Crowdstrike Fal.Con 2021 starts

Going back to the earlier discussion of people trimming or selling out of Crowdstrike (CRWD)(…), I mentioned that they had an event coming up this week where they might make announcements. Fal.Con 2021 began today and ends Thursday.

Today’s big announcement seems like a direct return volley to Sentinel One (S). Here is the main news from today:…. Crowdstrike has announced new and/or deepening partnerships with Google Cloud, Okta, ServiceNow, ZScaler, and six other companies in the space to create the CrowdXDR Alliance.

Kurtz says of this new Alliance, “Through this alliance, we will enable an out-of-the-box integrated XDR solution with real-time detections and threat hunting across all domains and extend comprehensive visibility, protection and control across all environments.”

I read through the announcement several times, but this is not my area of expertise by a long stretch, so I began poking around to see if I could find some other analysis. I found the following video by Eric Cuka, who often does things for TMF. Eric, who has experience in this space, has recently done deep dives to compare Sentinel One and Crowdstrike; and his take in that video was really helpful to me.

Apparently XDR is a newer and better solution to cybersecurity than the EDR platform Crowdstrike has been built on. Sentinel One’s technical advantage over CRWD has been that Sentinel One is XDR and Crowdstrike is the old EDR. Today’s announcement that CRWD is not only doing XDR, but is joining with many significant partners for a compounding cybersecurity alliance to do so, takes away the main technological advantage touted by the sales team at Sentinel One.

Kurtz also throws in the jab that the best way to do XDR is to build it on top of a native EDR platform. Maybe hype, but Kurtz is clearly not taking the Sentinel One threat sitting down.

Eric Cuka also mentions that Crowdstrike already has a partnership with Cloudflare (NET). Since Cloudflare wasn’t in today’s announcement, I’m wondering if there might not be something on that front coming in the next two days of the event.

I hope we have some cybersecurity whizzes on this board who can better speak to the impact of the new CrowdXDR Alliance, but it seemed like a big enough deal to me that I un-trimmed my CRWD position and added to ZS on the news.



Also, Kurtz on Crammer tonight talking about the XDR and partnerships.…

Talks about “stale” platforms trying to string together old technology and platforms to create XDR, but real XDR has to be grown from and EDR base and then add on AI and advanced analytic and have it seamlessly work on identification of advanced threats. The “R” is for response.

They announce a partnership with Google-cloud today.

XDR is a revolutionary approach to looking at these threats (e.g. China) and stop breaches.



My concern with going toe-to-toe with Sentinel is margins. CRWD gross margins are 73.9% in line with OKTA (72.1) PANW (70) and Fortinet (77.7%). Sentinel is at 55.5%. Maybe the entire industry’s margins will begin to contract, but that’s not the greatest news.