've heard from DB talking about that massive opportunity for us to go after. Hey, folks, the great news about our technology. We can sell it to the folks from 5 to 10 to Amazon. Then when you think about geography, right? Today, we're roughly around that 70%, 30% split between United States and the rest of the world. You can see the TAM for the rest of the world, greater than $100 billion that we can go after the market opportunity. And what we would like to see is for us to be able to move that 70-30 split to 50-50. And we're making those investments to help us get us there enriching the sales teams across the globe. So this is something that I think about every single day. I get requests all the time from our sales folks. Hey, what about more folks here or more folks there and what makes sense I'm going to do it. There's a great relationship that Mike and I have together in terms of how we think about scaling each region. And so I think we have a real opportunity to get to that 50-50 split. Expansion opportunity. Previously, we showed you how we thought about the white space in our platform, right? Only 2 quarters ago, we showed you that our ending ARR was $2.6 billion with a white space of just under $10 billion for a total installed base opportunity of $12.2 billion. Fast forward just 2 quarters and look at the expansion opportunity in that. We're at $2.9 billion today, just under $17 billion in Whitespace and $19.6 billion as a total opportunity. I get that not every one of our customers is going to have all our solutions. But the point of showing you those 2 slides is just how quickly we grew that Whitespace, 2 quarters. And so I get excited and pump when I see kind of that opportunity that's available to us. And let me show you how I think about it. It's not theoretical that customers go on a journey and start with 1 or 2 or 3 modules and then go up to 9, 10 or whatever the number is. This is a customer journey on a financial services firm. In 2015, they started out with 2 modules. It was under $1 million. Today, $5 million, 9 modules, 400% total ARR expansion. This is not theoretical. This is real. We have many, many examples of this. Another proof point about Whitespace. You've seen all these data before, right? It's our strong module adoption, right? 5, 6, 7 modules. You got 63%, 41%, 24% adoption rates. You've got this incredible over 80% year-over-year increase in deals involving 8 or more modules. Customers want more. They continually ask more. They continue to ask us what are we coming out with. I think today was a big day for a lot of folks. Those 4,000 customers that are out there today, they're part of this journey, and they're excited to be able to buy more from us and reduce their overall spend. DB talked about our partners. George talked about our partners. It's a big part of our ecosystem. 160-plus partners, each with 10 million-plus in CrowdStrike business. I mean, this is fantastic, right? We are a partner-first business. They provide us the breadth. We get close to a lot of them. We talk to them. We hear how we can do better. It's a relationship. And I think we've done really well with that relationship. All right. One of my favorite topics, margin dynamics. So one of the things that I do every single month since I've been at CrowdStrike is I invite my DevOps team to my monthly close. That's how important it is to me. And we spend however amount of time we need to spend on thinking about the pathways to increase gross margin. Many of you who have been following the story know that we went from -- as a private company, we went from sub-50, and you've seen the journey so far. And I'm going to walk you through some of this that I think about in terms of where we can go. So when you think about the drivers of gross margin expansion. One is the strategic upfront investments we've been making. Look, I've been telling everybody for a long time that, hey, stay with us, and we're making investments, and you're going to see the fruits. While our upfront investments include things that allow us to be -- to buy technologies that are scalable, efficient, self-operating in data transport between our compute environments, it allows us to drive down the unit costs. It allows us to allow more volume to be ingested and then for us to be able to keep our margins and improve our margins based on all the expenditures that we made earlier on. Two, economies of scale. We've gotten a lot bigger, purchasing power. And then three, which is a big one for me and for the team is continued optimization, right? It's efficient use of our compute and storage. And it's leveraging low-cost geographies. Some of this stuff is low-hanging fruit, and I'm going to walk you through it. Obviously, gross margin is 2 sides. You got top line and bottom line. So on the top line, when we talk about pricing and how we've been faring, look, we sell value. We've had consistent discounting for quite some time. It's been consistent through different market environments. So I feel really good about being able to continue to have the sales team sell our value. You've seen so many of the proof points, right? Customers want to consolidate on us. They understand the platform. It's simple, easy to use, and it works. Let's lower our TCO. And so that's been working. So I'm comfortable with where we are on the discounting. I haven't seen anything odd that's come my way. Let's get down to COGS. So this is how we think about it. Our hosting-related costs are greater than 50%, right? And this is -- as we think about where we can improve, it's there, right? There's a big pile of cost that I can look at it and go, "Okay, I know where to go and how you know how to drive that down." Here's how we're going to do it. So the good news is we've already been on that journey to drive our hosting costs down. The line that you're seeing is subscription hosting COGS by sensor hour. That's how we think about things. And we've already been doing a lot of the work to get to where we are today. For us, there are 4 specific things that I think about in terms of opportunities to drive efficiencies. The first opportunity is to be more efficient with our data ingestion and our sensor downloads. For data ingestion, we have an opportunity to improve our event bounding, our discarding and removing unnecessary data points. For sensor downloads, we can optimize our downloads for unnecessary operating systems that are discarded anyway. Number two, data storage. We have plenty of room to optimize our event storage. The same events are stored multiple times in our environment, and we have a real opportunity to continue to consolidate those. Number three, optimizing the management of our data stores between our S3 buckets and our own data stores. And number four, we can reduce mean time to repair and recover. We have the opportunity to optimize the what-if scenarios based on risk and of course, AI. So here is a prime example of where AI is helping us internally is to figure out what are the risk scenarios that are really low in terms of our prioritization versus the ones that we really need focusing on. Here's one we've been doing for a while. It's utilizing lower cost regions in our public cloud environment for our data. We've had some success, as you can see, and we'll continue to leverage those lower cost environments. So when you combine all those things together, the story gets pretty rosy. You can see the journey. And for us, we were able to achieve 80% non-GAAP gross margin in the first half of this year. It's all those things that I put up on -- that I've been talking about as well as continuing to do them. And we have a lot of runway to be able to go and do that. So I get really excited about where I can go with gross margin. And when you solve for gross margin, which is hard, good things happen. It allows us to continue to invest those dollars back into the business. Give Mike and his sales team more things to sell in his bag, take the things that we already have and make them better. While still at the same time, being able to deliver strong leverage in the model. All right. Profitable growth at scale. The margins that we're talking about, they're allowing us to invest in the business. And look, we've always been a company that did not invest at all costs. We've never moved away from that. George and I talk about it all the time, right? We want to do it efficiently. We want to do it effectively. We want to be very discerning on where we're putting our dollars and you've seen the results. When you look at our record profitability at scale, you can take a look at those years, fiscal '21 through fiscal '23 and you saw some jumps, 17% to 16% margin. And then look at FY '24 year-to-date non-GAAP on an operating income basis, right? We're up to 19%. Q2, 21% operating margin. It's because we're doing all the things that I've already talked about and more. But at the same time, we're continuing to invest in innovation. If you look at this chart, the thing that strikes me is that we spent the same amount of money in the first half of this year that we did for all of fiscal '22. That's impressive. I want to make sure that I continue to keep our profits and reinvesting in our business. This is going to continue -- this is going to allow us to continue to do the things we want to do for years to come. Strong earnings growth, our net income trend. If you look at Q2 '24 over Q2 '23, we more than doubled it. And then, of course, we've been talking about GAAP profitability. We've had 2 straight quarters of GAAP profitability. And for us, that's a big deal, right? And here's what we're going to commit to. We're going to commit to sustained GAAP profit before tax as of FY '24. It's focus for us. It's not lost on us that we have an opportunity to be eligible for the S&P 500. And so for us, we're always going to keep an eye on the bottom line. Okay. What does that all mean? Strong cash generation. There's a familiar theme here. Look at the first half of '24. We generated almost as much free cash flow as we did for all of fiscal '22. You can see that our -- we've been targeting that 30% margin range, and we're going to continue to commit to that for this year as well. All right. The target model evolution. For those of you who were following the story since the time we went public, we gave out a target model that looked something like this. The big ones there were subscription gross margin. This is all non-GAAP, 75% to 80% plus and the operating margin at the bottom of 20% plus. Those were our targets. For those of you who don't remember, we went out in 2019. In FY '22, we raised those targets and expanded some of the targets. We raised subscription gross margin percentage to 77% to 82% plus. We also raised operating margin percentage to 20% to 22% plus. And we gave you a free cash flow target, percentage of 30% plus. In Q2, '24, we achieved the target model. We're all really proud of that. It took us a lot of hard work, effort. For me, I go up in front of the entire company every single quarter, and I talk about the highest and best use of our dollars. George and I talk about that all the time. We drive it through the culture. We tell everybody it's your money, spend it like it's your money. That helps me. And we were able to achieve all the success here on our target model. Okay. What's next? Boom. Here's our new targets. Subscription gross margin, 82% to 85%, 400 basis points. S&M, we've reduced target model to 28% to 33%. R&D, we kept the same. We've got to continue to invest in our business, continue to be able to deliver cutting-edge technology, continue to delight our customers, our partners. So we're not going to change that target. G&A, we have an opportunity to shed 200 basis points. All right. Operating margin. The target is now 28% to 32%, up 900 basis points. And then finally, free cash flow percentage 34% to 38%, up 500 basis points. So this is what we set for ourselves, commitment from George, from Mike and the rest of the executive team to be able to make sure that we continue to drive home highest and best use of our dollars, to continue to make sure that we innovate and provide cutting-edge technologies, and to continue to delight our customers to stop the breaches. That's hard. So here is the time frame 3 to 5 years. That's how we think about it. Look, I think that many of you have followed us. When we put out the targets back in 2019, we hit them all. We're putting out new targets, and we're going to do what we need to do to go hit those, right? And for us, it's been a delight to watch our customers be safe. And we're going to do all the things we can do to be able to generate those type of returns for a company like us. Look, George, when he talks about hiring me and we talked about the fact that he was going to not have any perpetual skews. I was in heaven. And then I also was thankful that he's also an accountant by trade, and he understood the power of the subscription model. You're seeing it here. You're seeing it today. And so we look forward to being able to continue to delight our customers at scale and take this company to the next level. And I hope you're all with us to join that journey.

So with that, I'm going to call upon my 2 colleagues, Mike Sentonas and George Kurtz to join me and we're going to take some of the Q&A. And what we'll do for Q&A is, look, Ittai is already ready to go, wait until we have our folks up here. And then we'll ask -- what we'll do is the team is going to go around and hand out mics for everybody and just raise your hand and Ittai was the first to shoot up his hand. So I'm sure that he's going to get the first question. So they're just going to put up some chairs. All right. So just raise your hand. We're here for you guys. Okay, a few hands are up. Our team is going to come around. I think we should probably start with Ittai since he was the most eager.

Ittai Kidron from Oppenheimer. And mediocre financial targets, first, I mean, come one, you can do better than that. I have really two questions that are somewhat tied to each other. First of all, just doing a little bit of back of the envelope on the TAM and doing the back of the envelope on the CAGR of revenue growth. They seem to be pretty close to each other, somewhere in the low 20s. George, you made a very big case here today on consolidation. Needless to say, I would assume that, that means share gains throughout the forecasted period. Help me understand then Burt why are you so conservative in your $10 billion target? It feels like that if you believe the TAM, you should do much, much better than that. And then perhaps you can tie to the gross margin, it's a very big uplift on gross margin, not use to seeing big revisions on a relatively short time frame, 3 to 5 years. So there's still a lot of room to go there. What's changing underneath the surface there that enables you to get there?

Yes, good questions. So maybe you -- George, do you want to take the $10 billion first? Or do you want me to -- I can lean in and then I'll toss it to George. I think, look, for us, when we think about it, there are many avenues to get there. We kind of walked through all of them, right? But there's -- for us, we're flighting the company to be able to achieve it. You've seen we've put out targets before and where we've come. And that's the same methodology, the same philosophy we brought to the $10 billion. We haven't changed in how we see things. We definitely -- when we talk about guidance, we guide to what we know, not what we don't know. We don't guide to running the tables, and that's how we thought about the $10 billion. On the margin for us, look, it's been a great, I think, a great success. I think somebody here was telling me about they got a question from a private company about, hey, how do we think about gross margin and the expansion. And they said, "Go look at CrowdStrike." I mean that's the poster child for how to do gross margin improvement correctly. And so, a, it's based on the past, but it's also based on the fact that what we see today and working really closely with Mike and his DevOps team and how we think about it and how the opportunities are there in front of us to be able to optimize not only between our own cloud and but also between public cloud. So all the things that I mentioned to you and they're meaty, each one of those has some real meat behind it. We do those things, and I think we have that opportunity to do that gross margin expansion.

I think to just -- you covered most of it, but putting LogScale in is a key component into the wrap to release, certainly going to unlock additional efficiencies in gross margin.

Saket at Barclays. Ton to talk about. But George, maybe my one question for you. Cloud is the biggest part of that chart. That's that helpful chart, Burt that you showed that kind of show the next 5 to 7 years cloud identity and SIM. Cloud is the biggest part of that, right? And I think we said it's about a $31 billion TAM. There's so much noise in this market. And so the question for you, George, is how are customers thinking about the most natural vendor to partner with here right? Is it the specialists, right? Like some of the privately held ones out there? Is it the network security players that also have thing? Or is it the legacy endpoint players, I'll say, right? I guess I'm just kind of curious how you would think about why -- how you think about not just why CrowdStrike would participate in this market growth, but actually getting meaningful share in that very big market. Does that make sense?

It does. Yes. And again, what we try to do is to at least hopefully articulate some of the acronym soup that's out there and where we play and how we play from start to finish. But to be clear, we've been in the cloud security market for like 10 years, and we customers securing workloads in the cloud for a very long time. And some of the newer technologies around CSPM and those sort of things, agentless technologies obviously have evolved. We were doing cloud security before they were even an idea. So when you look at what customers want, they want something end-to-end that not only can give you visibility into how things are configured and a compliance view, which we do with our CSPM or how their applications are configured or potentially exposed now with Bionic. But one of the most important and anchoring features is the fact that you have to protect the workloads. It's -- that is it. Like the workload needs to be protected. If it's not protected, you're going to have a breach on your hands. And who is the company they're going to choose to do that is CrowdStrike. We have a history of doing that. And then when you tie that into the fact that now we've got a complete integrated solution of CNAPP, we've added ASPM to it. We've got things like cloud detection and response. These breaches that you're reading about are -- and I think one of the -- somebody said it earlier today, but it was -- it's the internal network that's getting hacked and going back into the cloud from an identity perspective, you need things like OverWatch. You need things like Complete, and we're in the best position to put that together. So I think it is -- we're the company to help define cloud security and we're going to win more than our fair share in that market. And that's why we're going to continue to innovate and continue to be acquisitive in that marketplace.

Cool. We've got a competition here over who was first but we'll go to the back.

Yes, we've got mic runners here.

Andy Nowinski with Wells Fargo. Great conference so far and amazing targets that you guys provided. I had a question on FalconFlex, the pricing. You guys call it a consumption model. When a customer adds a module, I guess, intra-quarter, how does that work? Do they get it for a 3-year pricing? And then if they cancel it a year into it, is it prorated? Just wondering how that really works and it seems like it could have a nice impact on your NRRs as it makes it easier for customers to expand. So how are you thinking about the impact from the pricing module or the new pricing plan relative to your $10 billion target?

Yes. So I'll take that one. So the whole idea behind FalconFlex was obviously just to make it easier for customers to purchase and here's the idea how we do it, right? So you -- the price you lock yourself into a year or 3 year, whatever the customer wants and they're going to get a set of solutions. What we'll allow them to do is to swap out different solutions as they think about how they're utilizing the ones they bought or not or they want to try out other ones, so they would draw one down. Now the good news on that one is it allows customers to try more of our stuff, right, to understand our capabilities.

Without a procurement cycle.

Without a procurement cycle. And so -- but in terms of how I think about it as well, from a pure financial situation is that we're going to limit the number of swaps. It's not going to be an endless amount of swaps that they can do, right? And so that's how we contain it. So remember, on the FalconFlex, the price of the contract is the same. It's not going to go up or down unless obviously, they want to buy new ones. But the initial contract that they signed that's the number. What does change is the modules that they're using within that contract.

Yes. So let me tell you why we're so excited about this. So we've gotten a lot of feedback from customers. We're a bit of a product of our own success with all the modules, right? And before we came out with the module concept and security, nobody had it. Everybody sort of copied it, and we've got a lot of them. And customers are saying, okay, you've got a lot of stuff, like just make it easy for us to buy, make it easy for the sales reps to buy, make it easy for the channel partners to buy. So fantastic. So giving them some flexibility. So the way we look at it and we've tried this with customers is if you can give them a license and the whole idea is to upscale that license to something bigger and give them the flexibility. And they're going to try more things. They're going to move things around. We're going to be consistent in terms of ARR. But our belief in what we've seen in kind of the early innings of this thing is like trying it out before we launched it was customers want to buy more. right? Because they're trying things that they haven't had, new items come out, they want to be able to try that. And overall, our goal is to make it flexible, easy, not go through a procurement cycle and allow them to buy bigger and more with CrowdStrike. And again, there might be some refinement as we go through it, you got to roll it all out. But I think we've hit the mark. I went through this with a few customers last night at dinner, some really big customers in the tech space who really understand these models, and they really, really liked what we had to say and I think as we go through now the next procurement cycles with these companies, we'll have the ability to move them into Flex.

Joe Gallo, Jefferies. The pace of innovation has been remarkable, and I think it's easy for us in our seats to get overwhelmed by the number of products. So maybe just talk about the other side of the equation, the sales and channel enablement. Can you just talk about the maturity of the sales force and the ability to sell these products and the ability to keep up with the product velocity, especially as you enter categories that are outside their core competency.

Yes, I can take that one and obviously jump in as you want. Look, a big part of that is working with our Horizon sales team, which is our specialist sales team, really building that up and making sure that we have that capability across the entire globe, specialist subject matter experts on the sales and on the technical side of things. Bionic, we've got a great team that has come over with that, there are specialist that will be part of that group as well. A lot of training, a lot of office hours, as we call them internally to make sure that the team is ready. I talked about some of those partnerships, so ahead of a product release, making sure everyone's enabled. We can skew and we can go today with [ Barney ]. Obviously, we got to close the transaction, but it's doing a lot of that work upfront, which is super important. Partnering with DB, making sure the channel is enabled. We want to make sure that we're doing more and more with the channel. We've got channel partners that are experts in this area. So playing in CrowdStrike in some of these areas for them is a very natural motion. So we're doing a lot of that. And the feedback that we've had so far today has been absolutely huge. And we've booked solid for weeks with people that are wanting to do follow-up deep dives they want to see the tech, they'd want to get the hands on the tech. They want to test it out in their network. So we're pumped, we're good.

Yes. I think just to add on to that, we spend a lot of time on sales and obviously sales hygiene. Sales to me is a science and it's very formulaic. Mike and I are on just about every deal call that we have in the entire company like every week. We know where the deals are. We have to vector them in. We talked a lot about this on the earnings calls. But making sure that we have the right hygiene, we've got the right training for people internally and the enablement and not leaving anything to chance because there's just so many things. It's such a complex sale now that you have to check all the boxes, including like the paper process and all the approvals. So that being said, we're always looking at what we can do better. And I think some of the areas that we can do better is enablement not only internally, but with our partners. We have so many different products and product lines. So a big part of what we're doing with DB on board, which we're delighted to have and you can see the immediate impact in his work with the channel partners, is how do we create more certifications, how do we create more enablement, which is critical. And at the same time, we've created now a model with a specialist team, where we now have a cadence. We have something new that goes into the specialist team. It gets built up when it's to a level of sort of maturity, it can be moved back into the broader sales force. And that's the way -- that's the cadence we're going to run as we do these sort of either new products or acquisitions.

Let's come down to Joel and then we'll go to his right. So we'll come to you after.

Thank you for recognizing the old guys at the table.

It was a competition between you and Ittai as to who's hand went our first.

Joel Fishbein with Truist. Two questions, not related. DLP, you talked about the SIM market, right, being like this big replacement market. John and I have been around, remember [ Vontu ] that was put in place 15 years ago that has very expensive, doesn't work, breaks all the time. DLP to me is a huge opportunity for you guys. Could you dig a layer deeper into that market and talk about that, Mike and George?

It is. And we've talked about where we are today and what we're doing with it, which we're already working with some really big partners -- customers, I should say in terms of what they need to fully replace their DLP. So we're on that journey with them. And I mentioned it yesterday in the keynote on where they are and where we're starting, and that's really with file movement. The overall goal for us -- and we didn't hit it so hard here because we always want to leave a little something in reserve for you. But we look at that market and another market that is ripe for disruption. There is not a customer I've ever talked to that said they love their DLP. It literally is the same thing that we -- the same play with AV. So it's sort of the last vestige of the old legacy technologies that are in place. And our goal in data protection, not DLP, is to be able to come out with a module that is fully -- can fully replace an agent-based DLP solution. And that's what we're doing. Every month, we actually have a new build, and we get more and more capabilities. And I would say Q4-ish, Q1-ish in that time frame we'll have the broader GA release for it. But that is a market that is ripe for disruption and squarely what we're going after. And it's a huge TAM opportunity for us.

Just one other follow-up on that. Another huge opportunity that I saw in there that was kind of surprising to me was the government space, less than 1% penetrated, another massive market opportunity. Can you just talk about the go-to-market strategy there? And because I would think that, that would be one for completely disrupt.

Yes, for sure.

And that's in logo penetration.

Let's send the microphone back this way. Coming up back for the next one. Yes, look, huge opportunity, and there's a couple of things to touch on there. As I talked about, we're really focused on North American market. And it just takes time. The certification is working with CECL, working with different buying bodies, make sure you have certain compliance, having GovCloud, data center enabled, data center -- it just takes time and that you're seeing that we've had great success, but there's so much more to certainly go after. As I talked about, there's an opportunity for government around the world. If you look at what we do with OverWatch, a lot of the government agencies say, "You guys have the best signals director that's not a government agency because of the amount of visibility and telemetry you have and knowing what's going on." So the opportunity is not just North America. As I said, it's the U.K., it's Australia, it's New Zealand, it's Canada. It's working with Singapore. There's an opportunity for threat intelligence, there is an opportunity for services. So we've been building that out. We've been building out the teams. Some of the -- we haven't even had some of those teams in certain parts of the world. So we're certainly excited by that. And I think as we keep building that out, we hired a great Gov CTO. He's been a game changer for us. It's accelerated a lot of those certifications, the way that we put together the products. And we're in the field. We're hiring people.

Yes. And if you look at the history of the company, obviously, we've been around for a bit. The government space is a newer area just because it has taken so long to get the certifications. We've literally just got, I would say, recently got IL5 certification. So it just takes a long time to get in. Once you're in, you're in. And I was actually in D.C. last week. So there's a lot of opportunity, a lot of activity that's going on there. And it's just a matter of knocking down the deals and taking that success just like in the enterprise space and then parading it around and getting new deals out of it.

John DiFucci from Guggenheim. Actually, I bet Daniel is still there. I was just curious, is he not been here long enough to wear the cool kicks or is maybe next year?

Next year, we'll get him the seat.

No, the cool kicks.

Oh the cool kicks. I'm sorry. I had it up.

I have a sneaker problem, you've noticed.

I did notice. So Mike, I'm going to ask a question. I've never asked any other company because for a lot of companies, I don't think it's as important or it's hard to see how it is. And that's a question on AI. So George, I really appreciated your keynote yesterday. I mean there was a lot of substance in it when you talked about AI, you gave real-life examples of how it can help a sock and it just made even sense to me. So when I looked at the pricing here, and I realize that AI is part of the beginning of CrowdStrike. It's like part of what you are. So it's in some ways an evolution, but also Gen AI is sort of more of a revolution. When I see your pricing, which I look at that, I'm like, wow, this is -- this makes sense. Like people will buy this. And versus some of the other pricing that we're seeing like some would seem like a lot of marketing that were fed. And I guess, how did you come up with that pricing. What's the strategy behind it? And was it talking to customers? Was it you just thinking about things? And how you're going to leverage AI?

Yes. I mean I wish everything was an exact science, right? A lot of this is like you got to understand what the customer wants, where you think the market is and sort of the buying behaviors. I think there's a couple of levers for us when you look at it. If someone isn't willing, as I put in very simple terms, to spend less in the Starbucks on an end point per month to have that level of capability, then we're doing something wrong. So we think it's very attractive. But from a philosophical perspective, we said AI should be enabled for everyone. So how do we make it affordable enough? There is a cost to it, right? And Burt passed his margin that we're going to protect. So there's a level of cost associated with it, but we want to make it available to the masses. Because when you try it, it's just -- you're going to be addicted to it. There's no doubt about it. And then obviously, we've got a component that we can work with in terms of the number of query packs and how those are price and those sort of things. So we've got a little bit of flexibility depending on the market, the geography, it's an emerging -- if I had all the answers, and I would tell you, I mean, this is like a lot of things, you got to try it and see how it works, iterated a bit until everything just lands. And I think we have enough flexibility that will give us -- will allow us to gain insights to be able to land it with customers in all geographies and all segments. I will say one thing. We talk a lot about the SOC analyst. What's underappreciated is Charlotte AI for the SMB. And I'll tell you this because if anyone here is -- happens to be the tech guru in your family, like I am, I get the phone call. So like, I got this text, should I click on it? Like, hell no, don't click on it, right? You're going to have a lot of these small SMBs that don't have expertise that are going to be able to ask Charlotte. Is this a real threat? Is this a real file? Is this a real link? Is this real whatever, right? They just can have a conversation with it that's going to basically take insight of CrowdStrike and bring it down to the masses. You're going to have a lot of adoption, I believe, in the SMB market just because of that.

Ashish Bandari from Ashler Capital. I actually want to ask about Falcon for IT. I know you've been selling into the IT organization for a while, but it does seem like you're pushing more into that specific buying persona now. I guess I'm curious like as you're going after that opportunity in a more pronounced way, how are you thinking about shifting your go-to-market for that specific motion?

So a couple of answers. One is it depends on the segment and depends on the organization. A lot of those teams are combined, but larger organizations, they're different teams. The thing that we want to solve and if you didn't see the keynote that I talked about, one of the things that we want to solve is removing the complexity out of security. Now what happens today in a larger organization with a separate security team and a separate IT team, the security team finds risk, they lob it over the fence to the IT team, the IT team work out team works on patching it. They lob it back. The security team looks at a dashboard and says, Well, some of these patches didn't work. The IT team then -- that time is a disaster. Not only is it incredibly costly, but it never ends up being fixed, those problems, and that's where people get breached. Bringing the two groups together the same way as we've brought DevOps teams, together with security teams in cloud is the opportunity here. So you have 1 platform, and as DB said, meet people where they want to be met. And that's a really important strategy. So if you look in the platform, you see vulnerability, you can assign a ticket or you can work to fix it very quickly. The IT team can log in, they get their platform, and they get access to the features that they want, and we can connect the two. That's what we're trying to do. But there's so many security use case perspective, examples that you can have with Falcon for IT. You can query your machine, you can pick up a file, you can make a registry key change, you can roll out an app, you can roll out a patch. It's very exciting in terms of what we can do, and it's just building on that platform. We've been solving various problems, fix the prevent piece, fix the detection piece, fix the automation piece and continue to build on that, not fixed, but keep the building on that. And now it's that IT one. So very excited about that.

Yes. And just to follow on that, when you look at what we're able to do in that area, IT is -- they have a different view of the world than security. Security finds problems and deals with risk and IT gets a ticket, and it's like break fix for the most part, right? So can we help them actually solve things quicker, Yes. Can we kind of harmonize what they're doing? Because if there's a compliance issue, I guarantee it has to be fixed, right? Somebody found the problem. It has to be fixed. And if it doesn't, it goes all the way up because it's a compliance issue. So I think we can solve a lot of issues there. And then there's tremendous insights. When you looked at the demo that I went through with license compliance and who's using what and system resources and just think about this is not like 1 computer at home. These are tens of thousands, hundreds of thousands or millions of endpoints and workloads that have to be -- you have to have visibility on. And more importantly, from a CMDB perspective, right, working with companies like ServiceNow, they'd be able to take some of this rich information and put it into a CMDB. Why? Because we're the source of truth for this information. It's always on, it's always real time. The last piece that I'll say with Falcon for IT, now that we're giving IT a home in the platform, that's what they want. They have different workflows, different ways to operate. It continues to that we've been on to be a central part of what the CIO is viewing as a strategic vendor. And that just further reinforces the journey we've been on. So now we have a seat at the table. I think we really will have a placement at the table. Next year, we'll have a chair at the table. So that's the journey we're on, and we're excited about it.

Hamza Fodderwala, Morgan Stanley. I had a question about go-to-market. It seemed like a lot of changes were made to partner program, good changes. And the big focus is driving multiproduct adoption. Would partners get sort of an extra kicker, if you will, from an incentive standpoint, if they start selling more cloud identity log scale. And then the inverse of that is if they just sell endpoint, will that mean sort of lower margins over time?

Well, from a partner perspective, you're right, we've made some changes and I think one of the big ones, obviously, is bringing in DB and having a dedicated organization with a leader as capable of DB. So I'll start with that. And again, you can see the -- I think the fruits of this labor. When we look at the knobs that we can turn from a partner perspective, it's almost like any vendor partner reseller type relationship. I mean there's a lot of knobs we can turn. There's individual deals we can tweak. There's different incentives and rebates and those sort of things. And those are all at our disposal. That's just normal course of working with channel partners, nothing that we're doing that's different than others, but we have different knobs that we can push. Certainly, having a focus in key areas, we can provide more margin, it's really going to be up to us. So we haven't decided or not decided to do anything. I think we take it on a case-by-case basis and use the levers to our advantage depending on the partner, the segment, the geography and the products.

Catharine Trebnick, Rosenblatt. You had discussed that 50% of your revenue will come international, can you articulate what your go-to motion markets will be in order to achieve that?

Yes. So first, I think you meant that it's going -- we're trying to get -- well, it's an opportunity to go to 50%. We're not there today. We're 70-30. In terms of the go-to-market, I'll just tell you that I'm -- how Mike and I work together as we look at each of the different geos. We think about the TAM and each of the geos and the market opportunity in each of the geos. We think about how we're going to be able to deploy our resources. And when you look at the rest of the world, Mike can talk about it, there's -- it's a heavy channel, right? Some geos have even two-tier channels. But I'll pass it to Mike to talk about -- and George, that was..

Yes. Let me just make one comment, and you feel free to jump in, though, as we go to different geographies again, they're very partner-centric and they're different. Japan's partner network is more distributor based, et cetera, right? So we've got to have the right formula for each of the different geographies. But one of the things that is really interesting with generative AI is it brings translation into the local language is much easier and much more cost effective. So it's almost like a natural byproduct that you get translation with Charlotte AI. And we have translated languages already, but we don't -- there's way more languages than we have translated. So I think that now leveraging Charlotte and the fact that we get that actually allows us to go deeper, faster into geographies maybe that we wouldn't have just because of maybe some language barriers.

Yes. Look, I think a little bit of additional detail it is kind of to go on to the point you're just making being prepared to get into certain markets and having a business that's ready to support the go-to-market. So we haven't flooded every country all around the world with people. We've been very careful to build that out and make sure that when we enter a market, we do it properly, we have a go-to-market team, we have a support team. We have a channel team, we build channel partners because customers want to make sure that they can deploy products and have support and all of those things. So when we moved into Europe, we're very careful in how we did that. We have a phenomenal leader building the team there and building out our maturity there, rolling out a lot of the great products. Asia Pacific, again, a great leader that is building out our Asia Pacific team. We have a big focus on Japan to George's point, which is a very different market, just the way they procure, the way they want to interact. You need to have a product that's localized when we offer things like Falcon Complete, you need to have internationalization in the product. We added some of that capability, sales moved very, very quickly. So that's how we're kind of progressing and building a lot of that out and making sure that we do that very carefully and strategically and having great success. But it is working very closely with Burt to be very careful and how we do that, not getting ahead of our skis and just making sure that when we get in there, we look after customers. So the thing that I loved here this week is an incredible amount of international customers came out to Vegas. We had a big contingency from Japan. We had a huge contingency from the Philippines because we've worked on that area -- on that country with a great team, a lot of -- we had a big team coming from Sweden as an example. So you can see how that program is really working.

All right. So I'll get things wrapped up. I just want to first thank everyone for attending, and I hope you had an informative session. We really tried to take the feedback from last year, take that into consideration and give you a program that is relevant and also features our favorite man to our left here, Burt Podbere. And I know that was a big ask from last year. So hopefully, you've got some greater insights on what we're focused on. When we talk about the $10 billion, 5 to 7 years, again, these are target goals for us, right? I'll say it again, he's not giving guidance. But I think from what we wanted to land with this group is we've got the opportunity. We've got the technology. Customers want to buy more. We're in a great spot. And it's -- look, it's always going to be a challenging environment. There's always plenty of competition, but I think we've done a really good job of navigating that. And what you saw today and this week, I should say, and the pace of innovation, I think, is really unparalleled. If you look at what we've done just for this event, it's a crazy amount of new products. And that's really what we're focused on. And some of the changes we made internally allows us to unlock the great team that we have and this pace of innovation. But from the roots and when I started the company, we are an innovative technology company that knows how to go to market and knows how to create success and outcomes for our customers. So with that, I can be proud of the team and proud of our success, and I think all the CrowdStrikers for making this possible. Obviously, we will be around afterwards, and thank you so much, and have a great and safe trip back.