Crowdstrike and SentinelOne: different approaches to become a platform

It’s interesting how both our cybersecurity companies are taking different approaches to becoming a platform company.

SentinelOne is planning to become a cybersecurity platform with its Singularity XDR, with offerings in endpoint, cloud and identity. A tweet on Oct 5:

On the other hand, CRWD is planning to be an enterprise IT platform, offering data observability (from Humio acquisition in 2021) and IT ops.

Some other notes from the article below:

  • CEO Kurtz: “I would say down the road, we will be known for more than just security.”

  • Kurtz reiterated his plans for CRWD to be the “Salesforce of security

  • Kurtz also said application security is another future area of interest.

  • Kurtz on Microsoft Defender: “I’m not saying they’re not going to win deals. Because they’re Microsoft, sure, they’re going to win some deals. But we do see deals boomerang back our way when someone has an issue. Many of the breaches that we actually respond to [are for customers with] Microsoft endpoint technologies in use.”

  • CRWD’s single-agent architecture requires fewer staff to operate and has a lower impact on user devices. Translates to better performance and less use of memory. Hence, “we are significantly cheaper to operationalize than Microsoft.

  • Defender’s advantage is MSFT’s large customer base and bundling of Defender into higher-tier Office 365.

  • According to Wolf Research’s analyst: “CrowdStrike’s “first-mover” advantage in endpoint detection and response is a huge one, and its brand awareness is virtually unmatched in security, probably on par only with that of Palo Alto Networks,” and “the CISO (Chief Information Security Officer) has to have a good reason to not buy CrowdStrike.” and " While some smaller challengers, [chiefly SentinelOne] have made headway in the endpoint security space, they have an uphill battle,"

  • CRWD’s endpoint market share: 12.6% in 2021. Growth: 68%

  • MSFT Defender endpoint market share: 11.2% in 2021. Growth: 82%

  • In areas outside of endpoint security, CrowdStrike doesn’t yet enjoy the same stature. But in some areas, such as identity security, it’s on track to get there quickly. During CRWD’s Q2, subscriptions to the company’s identity protection module doubled from the previous quarter.

After security, CrowdStrike CEO eyes observability, identity - Protocol.

Twitter: @CompoundingCed


Thanks for the link Cedric,
My favorite quote in the article was about Crowdstrike from a Gartner analyst.

*CrowdStrike offers a number of managed security services as well, which the vendor was quick to recognize as an important option amid the cybersecurity talent shortage, according to Peter Firstbrook, vice president and analyst at Gartner.

“CrowdStrike actually perfected this,” Firstbrook said. “They ran into this roadblock early. Customers said, ‘Look, this [technology] is really cool. But we don’t have anybody that can manage it.’”*

This does sound like Crowdstrike is becoming what Kurtz, CEO/Founder, has promised, the ‘SalesForce of Security’.