Crowdstrike: New Look at its Competition

Crowdstrike: New Look at its Competition

BriansMot’s post really was excellent. It made me think and look at the competition from an entirely new angle. Here’s a link to his post if desired, and a big thanks to Brian, and I’m using a lot from his post.…

SentinelOne has been competing in the same space for more than 8 years.

Over the last year Sentinel grew revenue at 127% compared to Crowd at 71%. However, Sentinel was working from a significantly smaller base:

Last quarter Sentinel grew revenue from $20.7million to $45.8 million yoy… (121%)

Last quarter Crowd grew revenue from $199 million to $338 million yoy… (70%)

So, that quarter Sentinel added $25 million in new business … but Crowd added $139 million!!!

Thus Crowd added five and a half times as much new business as Sentinel did !!!

Putting it another way, looking at the total of the new business the two of them signed, Crowd won 85% of it, and Sentinel won 15% of it!

It really doesn’t seem as if “Sentinel is eating their lunch.”

This also puts a new light on Crowd’s competition with Palo Alto. Here the positions are reversed, and Crowd is the fast growing upstart. And it’s clear in the same way, that Crowd can keep growing rapidly (as Sentinel is doing) even if Palo Alto grows way more dollars. There may be plenty of room for all three to do well.



Putting it another way, looking at the total of the new business the two of them signed, Crowd won 85% of it, and Sentinel won 15% of it!

Tacking onto this, Kurtz says there are plenty of prospects out there. They have 13,000+ customers but legacy competitors (e.g. McAfee, Symantec) have over 100,000. So, seems to me plenty of runway left, as long as they continue winning new business like this.



SentinelOne vs. CrowdStrike – Which Stock Should You Buy? Round 2!
October 7, 2021

…The common argument for SentinelOne being superior to CrowdStrike deals with artificial intelligence, which eliminates the need for human analysts. CrowdStrike must have been listening. On Oct. 5, CrowdStrike and UiPath (NYSE: PATH) announced a strategic partnership to enable robot-led processes in order to improve visibility, enhance protection, eliminate human intervention, and accelerate response times. This partnership provides unique capabilities for customers, and it fills in missing AI functionality. Does this make CrowdStrike the clear leader, or will SentinelOne take the crown?…

Nice partnership.

Best, kevin c


Perhaps this thread was meant to be more specific than to include future threats to Crowdstrike. For those keeping an eye on the future…

When will the existing capabilities of Cloudflare and Zscaler move to End Point Protection (EPP)is speculative. How they’ll do it is much more clear.

Competition with Cloudflare?
The potentially game-changing Remote Browser Isolation features. I had previously mentioned that I wanted them to scale this into consumer-level service, but you can see the limitation why that is difficult, being container based. I hope to see this get retooled into an architecture that can better scale. Talk aboute “making a better internet” – how about an Internet that cannot touch you?

Competition with Zscaler
They expanded their platform with Zscaler Digital Experience (ZDX), announced in Nov-19. It provides visibility and introspection features to allow enterprises to triage issues impacting their users while using this platform.
This allows customers to proactively measure and benchmark the digital experience of every user across the platform. It again is handled by the Zscaler Client Connector, so is a very frictionless product addition for any ZIA or ZPA customer. The agent helps proactively monitor every user device within the organization for any user experience issues, tracking telemetry data about the traffic as well as real-time device health info (CPU use, memory use, processes running). [Which is starting to border very closely to EDR, and EPP wouldn’t be a difficult move with their existing “beach front access” with their installed agent combined with their existing malware & threat protection features in ZIA… but CrowdStrike remains a vital partner at the moment, so not sure this is on the horizon.




End point protection is one of the oldest and more crowded markets in technology. Today, Microsoft and Crowdstrike lead the pack, according to Gartner Magic Quadrant. The reason this is important is because no CIO from Fortune500 company buys any tech tool that is not on the Magic Quadrant, preferably as a leader.
Look at how many competitors CRWD can get market share from. Out of CRWD and SentinelOne, I know VMware Carbon Black also uses AI and behavioral techniques to identify and block malware spread. It was a more common player before VMware acquired it in 2019. Kaspersky kind of started behavioral antivirus almost 2 decades ago, but I don’t know their tech today.

May 2021 magic quadrant:…

August 2019 magic quadrant:…

Plenty of space to grow for CRWD. And being an insider, I saw one of my customers buy SentinelOne recently, some Carbon Black, and the majority Crowdstrike. The traditional vendors are having a really hard time wining net-new deals. Most of their business is renewals (incumbency is an enormous deal in software, since changing requires major spend and disruption).


One of the toughest skills to learn and apply when using the approach from Saul’s Knowledgebase is not falling in love with a successful position and thus holding it too long.

So I carefully read Zoro’s “Why I Trimmed CRWD” post and BriansMot’s response yesterday.…

This morning, I was very interested in the recent TMF video SentinelOne vs. CrowdStrike – Which Stock Should You Buy? Round 2 by Eric Cuka (TMFFiredUpWealth)…

Here are my notes from the video, plus a few observations.

With a market cap of ~ $13.6B, S (SentinelOne) had $45.75M in revenue for the last quarter for an 82 P/S Ratio versus CRWD’s (CrowdStrike) ~$57.13B market cap with $337.69M revenue and a 49 P/S. (3 – 4 minute mark)

Rule of 40: S = 22% vs. CRWD = 107%

Net Dollar Retention: S =129% vs. CRWD = 125%. (5:45 mark)

CRWD is expected to grow at ~mid 60’s CAGR which is half the growth rate of SentinelOne (5:58 mark).

One argument for S is that CRWD does need human analysts whereas SentinelOne is AI which makes it easier and faster to customize, especially for companies that still have physical servers on premise. There are companies with a hybrid model with both cloud and on premise physical servers, so S has an advantage over CRWD with those.

However, the announcement that CRWD and UiPath(PATH) are partnering suggests that this argument may not hold up in the near future.

UiPath and CrowdStrike, leaders in their respective fields, are the first RPA and Endpoint Security vendors to come together to extend endpoint security to RPA

It appears that CRWD has heard the number one argument for S over CRWD and responded in a way to give them an advantage over S (Someone with more technical expertise and experience in these fields would need to verify this). Evidently, companies will be able to eliminate the need for human intevention with CRWD’s endpoint security.

RPA makes it easy to build, deploy and manage software “robots” that emulate human actions interacting with digital systems and software, bringing scale, speed and consistency for improving business productivity and accelerating digital transformation.…

A number of companies already use CRWD and PATH or both, so they should have strong reasons to use both in the future, and companies currently using only one now have incentives to use the combination.

Both CRWD and PATH are leaders in their fields. On the Gartner Magic Quadrant chart, CRWD is ahead of S in both “Ability to Execute” and “Vision,” although both companies are in the “Leaders’ quadrant (9:50 mark). PATH is the leader in its field on the Gartner MQ (14:15 mark).

Although S is growing almost twice as fast as CRWD, Eric Cuka has a hard time seeing path to profitability because S is burning cash and currently spends more on R&D than anyone, including CRWD. He sees a more solid path to profitability for CRWD. (20:20 mark)

The sector is highly competitive, so there is no real moat, but CRWD has more customers and is more well known. There is huge secular growth in cybersecurity and CRWD is probably the best of breed. Both clients and developers seem to agree that CRWD is best.

SentinelOne may have more potential for growth, but there is more risk as well.

Eric also notes that S is even more expensive than Snowflake (SNOW) (11:00 minutes) even though SNOW has more of a moat than S because of the competition in the endpoint security sector.

Based on the video comparison along with BriansMot’s reply and Saul’s expansion on those points in this thread, I am comfortable with CRWD at ~9% of my portfolio versus trimming it at this point.

[As an aside, earlier this year, I did sell out of or trim positions in PINS, PTON, TDOC, and ZM in order to buy UPST and LPSD and add to CRWD, NET, ZI, and DDOG, so I am learning to be more agile thanks to this board].

In evaluating my CRWD position, I seriously considered Bear’s observation in the previous thread that It’s simply a company that’s had years of hypergrowth but has gotten to the point where its valuation and its deceleration are going to have to fight it out. That typically leads to a stock going sideways, especially when the market cap is over $50b or so. That’s what we’ve seen with Twilio and Docusign in the last 12 months (or more). The fall from grace from hypergrowth to GARP (growth at a reasonable price) can be a more jarring rerating than most folks expect – not that it necessarily comes with a great deal of downside – just a lot of opportunity cost.

For now, I’ll wait until the next quarter to see how CRWD and S compare, and look to see how much the PATH/CRWD announcement affects CRWD’s growth, especially to see if the QoQ growth decelerates or accelerates.

All the best,



McAfee, Symantec. etc probably have a large number of individual users, and I understand Crowdstrike is going after business users. I switched to Macs years ago but when I used a PC these anti virus venders were a PITA.
Security is an ongoing problem ,and modern active cloud based cybersecurity solutions still have a very large market. Owning several with different approaches (CRWD and ZS for instance) is the way I approach it, since over a quarter or two different growth rates may vary, and might just be random. It might be worth adding S to the mix.