CrowdStrike Holdings, Inc. (CRWD) Earnings Call Transcript & Summary

All right. Fantastic. We will go ahead and kick it off day 2 of the Goldman Sachs Communacopia and Technology Conference. Thanks so much, everyone, for joining us at the CrowdStrike session. Delighted to welcome George Kurtz back on stage with me, Founder and CEO of CrowdStrike. Thank you for joining us.

Great to be here.

So George, I know how much you pride yourself on being more than just a vendor to your customers. What I mean by that is you spend a lot of time having more strategic conversations about where security strategy is going. So maybe to start, share with us some of those conversations on AI strategy in particular. With your largest, your most technology sophisticated enterprise customers, how are they working with you and how are they thinking about what their security strategy looks like in an age of AI adoption?

Yes. I think when you look at customers and larger enterprise, everyone is in their early days of their journey of AI. And it started in 2022 with, hey, this ChatGPT thing is pretty cool. It can give us some really cool results until you get something wrong and you have to correct it and it's like, "Oh, yes, you were right. Yes, I'm sorry about that, I was wrong." And as you get through that journey, then it's like, okay, well, where can we operationalize AI and what does it mean for a business? And I think keeping my CEO hat on, it's really about can it make you money or save you money and people are in that journey. And where can they use it, what areas, do they start in legal, do they start in sales, do they look in -- they're in financial services and sort of trading and those sort of things? And how do you do that in a secure way? And it started from -- we've got everybody using ChatGPT and it's totally uncontrolled, and data is going everywhere to we're going to shut it all down and then we're going to open things back up. We have to put guardrails around it. We have to manage the data. We have to manage the identity. So that's been a couple of year journey, and we've been helping them with providing the guardrails, understanding the models, protecting the intellectual property, but you really have to enable AI to allow people to get all the benefits from it. And we're such in the early innings. That's what we're seeing right now. And I don't think there's a company that I've talked to where I talk to the people in the business and they go, "We want to use more AI, but we can't." And it's like, "Well, why can't you? Well, corporate doesn't let us." So great opportunity for us.

And to what extent is this building on the existing security foundational elements that already exist versus maybe catalyzing an incremental step function in modernization or next-generation product and architecture?

Well, I think if you look at most companies, I don't know how many companies in here think like their data is really good. I haven't found one. If you think like your data is really good, show hands, it's probably be like 0. Because everyone is like, oh, we have this data, it's in Salesforce, it's kind of a mess. And does that sound familiar?

Absolutely.

Right? And so I think there is this process now of like, okay, well, we've got to get our data architecture in line, we've got to make sure that we can put it in a Snowflake or Databricks or what have you, and we've got to train it and those sort of things. And it's just kind of a force function into like let's start cleansing the data, let's start labeling the data, and how do we move data around the organization and begin to provide some level of governance around it, which some have. But that needs to be in place so that you can actually get the training done on these models and then implement it in a secure fashion. And then it ties into identity, which I know we're going to talk more about. But it all starts to come together, and it's like just the next industrial revolution that we're going to see around AI and all of the things that you're going to need to actually get the full benefit of it. They're all going to need security, all of it. And if you believe in AI and you believe there's going to be more AI in 5 years than there is today, then you're going to believe in the security story that security has to be part of AI in order to enable it.

Yes. And it's interesting because not all pieces of the security budget are created equal. What I mean by that is, as analysts will break down, okay, here's network endpoint identity SIEM. The question for you is, how do you think about where in the stack the value is going to accrue? And you made a really interesting comment on the earnings report saying that AI is not a network problem. So maybe elaborate on that a little bit and how you think about the framework for what's defensible versus what's less important.

I think you have to look at where AI originates from and how people use it. So certainly, the data is a big piece of it. I talked about what CrowdStrike does in terms of like our training for some of our AI models, like we've become the Reddit of AI security data because we have all these annotated security events over the last 10 years. And you have to look at in each company, where the data is coming from, how it's labeled, how you have this kind of human feedback loop that you're still going to need. And then you have to look at who's using it. Like at the end of the day, you have some autonomous actions that take place, but it's for the benefit of humans. And humans are going to be guiding all these AI agents, right? So that's why when I talked about it on the earnings call, it was like you got to -- it's at the endpoint, it's at the workload, it's at the data level. It isn't like some network device that's magically going to make AI secure. Like you have to look at how people use it and where it originates from and a lot of it starts around data and humans.

Yes. And let's stay here with data. We hear this argument that, well, the offense has the data, too. Meaning you've got defenders using AI in the security architectures, you've also got the bad guys using AI to attack. And my question for you is, can it actually be inverted this time around where the defenders can use AI to apply it to the data such that the defenses get stronger at a faster pace than the attackers trying to find holes in it. I'm curious how you think about that.

Well, the way we look at it at the highest level is you have AI for security, which is the way we started CrowdStrike and was machine learning at the time, but it was using that to secure systems. And then you have securing AI, so 2 different things. So when we think about the ability to actually secure companies, it really comes down to a time element, like the window of exposure and how fast things can be exploited have moved from weeks to days to now minutes and sometimes seconds. In one of our threat reports, we talked about exploitation of 52 seconds. So you're going to need AI to be part of that solution. But I just kind of give you an idea of the threat landscape, maybe tell you one story. It was a week or 2 ago, our researchers found some malware. And it was really interesting because what it did is it would drop on a system and then it would gather a bit of information of what that system was. And then it would go out to a GPT and it would start querying it for like, hey, write a script that allows me to get all the data off the system or write a script that allows me to move from one place to another or it went through a whole bunch of recursive sort of questions into a public GPT. So think about it, each time it dropped on a system, it gave a unique response back to what was on that system. So it actually learned what the function of the system was. Was it a database? Was it an e-mail server? Was it a desktop? And then based upon learning that, it would actually provide different actions for how it was going to exploit it and what data it was going to harvest from it. That's kind of what we're dealing with, right? And the speed of that's happening -- at which that's happening is like unparalleled.

Yes, absolutely. Well, the threat intelligence part of your business leads really nicely into discussion around security operations center. Your AI SIEM business was up more than 95% in 2Q, ARR north of $430 million. And one of my favorite phrases that you used, it's like upgrading from a typewriter to a computer with moving from legacy solutions to faster solutions. So what do you see as the biggest impediment today in your customer base from getting people to make that upgrade cycle from typewriter to computer?

Well, there's always a level of inertia in what people are familiar with. And when you've got newer technologies, you have to really focus on what the outcome is. And sometimes you may talk to a customer like, well, we do it this way, and it's like, okay, but what is your outcome? You don't really need to do those 5 steps when we can just go right to the step that you want and the outcome that you desire. And that's really what we focus on. But I don't know, I'm a simple guy, like to just break it down into better, faster, cheaper. Like we can offer a solution that gives you better outcomes faster and we can reduce your cost. I mean we're taking costs from some of the big legacy SIEM vendors, and we're cutting it to 1/3 on what people were paying. So there's a reason why people are moving to CrowdStrike. And what's important to keep in mind, too, is every Falcon platform customer has Next-Gen SIEM built in. It's in the platform. The only thing we need to do is license it, and we actually give them 10 gigabytes free so anybody can use it. The second critical piece, which sometimes I think it's often overlooked is we actually don't charge for first-party data, okay? What that means is first-party data is CrowdStrike data, the data that we generate from our agents that people were taking from their legacy SIEM and paying to move it -- sorry, taking from us and paying to move it into a legacy SIEM, you don't have to do that anymore. You actually don't pay for that. So that's vastly different than their old models and very disruptive. So where we charge them is for ingest on the data that we don't have. Now when you combine that with Onum, that's the acquisition we did last week or -- that's a week or 2 ago, that's like the railroads, right? We control the pipeline of where data originates and where it's going to go. And we can do in pipeline detection with AI at the source of the data and the events where it originates. And again, this is for third-party data. So it's very disruptive on the speed and the cost. So we can go into a customer and basically say we can dramatically reduce your cost and give you a much better outcome.

And maybe to crystallize this point on Onum and the data pipeline piece of this. When you approach customers in the pipeline today or when your sales team does and they say to you, well, we've got this on 2/3, but this is not a priority for us. It's going to take us X number of months to migrate. What is X in the number of months and what is it post Onum?

Well, it depends on each customer. And let me just tell you through the sales cycle, typically how it occurs, which is we're at the point now of customers going, okay, we know your stuff works. We know it works at scale. You have plenty of reference customers. We tried it, we like it. So we want to move from our legacy SIEM to you, which means we're not going to renew something. So we got to move it all over to you. And typically, the way that would work is you would run two systems in parallel, and then you would cut over. So what Onum allows us to do is not only can it do in-pipeline detection and really cool kind of features, but you can fork the data. So literally, you can have one event and send it to multiple places, it doesn't matter. So you can keep your legacy SIEM running and then deprecate that over time. And then by the time the renewal comes up, you're up and running on CrowdStrike. And by the way, Charlotte can help actually even in the migration process. That is going to dramatically accelerate the adoption of Next-Gen SIEM. That's one. And two, and we just sort of talked about the security use cases when we announced it. But guess what, it's an IT product. So any data in your environment in IT can be consumed by Onum. And that then moves -- continues to move us into different buying centers, into the DevOps buying center, into the IT buying center, right? You become much more strategic when you're consolidating all these costs. So it is a very strategic acquisition that we did. I think a year or 2 when we're back here, we're talking about, you can be like that was a really good acquisition because it goes well beyond security into IT.

Yes. And I'm curious because the problems in the SOC have been compounding for 10-plus years now. Do you think there is an incremental stress function happening because of AI such that the scalability of log ingestion is increasingly at a breaking point because the complexity of being able to do AI logs is changing? A couple of different concepts in there. So maybe correct my technical knowledge.

Yes. I think people, just in general, are overwhelmed with the amount of data they have and sort of the noise that they have to deal with. One of the things that we developed is something called Signal, which is to separate the signal from the noise because you have so much data, and that's kind of an AI element that gets rid of all the noise. But in general, SOCs are overwhelmed. They're using legacy technologies. They're using legacy workflows like SOAR, I think, is going to be dead, right? And we can talk about sort of agentic SOAR and what that looks like. But these are all transforming the SOC. We work with lots of companies, lots of the companies in these room -- in the room here, banks, et cetera. And it's not like you guys are piling on the headcount. I'm sure the conversation is how do you do more with less, right? That's everywhere, not just in IT. So when we think about the SOC, it has to transform and it has to become agentic. You've got to use AI for what it's really good at. It can deal with lots of data very quickly. It can understand patterns very quickly, and it can take actions even if it's a guided action, which is going to dramatically reduce the cycle time to getting things done and separate the noise from the signal.

Yes, absolutely. So it leads nicely into a question around agentic in the SOC. And we know that security people are some of the most risk-averse people in the IT organization. And yet you're seeing a success with Charlotte. And one of the comments you made to me a couple of weeks ago was you've actually put enough guardrails on Charlotte to make it act deterministically with a set of framework. Tell us a little more about that. How do you put the right guardrails on the agents to get to a place of productivity?

Yes, that's a good question. So when we built Charlotte, it was built as an agentic technology from day 1, actually before people were calling these things agentic AI agents. And the whole idea was we wanted to go beyond just kind of a chatbot, right? So you can think about Charlotte as an orchestration layer with multiple models underneath it. And we had to provide, to your question, guardrails, we had to build all this. So that when you ask Charlotte a question, I'm sure when you use ChatGPT or Claude or what have you, you ask a question 3 times, you get 3 different answers. And you're like, well, I just asked the question, why can't I get the same answer? And in security, it's not a great thing if you got like 3 different answers to 1 security question. So we actually had to build the guardrails around that to give a deterministic outcome. And those are the kind of things that are maturing in -- think technologies beyond Charlotte, where when you implement AI, you want to make sure you get the right answer one time. But we've built all of that in and then we built all the workflows in. So again, Charlotte has become more of an orchestrator of agentic workflows, which is really where we're seeing a lot of activity. And we've got over 30 million different unique workflows that customers are using per week across the platform, which is saving a lot of time and effort. But you couldn't get the right results. And to your point around security, like people don't want to take action if you're getting like random results. So we had to do a lot of work around that.

Well, maybe let me ask you the flip side of that question, which is, if you think about copilots versus truly autonomous agents, copilots tend to be more deterministic. So with the guardrails, what levels show it up from being more than just a copilot?

I'm going to save that for Fal.Con because I'm going to talk about that. So it is a good question. But I think if you look at where a lot of the industry is at, they're in the -- I still have to keep my hand on the steering wheel, right? And you want to get to a point where the car can drive itself. And in any big organization, again, you're going to have like a lot of resistance from a risk perspective where you don't want these random -- these agents doing random things. And that's why having the right data to train it on, getting the right outcomes, having the guardrails and then it's going to be an evolution over time where you're going to have that sort of autonomous piece.

Yes. And the amazing thing about some of these concepts that you're talking about, whether it's in the SOC or in the CrowdStrike stack more broadly, is some of the connectivity you have with the agent into observability. And when we discussed in the past, I think you framed it as, look, there are 5 categories of observability. We can do 2 of those 5 categories. So maybe bring us up to speed, how are you thinking about your technical road map in observability? And where do you see CrowdStrike's right to compete?

Yes. We keep getting asked more and more for different data elements. Like if you look at Falcon for IT, which has allowed us to cross over into the IT world of gathering information, so you have this sort of digital employee experience and these sort of things, like we can gather a lot of that information. And these are big categories that are out there that go beyond security. And why do we have a right to win there? Well, we have -- I'd like to say we're in the real estate business, right? We have beachfront real estate, which is our agents, whether they're running on a laptop or whether they're running in a cloud, whether it's an ephemeral workload. And they can pull telemetry beyond just security. What's the health of the system? What is it doing? What's the user doing, all the identity data associated with it. So these become very interesting to companies. And we have something -- it doesn't get a lot of airplay and it should, but it's called Falcon Foundry, which is the ability to actually create your own module on our platform. And I think that's really the hallmark of a true platform is you can create your own stuff on it. So you can actually combine and mix and match IT and security data in your own application and you can solve unique challenges. So we have customers doing this and solving things like we didn't even think about. And that's part of the ability to go out beyond just security. So our ability to go into IT, we're already there in certain aspects, but I think there's a huge runway ahead of us into solving more problems beyond just security. But within our own lane, you don't want to go too far afield, but there are a lot of things that we can do that tie in nicely that expand our TAM.

Yes. Just from a lane concept, so clearly, there are industry leaders in IT asset management, observability, et cetera. So do you envision a world where 5 years from now or 10 years from now, how do you think about where CrowdStrike fits relative to those incumbents?

Well, I think there's a huge market and lots of bleed over and observability wants to go on security, security wants to go on observability, those sort of things. I think at the end of the day, it's going to be a lot around the workflow and how do you get the data. And then how do you operationalize that and how does that impact sort of TCO and price. And a lot of times, if you can supply 80% of what somebody wants at a very good price point, they're like, hey, that does what I need. Like that's good enough, and that does what I want in some of these other maybe ancillary areas, right? And then if you're really specialized and you have companies that have spent a decade doing it, that might be their niche. But it doesn't mean that it sort of limits your opportunity because I think having the real estate as a strategic beachhead allows you to do many things, and there's still a lot of TAM that you can capture.

What are some of the most interesting or maybe 1 or 2 most interesting examples of what customers are building on Foundry? And to what extent does that shape your own product road map?

Yes. I mean we have customers that are building applications like, again, you can pull data in from anywhere and build it into the workflow. So they're looking at specific identity use cases and then they're tying into things like Workday, what's the employee doing? Are they on a tip into badge readers? Well, did somebody badge in? Are they really the employee, they want to get to this piece? So they're pulling from lots of different systems to solve sort of an identity use case. Is it really you? Compliance. They're pulling data from a lot of different areas, and then they're building compliance workflows around specific compliance needs that they have for their own industry, and they can load all that up in there. They're looking at using Foundry for a digital employee experience. So is your computer slow? Why is it slow? Is it about to fail? Is the hard drive? Like all these things that cost a lot of money, they're actually using CrowdStrike to solve that. We didn't really plan on it. We just have all this data and then they solve different use cases, and we're like, that's a pretty good idea.

Yes, really cool. Okay. Let's talk a little bit about the identity use case in particular. So you've been investing in identity since 2020. How do you think about where it makes sense for CrowdStrike to compete across the identity SIEM lanes? And where do you sort of draw the line between being able to invest in specific identity solutions?

Well, we've been in identity since 2020. We saw it as a major threat vector and things that were really causing companies to be breached. So first thing that we did is we got into ITDR. We helped really pioneer a lot of that. So identity threat detection and response. We've got a tremendous amount of telemetry out of those systems. And the key thing here is we already run on the high ground, which is domain controllers, right? This is the most sacred of systems in an environment is to run on a domain controller. So we had customers over the years say, okay, you give us all this risk telemetry. You're already running on our domain controllers. We're using legacy like PAM technologies. So why don't you come out with something that can help us and again, save time, money and move to more modern architecture? So with our PAM module, it's more conditional access and just-in-time access than kind of just credential vaulting. And we think that's a more modern way to deal with identity. Now you have governance, I mean, there's a lot of pieces to identity. We do a few of them. More we're adding, more we're coming out with, et cetera. But it's a big market. And again, the good news is we were there very early and we identified it. ITDR, I don't know, we're probably the biggest player in that whole market. And then we keep adding like the PAM module, we just launched a quarter ago. Why? Because customers said, we want it. We launched it, and we already have customers on it moving from legacy technology. So I think we have more than our fair share of opportunity to win in that market. And it's a huge pool of dollars and a great growth opportunity for us.

And just to be clear here, you mentioned you don't have a vaulting product today. Do you envision a scenario where customers can use you as their PAM solution without needing a "legacy PAM" solution as well? Or is it more complicated?

Well, I think customers want more just-in-time. I mean vaulting is -- I mean, it's a glorified password manager. Most of that was created in 1999 to store Windows credentials. What people want is real-time access, conditional access. And not to say you don't need to store like certain passwords, but that will become more commoditized.

Yes. It's interesting because we've talked about so many different adjacencies that sit around in the CrowdStrike platform. It leads me to a question on R&D and how you think about prioritizing R&D. The scale is important in security. You have competitors that will say, "Hey, we're out investing you 2:1 or 4:1." But we also know that not all R&D dollars are created equal. So how do you think about incrementally investing R&D? And how do you counter those claims on competitors saying, well, we invest more?

And they can say whatever they want. A lot of this is where do you actually allocate in some accounting allocation like your R&D. So I think the proof is in the pudding of like what do customers say, where is the innovation, how fast you are innovating? Are you 1 platform? Are you 3 or 4 platforms? I mean this is -- the proof is in the cake that you're baking, right? It's not in saying that you spend a lot on the ingredients. I mean there's a lot of ingredients that people spend money on and the product is c***. So for me, that's what it's all about. It's about driving innovation, and it's about the fact that we have a brand promise of the single-agent architecture with one platform. Last I check, customers want one. You look at ServiceNow, one. You look at some of these, Workday, one. One in CrowdStrike. And that costs actually a lot of money to do and to do it right. So that's the way I would look at it. And I don't get hung up. We spend a lot of money on R&D. We drive a lot of innovation there. Innovation is our lifeblood, and we're focused on solving the customer problems. And it's very complicated and it's a very convoluted process that we have to go through, not really. We just listen to the customer, we build what they want.

Yes. Well said. Let me ask you about Falcon Flex because by all the metrics that you've disclosed, it's been a home run in making it easier for customers to buy across the platform. Talk to us a little bit about how durable the momentum you're seeing with Falcon Flex. I'm sure we'll get more updates at Fal.Con. But to the extent you're willing to give us a little color now, how do we think about the durability of growth driven by Falcon and some of the ARR uplift that you're seeing?

On Falcon Flex?

Falcon Flex, yes.

Well, I think Falcon Flex, we pioneered this licensing model. As you've seen everyone now has a core/flex model, one that they've got the idea from, again, driving innovation not only in the technology, but in the licensing world. And we listen to customers. They basically said, we want to buy more from CrowdStrike, make it easy. You got 30 modules. Like you guys can't keep track of them. We can't keep track of them. So make them all available to us, make it easy for us to buy. The only people that like going through procurement are the procurement people. So let's go through it one time, we get a rate card and we want to add more, we do that. And it's been a total home run. Out of the 1,000-plus Flex customers that we talked about, we got 10% of them reflexing. And of sort of that pool, we've seen 75% utilization of the Flex license. So we're seeing customers actually use more of their Flex sooner than they anticipated and we anticipated. And someone might come back and say, "Well, geez, is that kind of like a problem? Are they going to get a big bill? No. Because what we're doing is we're working with them on the demand plan to actually remove and consolidate the other products they have, so they can buy more of CrowdStrike.

The 75% utilization, maybe just benchmark that for us. How do you contextualize that?

Well, if there's a pool of dollars, they've used 75% of it faster than sort of you would on a monthly basis. If it's -- they're using more of it faster.

Yes. I got you. Okay. And then talk to us a little bit about what the reflex in the renewals motion is going to look like over the next 12 months. You have an elevated amount of Flex deals because of the customer commitment program in the last 12 months. So what should we be looking for in the renewal cycle? Do you think you'll see similar uplift? You've already talked about customers tracking ahead of their demand plans. Maybe just paint a picture of [indiscernible]

So just to reinforce, the Flex is the licensing model, right? It's a commitment, not a consumption. You commit, it's not a consumption. So it's very easy to track. It doesn't have variability to revenue and those sort of things. The CCP was just a way that we were able to work with customers and give them a pool of dollars that they can spend. But the byproduct of that, sort of benefit of that is we had to move everybody to Flex. So if you want a CCP, it was a customer commitment package you had to have Flex. So we vastly accelerated the move to Flex rather than just waiting for the natural renewal cycle. So we have a lot of customers that are just on Flex and consuming it. And then CCP is the customer packages that burn off Q3, Q4. Some of it runs multiyear type of thing, but you're going to see those kind of run out. And then obviously, the whole idea is 95% of the time, someone is going to renew that module if they got something for free.

Yes, absolutely. So I know Burt and the team have spent time dissecting the delta between ARR and subscription revenue. Maybe I'll ask you a higher-level question. When do you think that begins to normalize? And how does that shape the way you're thinking about the 2027 growth algorithm, understanding that it's too early for us [indiscernible]

Yes. I mean the key metric for us is ARR. So if you look at the $221 million that we delivered last quarter, it was a record for us, reacceleration. Burt talked about the 40% reacceleration in the back half of the year, right, 40% growth in ARR. That's the key metric. There's a bit of a divergence now because we really have an accounting artifact between revenue and ARR, and that is the partner rebates. So the reality is when we gave away some free products, we had to pay the partners on stuff that was free. That is actually a contra item. You would think it's a sales expense, it's not. It means you have revenue minus the contra gives you new revenue -- it gives you your net revenue. That's where you see the divergence. So when the partner rebates are -- when they're abated over Q3 and Q4, then ARR and revenue converge back together.

So it's interesting because you've seen so much success on the back of some of the "free programs" in terms of adoption. How do you think about does it make sense for that to perpetuate for longer? Or have you all as a management team drawn a line in the sand and said, look, this is the period of time in which we're running this particular program?

Well, that was for a specific incident we had to deal with. That's in the rearview mirror. But we have the ability with Falcon Flex to be able to be very creative and work deals. Hey, you have a legacy technology that you want to run out, we can be creative and put money in a pool. Like if you want to move from your old SIEM to our SIEM, we can help you with that. So there's a lot of levers that we can pull and we do. And this is a normal part of running a software and technology business. This is what happens, like you figure out where you are, what deal you're trying to get through and who you want to replace and you just kind of creatively come up with like how do you make it a win for the customer and how do you make it a win for them. And with Flex, you only pay for what you use when you use it. And it makes it really easy to ramp out of an old technology and ramp into ours without a whole bunch of extra cost. So those are the levers that we pull, and that's Software 101.

Yes, absolutely. So I wanted to ask a question about unit economics because CrowdStrike has had consistently benchmarked best of class relative to security, relative to all software. I'm curious when you look internally throughout your operating structure, are there particular levers that you're excited to pull because of AI applications internally? Maybe there's a little bit of discussion here as well on you're touching so many different points within the IT stack now that the CAC actually goes down relative to addressing some of these new categories. So maybe just holistically, how do you think about the durability of where your margins can go?

Well, we look at AI everywhere internally. Maybe just in general, like where can we be more efficient, things like legal, things like sales, marketing, et cetera, those are kind of ones you would expect, and we've gotten tremendous efficiencies out of it. But one of the big areas that we're investing in, which actually drives Charlotte to be even better and better is our Falcon Complete MDR service, right, our managed detection response. We have one of the largest MDR businesses in the world. And by the way, we have to drive automation in it, right? And I think there's -- sometimes there's confusion of like, well, you have an analyst, how many customers can they handle? There isn't this weird like -- or I would say, legacy mindset of like you have 1 customer to -- 7 customers to 1 analyst. We don't even think about it that way. The platform does the work, it drives the automation. So we continue to get more and more leverage in that business. And the output in terms of the technology we built actually goes into Charlotte. So what we use internally then gets commercialized and goes into Charlotte, and that becomes the basis for solving customer problems.

Yes. And maybe just on this point with the customer exposure that you have as well. What I mean by that is, earlier in the conversation, you touched on having more personas using CrowdStrike in DevOps, in IT observability, Falcon IT, et cetera. So how do you think about the way your breadth is expanding with end customers? And does it actually end up changing your LTV to CAC because the incremental cost of those personas coming on to the platform is actually quite low?

I think it can. I think it can change the CAC over time. You just have to keep in mind that there are some specialized centers, right? If you're selling the DevOps, the same person who's selling traditional sort of endpoint protection and related technologies may not be the same person that can talk cloud and DevOps and those sort of things. So there's still a little incremental spend as you specialize. But I think overall, we've been very efficient in our CAC. We've got in-app trials. We've got the ability to turn things on very quickly and license them and make it friction-free. So all that accrues value to us and our shareholders. And then as we bring on these new technologies and we have new buying centers, we have the ability, again, to go out and be very efficient from a CAC perspective. Just keep in mind, though, there's some specialization that's needed in those areas.

Yes. All right, fair. Maybe we can leave the audience with a tease for Fal.Con. What are the milestones that people should be watching for next week?

Well, it's going to be, obviously, as you might expect, a big talk around AI, some of the things that we've already developed, what we're doing in those areas, and I think how we're really disrupting the industry. And I think one of the things that I would leave you with is, if you think about what we did in the sort of take cloud and Next-Gen SIEM and all those things out of the equation. If you think about what we did when we started the company is we had agents that ran on a computer that protected users with an identity and their data and where they went. And if you think about the explosion of AI agents, you may have a 10,000-person company that has 1 million AI agents. They're all going to need security. They all have identities. They all have access to data. They all have access to workflows. And by the way, you're going to have to do introspection of what they did because you're going to need it from a compliance standpoint. There's no way Goldman Sachs is going to release a whole bunch of AI agents without security and without compliance, and that goes for every other company out here. So that's the big opportunity, and you'll hear more about that at Fal.Con.

Fantastic. Well, George, thank you. Please join me in thanking George Kurtz for the time.

All right. Thank you.