CrowdStrike (CRWD) - anyone interested?

CrowdStrike (CRWD) will start trade next Wednesday, on 6/12/19. It is a cloud-based SaaS cybersecurity vendor. Here is how it defines itself: “We believe we are defining a new category called the Security Cloud, with the power to transform the security industry much the same way the cloud has transformed the CRM, HR, and service management industries.”

CRWD is a hypergrowth firm. Here is a summary of the key metrics from its S-1:

a. Revenue growth rate:
Date Rev QoQ YoY
4q17 59
18Q1 71 20%
18Q2 90 27%
18Q3 113 26%
18Q4 141 25% 139%
19Q1 170 21% 139%
19Q2 208 22% 131%
19Q3 254 22% 125%
19Q4 313 23% 122%

b. Dollar-based net retention rate:
2017 2018 2019
103% 119% 147%

C. Subscription customers YoY growth:
2017 2018 2019
450(103%) 1242(119%) 2516(147%)

d. Free cash flow margin
2017 2018 2019
-123% -80% -26%


I am interested, more bc of the story, as endpoint is a very very crowded space.

But they take a ZS-like approach.

Where did you get the numbers from? They did $313m in last Q? Am i reading your numbers correctly?


Have they listed their competition?
First i hear from them and i do like their numbers

Hi, Dreamer-
Sorry, I misunderstood the numbers. Those are AAR (Annual Recurring Revenue), not quarterly revenue. The growth rates were thus miscalculated. The following are the correct annual revenue (in thousands) along growth rates (in parenthesis):
2017            2018              2019  
52,745 (NA)    118,752 (125%)    249,824 (110%)

The following are the quarterly revenues I calculated from the ARR (subtracting the AAR by the preceding one, starting from 18Q1):
Date	AAR	Rev/Q	QoQ	YoY
4q17	59	NA	NA	NA
18Q1	71	12	NA	NA
18Q2	90	19	58%	NA
18Q3	113	23	21%	NA
18Q4	141	28	22%	NA
19Q1	170	29	4%	142%
19Q2	208	38	31%	100%
19Q3	254	46	21%	100%
19Q4	313	59	28%	111%
1 Like

CRWD appears to operate in a crowded space, Major competitors:
Carbon Black, Symantec, Sophos, McAfee, Microsoft, Cisco, etc.

Here is the S-1:…


My question is still the same, what are they disrupting or doing differently then their competitors? The AV space is filled with great companies and I just don’t see them stealing that much market share specially with as high as their per seat price is. Here are my thoughts on them from an earlier posting.

There is no way this company will touch the SMB space with their price per end point. Also they are not the only ones doing crowd source out there. First there are smaller companies like AVG, VirusTotal, PolySwarm… then you have the larger companies like Symantec, Kaspersky, McAfee… These large Enterprise companies that work with the large AV providers all have dedicated contacts to a Engineer when a virus outbreak occurs and the companies AV admins have ways of submitting what they think might be maleware or virus related files to their AV provider, in turn it is crowdsourced as well.

Pricing per end point and is based on 7,15,30 days of event storage.…
FYI: These events are stored on the local PC by default along with a wealth of other knowledge.

1 Like

I am interested, the IPO is available for subscription, I have applied, and the documents are available for download, any broker who is offering should have the docs for download, E*Trade and Fidelity, both have docs available, I downloaded, also the company web site has the docs.


CrazieKids -

"My question is still the same, what are they disrupting or doing differently then their competitors? The AV space is filled with great companies and I just don’t see them stealing that much market share specially with as high as their per seat price is. "

How do you explain their >100% growth rate then? They are growing like weeds. However, I am cautious about getting in after checking the stock performances of their top competitors, i.e., the AV leaders by Gartner: Micro trend, Symantec, Sophos, etc. None of them performed really well after going public. I did not look into the companies. And Crowedstriks is not even listed as a leader. Something to consider.

"My question is still the same, what are they disrupting or doing differently then their competitors? The AV space is filled with great companies and I just don’t see them stealing that much market share specially with as high as their per seat price is. "

How do you explain their >100% growth rate then? They are growing like weeds.

This is the same rationale one could use to buy Zoom. Videoconferencing is such an old, dated technology. Then here comes ZM growing quick. What’s so special about them? The best I could determine is they built their system from the ground up to run on the cloud. They have video-first architecture. How long their advantage lasts, I am not sure.

Crowdstrike seems to be on the same path. They seem to be banking on cloud-based endpoint security. So with their numbers they are putting up, in a crowded, mature industry, how is that any different than buying Zoom that is also in a crowded, mature industry? Here is what their S-1 says:

With our Falcon platform, we created the first multi-tenant, cloud native, open, intelligent security solution capable of protecting workloads across on-premise, virtualized, and cloud-based environments running on a variety of endpoints such as laptops, desktops, servers, virtual machines, and IoT devices. Our solution consists of our single intelligent lightweight agent and our powerful and dynamic cloud-based database Threat Graph. These two tightly integrated proprietary technologies continually collect, process, analyze and correlate vast amounts of high fidelity data across the entire threat lifecycle using a combination of AI and behavioral pattern-matching techniques to stop breaches. We implement this approach by crowdsourcing data across our entire customer base and taking advantage of economies of scale, which we believe enables our AI algorithms to be uniquely effective. Our cloud-based AI is also automatically shared with every customer in our community in real time. We combine multiple methods of detection, prevention, and response to known and unknown threats as well as malware and malware-free techniques across the threat lifecycle.
Our Falcon platform integrates 10 cloud modules via a SaaS subscription-based model that spans multiple large security markets, including endpoint security, security and IT operations (including vulnerability management), and threat intelligence to deliver comprehensive breach
protection even against today’s most sophisticated attacks. Our single data model and open cloud architecture enable us and third-party partners to rapidly innovate, build, and deploy new cloud modules to provide our customers with additional functionality across a myriad of use cases.
Our cloud modules currently span the following categories:
• Endpoint Security: Our next-generation antivirus, EDR, and device control modules combine machine learning and advanced behavioral techniques to defend against malware and malware-free attacks, allow for continuous and comprehensive visibility and analysis of endpoint activity, and provide administrators with visibility and granular control across USB peripheral devices.

• Security and IT Operations: We offer modules addressing IT hygiene, scan-less vulnerability management, a turnkey response and remediation solution, as well as a threat hunting solution that is powered by a team of elite security experts leveraging Threat Graph.

• Threat Intelligence: Our threat research, malware search engine, and malware analysis modules provide automated assistance to review detected threats, conduct malware research, and detonate suspicious files securely.

We recently launched the CrowdStrike Store, which is the first open cloud-based application Platform as a Service, or PaaS, for cybersecurity. The CrowdStrike Store introduces a unified Security Cloud ecosystem of trusted partners and applications to our customers. The CrowdStrike Store allows customers to rapidly and easily discover, try, and purchase applications from both trusted partners and CrowdStrike without needing to deploy and manage additional agents and infrastructures or go through lengthy sales, integration, or implementation processes. The CrowdStrike Store allows partners to bring new security applications to the market and efficiently target our customer base. Leveraging our Falcon platform, partners can develop applications that address our customers’ needs without having to develop and support their own agents, invest in underlying infrastructure, or hire additional sales personnel. We believe the CrowdStrike Store will cultivate a rich, innovative, and trusted ecosystem between our partners and customers, increasing the overall value of our Falcon platform.
Earlier this year, we announced CrowdStrike Falcon for Mobile, the first enterprise EDR solution for mobile devices, which we expect will be commercially available later this year. Falcon for Mobile enables security teams to hunt for advanced threats on mobile devices while providing enhanced visibility into malicious, unwanted, or accidental access to sensitive corporate data, while protecting user privacy and without impacting device performance. Falcon for Mobile closes the gap between disparate mobile endpoint and enterprise defense solutions by leveraging our cloud-native platform and single-agent architecture.

Crowdstrike is nominated top EPP (Endpoint Protection) vendor according to Peer Insights.…

The link in that article also provides a link to the most recent Gartner Magic Quadrant for EPP, which lists Crowdstrike as a Visionary. Yes, it’s a very, very crowded space.…

Over the past year, CrowdStrike has fully replaced legacy endpoint protection suites, including integrated next-generation antivirus that uses advanced machine learning and behavioral analysis to supplant and surpass traditional AV in both efficacy and performance. Our business results and customer base have more than doubled. The company has expanded its global footprint with rapid growth in Europe, APAC, and Latin America. We are the only next-generation vendor offering the full spectrum of endpoint security capabilities, including next-gen AV, endpoint detection and response (EDR), managed threat hunting, IT hygiene, threat intelligence and vulnerability management — all fully integrated and delivered via the cloud using a single lightweight agent.
As the CEO and co-founder, I couldn’t be more pleased with this assessment of CrowdStrike by the industry’s leading IT analyst firm. I am deeply honored, and deeply grateful to our customers, partners and employees for their vision and commitment to stopping breaches.


Bad comparison I think to Zoom. While it may be “crowded” video has never reached its potential because the legacy for a number of reasons didn’t do it. Plus we are in the process of a generational and cultural shift to Video being a natural part of everyday communication.

So the potential for Zoom is not a zero sum in a crowded space. The market itself is far far from mature. The incumbent’s didn’t have something compelling enough to reach maturity. The curve never fully developed. Not so with Zoom.

Not sure if we can say the same about the market crowdstrike is going after or not as security software is already very mature.

But growing. There’s always a need to combat baddies in new and more effective ways. And boy is crowdstrike growing. So whatever they are doing it’s something in desire.


1 Like

CrowdStrike is a continuous innovation, meaning it allows customers to continue doing things exactly as they have been doing them, just CrowdStrike’s end point solution (which is basically just the anti-virus on your PC) does it in a manner that customers find to be better and easier. Thus the rapid growth.

CrowdStrike also does the same for the datacenter, which puts it directly in competition with the likes of Palo Alto.

Carbon Black, in contrast, that seems to pretty much do the same thing, is only growing in the teens.

So clearly CrowdStrike is doing something right. They will probably go out at $6 billion or more in marketcap, not $20 billion. But who knows what jump may occur thereafter once the shares open.

Not my place to be except in rare circumstances.

if I am to go with something new Anaplan and SMAR are the two I prefer. I am also looking at Stitch for change of pace. But mostly I will probably do nothing until something utterly compelling makes me want to do something.



Darth, do you have any stats that show this market expansion/demographic shift? Or is this vision? An analyst asked for something like this on the con call and Yuan didn’t really provide an example.

Even a study of video conference usage before/after zoom would be nice.…

My point was it’s not zero sum. Many companies already had a video solutions some sort or another. True, point stipulated.


When companies switch to Zoom they see an 85% increase in video usage because it’s simple, reliable, and works across desktops, mobile, and conference rooms. Consider some of the communications opportunities you can improve:

Zero sum is someone is paying us what they were paying someone else because our product is better.

Disrupting a not yet mature market is. Our customers switched to us and almost doubled the use of the product.



When companies switch to Zoom they see an 85% increase in video usage because it’s simple, reliable, and works across desktops, mobile, and conference rooms. Consider some of the communications opportunities you can improve:

That’s a very impressive number. It just goes to show how much better Zoom’s products are.


Zoom does more than video conferencing.

I started my own business a year and a half ago and have a basic landing pad Go Daddy website. After having computer issues last month, I contacted Go Daddy’s helpdesk to update the site. Any time AppleCare has helped me, they’ll screenshare and walk you through steps to correct the issue.

Go Daddy’s customer service person had me download Zoom. We shared the screen, but she took control of my computer. She zipped through several diagnostic analyses, figured out the issue (which was with my MacBook), corrected the problem, and then updated my website.

The whole process was impressive, quick and efficient. I bought a small 1% ZM position the next day. Should have purchased more.


Not that retail investors are likely to get in anywhere near this and after ZOOM and Beyond’s IPO performance I shudder to imagine where it will start let alone end however it has been priced at $34.

We will find out later as the IPO is today.



I shudder to imagine where it will start


This is crazy. The original offering is priced at $18~$20 and increased to $30 and finally priced at $34 and opening at $63.

Retail investors don’t get any shares allocated in the IPO.

1 Like

don’t pay attention to the offer price. That is a combination of marketing, rewarding long term investors in the company, rewarding clients of the bank, and getting the company some money. It has very little to do with what the company is worth.

They are presumably offering 20.7 million shares for a company that is growing over 110% and had 312 million of revenue with a gross margin of around 70%. They are showing good improvement in operating margin and have 90% recurring revenue and have 197 million in cash.

Every company out there needs endpoint protection…this is a huge market.

So anyways, what is all that worth? ZS has an ev/s of 35 but is growing 60% but with much better operational leverage. I’d say at this point crowdstrike probably can command a higher ev/s.

At a price of 63 that is ((63*20.7-197)/312 gives you an ev/s of around 41. Honestly, I think that could end up being pretty reasonable if the company keeps doing what it is doing.



Hey Ethan,

I might be reading this wrong, but the 20.7 M shares, are just the shares being offered.

In the S-1 in lists 178 M shares of existing shareholders. I don’t know how many of the 20.7 M are coming from existing shareholders, but there are at least 178 M shares if I am reading it right.

Anyhow I think you are right with an EV/S of about 40 if there are 200 M shares, but I don’t get that from 20 M shares, I get 4.


1 Like

Jim, you are absolutely correct. That is what I get for doing that from memory and in my head. I confabulated the share count and the ipo in my head. Thanks for clearing that up. I just checked, there are just about 200 million shares total…199.4 so the EV/S is still pretty much correct. Which is why I didn’t second guess my 20.7. Thanks again for catching and checking my post.

all the best,