CrowdStrike Holdings, Inc. (CRWD) Earnings Call Transcript & Summary

All right. Welcome, everybody. We're going to have a great act to follow here with CrowdStrike, but I'll read the disclosures first. If any research disclosures that you're interested in, please see morganstanley.com/researchclosures, or reach out to your sales representative. Delighted to have CrowdStrike here, Burt Podbere, CFO.

Maybe to kick off. We just had Sam on stage. How do you think about everything that Sam said, and how it relates to kind of all the security we're going to need to protect against that?

Meta, you said it right, they're going to need security. And we're here to help. Look, we have a partnership with OpenAI and others. And we're really excited about what we can do together. And we don't comment on who our customers are. But certainly, we have a lot of interactions with Sam and the team. So we're excited to see what the future holds.

All right. Perfect. All right. We're going to put on as good of a show. All right.

I'm here to help.

Exactly. So you reported very strong fiscal Q4 earnings on Tuesday this week. There were a lot of highlights. We saw EDR reaccelerate, continued strong growth across multiple growth pillars, strong traction with Flex. What were some of the most encouraging signs for you versus kind of expectations you had coming into the quarter?

Yes. So first, let me start off by saying that last year was one of the greatest years in our company history. Super proud of the team, super proud of being part of that team and really proud to have the customers that we have to make us who we are. And then if you dig down a little deeper, it really all starts with net new ARR. In Q4, $330.7 million, that's our biggest net new ARR number in company history. And for those who aren't familiar exactly with what net new ARR means for us, it's the one metric that's forward-looking that we give out. And it really talks to the health of the business. That's our metric. That's what we focus on. That's what the company rallies around. But there are other things that are important, too. And we had a couple of other records that standout for me and for many, non-GAAP operating income or our profitability. That was a record, right? So we did $326 million. Again, we're known for a company that does not grow at all costs, we grow profitably. And then our free cash flow. As a CFO, that's a number that I look at all the time. So for a record $376 million of free cash flow, really proud of the team, really proud of how we all rallied together and everybody in the management team is focused on those 3 metrics for sure.

Got it. I mean you were confident enough to raise your fiscal '27 ARR guidance from the 20% set at the Analyst Day. What were some of the drivers there? And a question we've gotten from investors is just, would you have raised it without some of the acquisitions?

Yes. So it would have been the same without those acquisitions. It would have been the same number. We disclosed what the acquired ARR was, and it was very small, $5 million to $8 million. And so -- for SGNL and Seraphic. And so we were really confident in being able to give out that guide for net new ARR for fiscal '27. I think it goes to, and it speaks to the momentum of the business. It starts there, right, with the records across the board from all different sizes of companies. We have broad-based demand. So it started there and then you saw that I talked about Q1 pipeline. So we had a record Q1 pipeline, 49% year-over-year. So those are 2 things that give us confidence as we look into the future, but it goes beyond that. Look at the numbers that we provided with respect to our emerging products, Next-Gen SIEM, Next-Gen identity, cloud, over $1.9 billion, growing at 45%. I mean, those are some of the signs to me that says, "Hey, our customers are really, really looking at things other than what we were known for, the Next-Gen AV." So it says that, "hey, we're going beyond what we've -- and doing well on products that were essentially the older products that we had brought out." So that gives me a lot of confidence in terms of being able to put out a guide like that. And some of you may not realize, but that's the first time we've ever guided a specific guidance to net new ARR. And I think that goes and talks to the fact that we really are trying to be more transparent with our results and how we think about the business. So between the momentum in the business, the product performance and also our Flex, right? Flex licensing, if you think about it, it's not a new product. It's not a new TAM. But you know what, it really matters, right? To be able to offer a customer with the ability to acquire our technology easily, seamlessly, flexibly, that really matters. It takes out the friction in the sales process, which is huge. And when we came up with the Flex licensing, the success is also driven -- you can see with everybody else, you are coming with -- all these other companies coming up with their versions of Flex because it's working. So really proud to see all those numbers. And then you look at within Flex, and you see we have a person or a company who will engage with us and they'll do a first Flex license. And what we've been tracking is, well, how long will it take before a customer comes back to the [ well ] and say, "Hey, we want to re-Flex." And we've given some data on that, and the data is strong, right? And I think we gave out a stat -- now that I think, we give out a stat on companies that are re-Flexing multiple times, almost 100 customers have re-Flexed multiple times within that same original contract period. And so all those signs gives me a lot of confidence to be able to give a guide the way I did.

Okay. Perfect. We'll dive more into Flex in a second. But maybe to just kind of talk about some of the bigger thematics that have been going on within cyber right now, you and George addressed this on the earnings call, but just can you talk about how you have seen this AI disruption of cyber kind of come through discussions, and how you guys think about where that misjudges kind of the market?

Yes, it's a great question. And for us, when we think about it, there are really 2 different types of companies. One type of company would be the ones that have an exponential vulnerability to AI, and the other one is companies that are going to thrive. And those are the companies that have data moats. Those are the companies that can use AI to accelerate. We've been thriving with AI. You saw our results for last quarter. You don't have to go further than that. But why? Well, we're a net data creator. We create data. So we collect data. We curate data. We're the folks that use that data as a backbone of our business, and certainly, we can use AI to accelerate what we do. When you think about AI, AI is created with GPUs. CrowdStrike secures that AI. And the big picture for us is that, "Hey, AI is great for a lot of things." You heard Sam up here. There's a lot of things that AI can do. Their AI is really good for reasoning, right? You can do incredible reports really quickly, gathering all this information, and it's fantastic for that. But when you're thinking about cyber, you need to be completely accurate and you need speed. And if you don't have both, you don't get a second chance, right? And so, for us, it's more than just the technology. It's the support systems, it's the testing, it's the trust, right? You've got to trust your cyber professionals. And for us, we've been in the business a long time, we've been able to curate an incredible team to be able to work with our customers, build that trust. Tough to build trust with AI when sometimes you're -- you get a lot of -- in security, for security purposes when you're thinking about false positives. False positives, the name that you're probably all familiar with is hallucinations. You can't ask AI to -- something and you get 3 different answers, right? It's just -- that's not what it was built for, right? So we have been able to benefit from other changes in the environment, like the hyperscalers. Remember when they all came out and they were talking about security within the hyperscalers. Well, look at our cloud business, right? It actually was a huge opportunity for us. Our cloud business, $800 million, growing 35%. Those are fantastic numbers. And it was generated from something that was going to change the world, and it has. And at first, we're running against the same things that we're seeing with AI, right? AI is going to dismantle a lot of SaaS companies. They said that with the hyperscalers. And it was an accelerant for our business. So we draw the parallels between the 2 so we give people an understanding of how we think about it.

Got it. Just the other question that we've been getting is just the, well, when does it become material that we can see it? I know you guys had a number of strong stats within the quarter in terms of what you were seeing as far as AI security. But when do you guys think about it being a material catalyst for the business?

Yes. Today, it is from the standpoint of the following. So number one, we use AI and agentic AI even in our product set today. So for example, we've -- in our exposure management. So if you are running Windows, pick one, 10, and you want to know if that version has the latest patch, you can use Charlotte, which is one of our AI tools, it's an orchestrator, to identify how many of the machines have the latest patch and it'll tell you. And then if you want to go beyond and say, "Hey, Charlotte, can you patch this?" So Charlotte, along with some of our other technologies, for example, Falcon for IT and others, can patch it for you. So you can see that it's already built into the product set. And then you have specific things that we look at in terms of how is the adoption going for some of our AI tools? Charlotte, so last quarter, we gave out the fact that Charlotte has 6x the utilization year-over-year. It's also 3x the ARR year-over-year. So we're seeing signs that -- even on specific products that things are moving in the right direction as well as AI VR, which is our AI detection and response product. We just had it in the market for just a few weeks, and we saw a 5x quarter-over-quarter growth rate. So we're already seeing the momentum ourselves with our AI tools. And I think a lot of people don't even -- don't realize that CrowdStrike was built on AI. In my day, it was called machine learning, right? And then we were doing agentic AI years ago. So we were on the front edge of doing all this work with AI, and it's really helped our business.

Got it. Okay. I want to go back to just another tailwind for the industry, which is just kind of this platformization versus best-of-breed. Just how do you think that, that -- like if you think about companies consolidating down to a right number of vendors, how do you -- how is that discussion going on with customers in terms of what you can bring to them in that conversation?

Yes, I love this question, right? So since the dawn of time, what do customers want? They want the best outcome at the cheapest price. That hasn't changed. And so what our platform has been able to enable is just that, right? So we feel we're the only pure-play cybersecurity company with the singular platform, right? We have 1 sensor, we have 1 console, and we have 1 platform, right? We don't have any integration tools. We do it all for you, and that's our customer promise. So we would go to our customers and say, "Hey, look, we have this opportunity to not only give you the best outcomes, but help you consolidate on us for a variety of things." And that matters, right? So if you have disparate different technologies and they all have to work together, guess where the adversaries go, right there. They're going to look for those weak links. They're going to look for those stitching that you're putting together. They're going to go right to that stitching and go attack. But if there is no stitching, my arm is attached to my body, there's nowhere to attack, right? So we feel that that's the right approach. And clearly, it's been successful. So the consolidation tailwinds for us, I think, are going to continue for quite some time. And I think they're going to win. I mean, if you've got a crystal ball, maybe I think there's going to be maybe 3 or 4 full security platforms that exist, of which endpoint would be the center. So that's how I think about it. And customers seem to be gravitating to it. And then you throw on the ability to purchase our technology easily with the Flex. And it's just -- it goes hand in glove. And so we're getting the -- we're seeing the momentum when we talk about our platform being the platform of choice. It's because of all these things that I've just described that make it work.

So you mentioned Flex being a reason why you have kind of more confidence in the business. It grew ARR 120% year-over-year. Can you just talk about like when customers are coming back to re-Flex? Just what is it -- where is it that they just start experimenting with more products? Is it that they're getting tons of usage? Just what is kind of bringing them back? And then how do you think about the -- why not just kind of convert everybody to a Flex model?

Yes. Great stuff. So a big accelerant to the re-Flexing is Next-Gen SIEM, right? They've used it. They want more of it. It's the backbone for companies in terms of their data. And we're -- we brought something to the market, which has just been so well accepted, so well received because it works, it's fast, it's less expensive than some of our competitors. All those things matter. So that's a big part of it. And then it's about how we flight our products. We have 33 different products that somebody could buy. And so basically, what Flex is able to do is it's like, "Hey, look, you have the whole book ready for you. You just pull it down, however you want, when you want." And so when you've got -- it's like anything else, when you bought a suite of things. It doesn't have to be technology, you bought a suite of different things, and you paid for it. You want to make sure you're getting the maximum value out of what you paid for. So you're going to try this and you're going to try that and you are like, that really helps, and that really helps. And then you get the viral effect of 3 things being able to do the work of 5. And so for us, we've made it -- we flighted it in such a way that it allows customers to, in the apps, try other things. So why are we seeing such great results from our re-Flexes is because they are doing that, exactly that. They're trying different things, they're recognizing that, "Oh, I didn't realize you had that." This is today one of the biggest fights I have -- it's not fights, one of the things. I'm on a crusade with all our customers to educate all of our customers about some of the things that we have. So we have 33 different modules. So granted, that's a lot of modules. And oftentimes, when I'm meeting with customers, I get the look, "Oh, you actually have that?" And I'm like, yes, we've had it for 2 years, right? Because they were only focused over here. And so what I try to do and what the sales team is trying to do is to educate our customers with respect to all the different features and functionality that we have. And that's also aided in the ability to see the re-Flexing. In terms of Flex and where it's going, look, we've told the Street, we've told our own sales team that Flex is the future. So starting this fiscal year, fiscal '27, if it's not a Flex deal, you need to actually get an exception from management. There has to be a specific reason why you don't have a Flex deal. And so we're building that into -- we built it into our processes so that it's got to be something like myself or George or our President, Mike Sentonas, that's going to have to give authorizations, or a few others that have to give authorizations. And so if you're a sales rep, you're going to go, okay, I don't want to go through that, right? That's not something I want to do. So I'm going to go after Flex. Oh, and by the way, my colleagues are making a bunch of dough, right, I am selling Flex, and by the way, my customers love it. So it's a win-win-win. And that is a recipe that's really hard to create.

Yes. Okay. Perfect. I mean maybe just going to the core for a second -- or not the core, but just the center of endpoint. You've talked about endpoint security as seeing reacceleration in past couple of quarters driven by AI demand. Can you just talk about kind of some of the underlying trends, and where you're kind of seeing this reacceleration take place?

AI is a big fundamental shift, right? And it's using AI at the edge. One of the things that I've seen in this year is we've had customers that are still -- big customers that are still on legacy AV. I'm out of my mind, right? You're a Global 2000 whatever, and you're using that? Are you kidding me, right? And so it's just a matter of time this time bomb is going to go off, you're going to get hit. And so the amazing stat is that from monitoring the endpoint, there's still 50% out there that's with legacy AV. And we're scratching our heads going, how could that be, on the one hand, on the other hand, let's attack. Okay, we're going to go after those, and we've been super successful with that. And now with AI, the -- obviously, the attack surface has completely changed, right? There are so many new attack surface areas using AI to be able to attack that the old legacy technologies just can't keep up, right? The speed of which attacks are coming in is in multiples from what it was because of AI. So you got to think about the adversaries. They're going to leverage every single piece of technology to be better, stronger, faster than any company can prevent. So you need to stay ahead of that. So if you're on a legacy technology, it's only a matter of time before you're going to get hit for sure. And so that's why we've invested so heavily in AI. And that's why our product set is laced with AI everywhere. And for us, we see that as a future and not an accelerant.

Got it. I mean, just how have you seen competitive dynamics shift over the last year? Competitors are not standing still. Everybody has a platform. Everybody has a Flex now. Just what is -- how is that changing the competitive landscape?

Yes. We announced this partnership with Microsoft, right, to be on the Microsoft Marketplace. And this is amazing to me. Being at the company now in my 11th year, I never thought I'd see the day when Sachin will be up and talking to my sales team, right, about how to use the marketplace. So today, we have zero going through Microsoft. We have 1.5 billion going through AWS, right? Now we've done a lot of work with AWS to flight it, to make sure it's used appropriately. And with Microsoft, they have this Microsoft Azure Consumption Commitment, right, that you can use for CrowdStrike. I never really thought I'd see the day that, that would happen. But here we are. So it's better together and ultimately, who wins? The customer, right? So between Sachin and George, they've been able to work through the competitive aspect of it in certain areas to carve out what's best for the customer.

How do you think that, that Microsoft relationship kind of ramps?

Yes. I mean we got 1.5 billion going through AWS. So I think the Microsoft folks who are running the Microsoft Marketplace, they're going to want to see that as well. But not only Microsoft, like you think about all these GSIs, right? They're looking at that number and going, "Wait, we have an opportunity to go do something like that?" So anyway, it's a lot of tailwinds with respect to the partnerships. So I talked about Sam, who was up here earlier and others. And we feel that, that dynamic is really changing the competitive landscape about who's going with who, who's associating with who. And they're just becoming -- for us, they're becoming less and less competitors that we're seeing, right? So now, obviously we talked about Microsoft. By far, they're our biggest competitor, right, if not close. But then you have others who are kind of in our space. You have Palo doing some things and some others, but that's pretty much it. There's not much else out there.

Okay. Perfect. I mean, Next-Gen SIEM has been a home run for you guys. It grew 75% year-over-year, over $500 million in ARR scale. Just how are you seeing being able to improve that product, being able to differentiate that product and kind of give this kind of SecOp solution that customers looking for?

Yes, it's been a home run, and I was involved in the transaction way back when, when we bought this company, Humio, and saw the potential that rested in that. And we built our Next-Gen SIEM based on that technology. And I think when you look at the technology and you're scouring the world, we got great folks who understand technology. We saw something a little different there. We saw a company that can really do what it does at scale. The speed was incredibly fast, and just the way it was designed, the architecture was very different than anything that was in the market. And we said, okay, well, if we can get to a faster response for asking queries, and if we can do it at a cheaper level, this is a home run for our customers. And we were able to do that. And a big piece of the architecture is that it was index free, right? So the timing was incredibly fast versus some of the legacy SIEM vendors. And so for us, we've been able to showcase why it's faster, cheaper and you can log everything. Like if you're using one of the legacy technologies, it's expensive to log everything, really expensive. So customers were not. And so there were a whole bunch of logs falling on the floor. And so at first, when we were out there going to go, okay, well, the 20% that's falling on the floor, we'll take that, we'll log it for you, and it worked. And then it's like, okay, well, we're doing the 20%, let's go for the rest. And when you think about SIEM, and you think about where the data and security data comes from, 80% of our SIEM, the security comes from us, comes from Falcon, and then first party. And then you've got 20% from a third party. So we've made it really attractive on pricing for the first party, like sometimes it's free. And then you pay for third party. And so that competitive advantage has really helped in terms of the cost structure.

Got it. I mean you had the Onum acquisition, just how do you see this kind of conversions of SIEM, observability, security analytics? We've seen Palo do acquisitions as well that kind of around this convergence.

It's really funny. Their acquisition of Chronosphere, the Humio technology that I talked about, that was the backbone for Chronosphere back then, right? So we have what it takes to do a lot more in observability because of the technology we have. And we're just being really thoughtful about how and when and all that kind of stuff that we -- before we bring it to market. And it's also going to stand up to the customer promise, which is we're only ever going to have 1 sensor, right? And so that all takes work to flight it and make it enterprise grade. And so for us, we have that ability to do it. And so we're excited about what we can do in that space. And for us, I think the Onum acquisition was really, really significant in that, if you're not familiar with what Onum is, it's basically a highway, and it delivers data from Depot A to Depot B. And for us, we saw a technology that not only did that, but also did a detection on route. So by the time it got to the SIEM, you'd have already filtered out so much data and understanding to make your SIEM, again, more cost-effective. So Onum is an accelerant to our Next-Gen SIEM. And that's why we went after it. And now not only do we have the data, but now we control the routes of where the data is going. So it's been a really, really powerful combination, adding Onum to our Next-Gen SIEM, and you're seeing the results.

Right. I mean cloud security, another strong area for you guys, $800 million ARR in the last quarter, growing 35% year-over-year. I think you mentioned that earlier. Just we've had the acquisition of Wiz by Google, or pending acquisition. Just how do we see kind of opportunities for competitive displacements in the market?

Yes. So when you think of cloud security, I'll break it down in the simplistic form. One is, you've got run time, which is Crowd Workload Protection, which we have. You need a sensor for that. And then you have cloud, then you have a nonagent, right, where you can do things like reporting, compliance. This is where companies like Wiz and others have kind of made their forte. Our belief and our strategy is you need both. You need the run time and you need the compliance side, and we have both, and we're investing in both. And over the years, we've invested in ASPM and DSPM, and we've got a lot of technology around cloud. That's why you're seeing the $800 million. It's because we have all these different cloud technologies that work as one. Again, it's our brand promise, right? And customers are getting a tremendous amount of value from what we're able to provide from visibility in the cloud, to detection in the cloud, response in the cloud, run time, real-time, these things actually matter. In security, nanoseconds matter. And if you're not built for it, you're not going to stop it. So we feel pretty good about our strategy. We feel pretty good about how we're able to do work with both the sensor and the nonsensor, and we're going to continue to invest in that area.

Got it. Just rounding out all the different categories you guys have. On the identity side, again, over $500 million of ARR, growing 30% plus year-over-year. Just where does that fit in? We're going to have other identity people up here later on in the day, just how are you thinking about building out that kind of fuller identity platform? And does it expand beyond identity to kind of a more fulsome platform?

Yes. I love what we've done with identity. I was there when we purchased our first identity product, Preempt. And that was a home run for us, not only from the technology, but from the people. We still have the founders in our company all these years later. That was the foundation, right? And then we said, hey, there are 3 parts to identity. There's the identity creation, that's Microsoft. We're not going to do that. Then you have the identity brokering, right? That's the Oktas and Pings and that's not in our focus area. And then you have security in the identity. That's us. So Preempt was our first. And then we started adding other different pieces. We've got a PAM offering, just in time credentialing, right, which is the modern PAM. We're not -- we didn't build this thing on vaulting, which is actually fairly easy to do. So -- but you can see where we're going with that. We also acquired Falcon Shield. We call it Shield now. And that's identity for the applications, the machines and the non-machines. So what we've done with our identity protection is enterprise grade and a big piece of our technology. And when you think about it, right? When you think about our earlier discussion on AI and where AI is going, when Anthropic announced their AI tool, it was talking about vulnerabilities. And even if you took out all the vulnerabilities in the world, took them all out, and it wasn't an issue, companies are still going to get breached. There are many, many other ways that adversaries are going to get in. Identity is another one, right? So if you have a strong identity platform, you've now taken off another, or reduced the risk in another area of attack. And so you need identity in security, you absolutely do. It's a fundamental pillar. And we're going to continue to invest in our identity products to make sure that we're on the front lines of this thing, right? And for us, obviously, there's the vulnerability, sure, but that's a small piece of what you have to protect to stop a breach.

I mean maybe a question on the AI security portfolio that kind of wraps into you guys wanted to have this 1 platform, no stitches as you were kind of describing earlier. That's led to a lot of kind of smaller acquisitions. Just how do you see kind of the AI security piece of the portfolio growing? And just how do you see kind of the acquisition strategy of CrowdStrike evolving?

Yes. Number one, I think you're all seeing that the velocity of our acquisitions has increased, and I love that. I think that we've got a war chest of cash, and I think the highest and best use of that cash isn't sitting in the bank getting whatever 3%, 4%, it's definitely applying it to investment in R&D and certainly on inorganic activity. We've been really successful in buying great tech and great people, right? And then putting our distribution on top of that and you see the inflection. We've been really, really successful at that. So to deviate from that would take something exceptional, right? And we're doing so well, why would we go and buy something that's completely transformational when we're already transforming everything in what we're doing. So it would have to be kind of like I look at it as a deal of the century. But I rely on our CEO, George Kurtz; and our President, Mike Sentonas, to kind of bring thoughtful enhancements to our platform. So I have the money for it, and I can go raise a bunch even through your bank to help me do whatever we need to do. But right now, I love our success in buying great tech and great people.

And then maybe just -- we've mentioned a whole suite of products, you have Flex. Just how -- any -- you've made some investments kind of in channel to kind of better sell all of these products. Just how are you finding the most effective way to sell these products through the channel or just channel optimization that you made it to do?

Yes. We've got a great leader in our channel, our Chief Business Officer, Daniel Bernard. And he's just transformed how we think about the channel. We're a channel-first company, so part of it is incenting the channel in the right way. We had a CCP program in place, and the CCP program was basically incentives for our customers, and it really, really worked. But we did it for partners, too. And we saw the success. And so we're going to continue with that -- with some of those programs and making sure that the channel, when they're seeing a customer, the first product out of their bag is CrowdStrike. That's our mission, right? Unless they're exclusive, and there is no other cyber product, which we always want. But for those that are some of the larger ones that are not exclusive, it's about how do we make sure that CrowdStrike is the first out of the bag.

Right. Okay. So we spent 95% of our time talking about kind of ways to enhance the top line. Just -- we'll end with the CFO question of just what does this all mean to the bottom line?

Yes. So we've got that long-term target that we -- out there, and it's my kind of North Star. So what are we doing to make sure that we are able to hit those targets? Well, we are well on our way. It starts with gross margin, right? So we had a record gross margin quarter in Q4, 81% on subscription non-GAAP, and that's hard. Moving the needle on gross margin is really hard. What have been able to do? We've been able to optimize some of the public clouds that we leverage as well as our own, right? We've migrated certain things over that made sense. And then our scale. When you're able to consume as much as we do, you're going to get a better deal when you're talking to some of the hyperscalers. You're going to get a better deal. We look at ways within some of the hyperscalers, what's the most economical way to do it? For example, in Amazon, they have something called West 1 and West 2. West 2 is in different geo, a little less expensive. So okay, let's put more of our customers over to West. So it's little things like that, that add up. Look, I'm looking for 0.1% at a time, 0.2%, 0.3% would be fantastic in a quarter. That's where I'm going. But if I continue to do that, I'm going to get to where I need to be. I'm not far from my long-term model, by the way. So I only need a few of those to get me there.

Okay. All right. Perfect. Well, Burt, congratulations on a fantastic quarter and a fantastic story.

Thank you so much, Meta. Thanks, everyone.