CrowdStrike vs. Symantec

Hey Fools,

This may help shed some light on CrowdStrike’s tailwinds, potential.

Recently CEO George Kurtz has been doing some crowing about stealing Symantec’s customers…

CrowdStrike global CEO says partners, customers joining them over Symantec

https://www.crn.com.au/news/crowdstrike-global-ceo-says-part…

“We continue to displace Symantec customers,” Kurtz said told reporters present in the earnings call. “People are looking for platforms and they are looking for technologies that actually work and stop breaches. Ransomware has been a huge driver and signature-based AV is really not capable of dealing with sophisticated ransomware. So, people are looking to get off that.”

Kurtz added that CrowdStrike has also seen “significant demand” from channel partners, also citing the addition of former Symantec partners to its ranks.

According this Fool article from 2019…

The 10 Biggest Cybersecurity Stocks
https://www.fool.com/investing/the-10-biggest-cybersecurity-…

Symantec is the world leader in cybersecurity services when using sales figures as the metric. With nearly $5 billion in revenue in the last year

Maybe a little dated but no doubt why Kurtz focusing on Symantec as the big dog. It’s market cap is below CrowdStrike’s now so it’s no secret CrowdStrike and other upstarts slowly eating away at wounded lion.

This morning in MIT’s email, “The Technology Review” they had this article…

Criminal charges reveal the identity of the “invisible god” hacker
https://www.technologyreview.com/2020/07/07/1004870/criminal…

In 2019, Fxmsp made headlines by advertising access to data from three major cybersecurity companies, reported to be McAfee, Trend Micro, and Symantec. He offered network access and source code at prices ranging from $300,000 to $1 million. US officials say victims lost tens of millions of dollars to the malware, unauthorized access, and network damage.

So big news in the security industry today that this guy was arrested and with this news it drags back into spotlight that this super-hacker stole data from Symantec itself. This is some terrible press for Symantec. (And to be fair, highlights an unusually high degree of risk in this space. One big breach can be extremely damaging to reputations.)

I know nothing about tech but it sure seems the CrowdStrike story is on track. That Kurtz would focus on tearing out those billions from Symantec makes perfect sense. When you kill the top dog others bound to follow. I can easily imagine CRWD salesman having a field day telling all prospects that they’re eating Symantec’s lunch.

Thought on Crowded Field

As others have noted, there are tons of CyberSecurity companies and many are highly rated. But this is why I love CRWD CEO, George Kurtz. I think the guy is an elite marketer/spokesperson. This race is not going to be won by the objectively proven best company. Buyers in all industries want an effective solution they can implement quickly. If you buy a car you don’t want to go through stress of test driving 10 vehicles, etc.

So if CrowdStrike is best known, has decent reputation for quality, and in the door first, that’s the solution a prospect will take. This is particularly true of Cybersecurity as the risk/reward of studying additional solutions to get a little more effectiveness is not worth remaining vulnerable to possibly catastrophic attacks. If you are one of the 50 other cybersecurity companies good luck gaining the attention CrowdStrike’s gotten. There’s a reason we have so few airlines and car companies.

So the bigger CrowdStrike gets, the more money they can pour into product dev/marketing, the bigger their client list grows, better product gets, better known they become. It’s a promising situation.

Fool On,

BroadwayDan

PS - Shout out to Muji for naming me in his post on Fools who’ve influenced him. A highlight of my 20-yr Fool career. Muji is on my Mt. Rushmore of Fools.

Thanks for posting this. CRWD is the first company featured here that I have taken a small stake in (disclaimer: many consider my buying a stock to be a contrarian indicator!!). I won’t rehash all the great info on this board. It would be redundant. But the information provided seemed to be solid, and the company appeared to be sound.

The only real concern I have is, again, no moat. The title of this thread is a great example of that. Symantec (formerly Norton) has been around for 30 years or more. They were among the first in security (and disk utilities, and some other stuff). Then along comes Crowdstrike and starts eating their lunch. Because there is no moat. Hire some programmers, and do the product better (or cheaper), and customers will come. There is some stickiness in enterprise (i.e. companies that implement such programs) since there is hassle associated with migrating systems to a new platform. But it’s only post-it-note sticky, not Gorilla-Glue sticky.

But other than that, I liked what I saw so I took a small position. Thanks to all who have provided info and commentary on CRWD (and everything else, but the topic of this thread is CRWD).

1poorguy

1poorguy, what do you consider an example of a business moat?

CRWD is the first company featured here that I have taken a small stake in… The only real concern I have is, again, no moat.

1poorguy,

While you have stayed out of all our stocks and criticized them all in your mind and in your posts as having no moat, my portfolio, built out of those stocks, as of todays close, is 239% of what it started the year at.

That’s 239%!!! It’s totally surreal, incredible even!!! And at a time when the average of the market indexes is still firmly negative for the year. And plenty of others on the board have done as well or better, or trail by a small amount but still have huge gains.

Doesn’t that give you any concern, any concern at all, that perhaps you are thinking about these companies incorrectly? If you bought one of these companies and the beginning of the year and it turns out some time in the future to have no moat, and starts slowing down, don’t you think you’d be able to get out of it and still have a huge, HUGE, gain since the beginning of this year.

You seem to be worried that some unspecified time in the future a new contender will come along. Yes, but so what? Just today, my portfolio tacked on 13 percentage points from 226% of what it started the year with to 239% of what it started with, and you are worried about no moat???

Maybe you should rethink this.

Saul

“programs) since there is hassle associated with migrating systems to a new platform. But it’s only post-it-note sticky, not Gorilla-Glue sticky.”

Can you provide examples of Gorilla-Glue sticky

Thanks,
Praveen

The only real concern I have is, again, no moat.

Just because two products address the same general need, is no reason to think that the products are equivalent. Crowdstrike has a moat relative to Symantec because they have a different approach to solving the problem, one with material advantages.

As has been mentioned before, this idea of just throwing some programmers at it doesn’t work. One has to know what to make. When I was still selling my ERP product, I could win sales to publishers against the top package for publishing because, frankly, my royalty contracts pack absolutely blew their software away … no comparison. And, they were bigger and older than my firm. Likewise winning against the likes of Oracle Financials and Peoplesoft because it would take a couple million dollars of enhancements before their software could do what mine already did.

I think people get confused when they look at security cloud software… they equate to previous generation of internet security products like Symantec (security gateways) and firewalls and such which truly did not have moat…

Cloud based security software companies can not be further from those firewall companies… CRWD, ZS and also NET (Cloudflare) have strong moat/s

CRWD - the moat is network effect… more end devices they cover, more probability for them to see any new threat first on the internet… and more probability for them to figure out how to address that threat ahead of everyone else… this was not feasible with firewall, this is feasible (at scale) only with cloud based model. Symantec can theoretically address this but much harder without cloud native architecture.

ZS - has this network effect moat + they also have another moat called very high switching cost. This high switching cost comes from the fact that to use ZS, you are literally changing (simplifying) your network architecture that you would not want to go back and replace ZS with something else.

NET is similar to ZS, though at a smaller scale + they have moat of bundling additional edge services… which further increases cost of switching…

So yes, ZS and to good extent, NET has even stronger moat than CRWD… but on the flip side, CRWD is also easier to adopt to being focused on end devices… which drives their growth… and that Symantec is faltering, helps them a lot more…

A moat is simply a barrier to entry. It can be a patent that prevents others from entering, or it can be the capital cost of infrastructure (e.g. the easiest example is a wafer fab). Probably some others, but those jump out at me.

Also, “stickiness” of a business. If it’s a major PITA to change vendors, that is a moat for the entrenched company.

Maybe you should rethink this.

First, I haven’t criticized all your stocks. I haven’t even looked into all of them. I’ve criticized ZM, specifically. And I’ve taken a position in CRWD. And I was looking into AYX, but opted not to.

Second, the reason I am here is that I don’t pretend to know everything. If I knew everything I would have no need for, or interest in, this board. Since I am certain you would not advocate just mimicking you, though some of your more ardent followers do exactly that, what do you think I should do differently?

I won’t argue with your success. It’s undeniable. Again, that’s why I’m here. But I’m not going to blindly take your word (or anyone else’s; not picking on you specifically) about a stock. There is a treasure trove of research here, and it was very helpful with CRWD (for example). And I used it to do my due diligence. Just because I’m not comfortable with (for example) ZM, doesn’t mean it’s a bad investment. It means I’m not comfortable with it. I also wasn’t comfortable with SBUX when it debuted in the 90s, and that turned out to be a mistake also. Or, more recently, I bailed on TSLA (at a profit) before it rocketed over $1000. I neither blame anyone for my mistakes, nor begrudge anyone making a fortune that I missed out on. I’ve had more successes than failures, so I can’t complain. But there is always room to do better.

I mean absolutely no offense here, and I want to emphasize that strongly since internet message boards are rife with misunderstandings, but if I say “where’s the moat” and you answer “I’m up 200%”, then you really didn’t answer the question. If you think a moat is irrelevant, which you apparently do, it would be more interesting to tell me why you think that than just quoting your returns to date. I didn’t really note that in any of your knowledge base documents. I don’t recall you mentioning it once, in fact (though I admit I might have missed it?).

I’m sorry if my questions annoy you. That’s how I learn; by asking questions. In the case of stocks, I try to poke holes in the stock’s story and see whether those holes are filled or not. If the armor appears to be intact, then I’m likely to take a position.

1poorguy

Can you provide examples of Gorilla-Glue sticky

I can try. My company uses SAS for data analysis. I’m not sure if it’s publicly traded, but that’s besides the point of your question. We have created a LOT of software tools that interface with SAS and make it easier to use. When we acquired another company, they used JMP. It has some nifty features, but we already had SAS and the tools to make our jobs with SAS easier. JMP is still there, and is very slowly penetrating, but we still mostly use the tools that utilize SAS.

That is very sticky. We’ve had access to JMP for probably 10 years. But SAS hasn’t gone away for us. It would be a major project to migrate everything to JMP and abandon SAS. It could be done, but there would be a lot of lost productivity along the way.

1poorguy

Crowdstrike has a moat relative to Symantec because they have a different approach to solving the problem, one with material advantages.

Which is why I took a stake in CRWD. It’s not a deep moat, but I think they do have advantages.

Sometimes the moat is the inertia of the competition. They already are far down one path, and you find a different way to get to the same place. Different, and better. I don’t mean to imply that it only takes “throwing programmers” at a problem to unseat a leader. But if they are good, and they have a target (i.e. what to make, how it should work, what it costs), then absolutely you can unseat the leader. The question then becomes: “what stops others from doing that same thing?”. Sometimes it’s inertia. Sometimes it’s installed base (e.g. Windows) and/or compatible hardware. Sometimes it’s nothing at all. At least IMHO. I’m not an IT guy, though I work with some.

1poorguy

Thank you, nilvest. That was a very nice summary. Probably much more succinctly put than I could have done, and more informative also. I know Symantec and McAfee are always looking for new threats, but your point about cloud-based was interesting.

Reinforces my confidence in my CRWD position.

Again, thank you.

1poorguy

No moat?

Having invested in over 10 cyber security companies over 20 years I would say Crowdstrike has the most recognisable moat of all.

The 2 obvious ones are:

1. Crowdsourced defence where everyone in the network makes the network stronger
2. Falcon platform for secure purchases of other cybersecurity platforms

… but I’m sure there are more, not least the ease of customer onboarding vs exit hassle factor or hassle factor of onboarding elsewhere.

Ant

If you think a moat is irrelevant…

Not to speak for Saul or anybody else, but for me: the most important moat is “execution”. Additional barriers to entry can be very important, whether that’s hardware or mindshare, but ultimately it comes down to how well the company can use the resources it has to build their product and sell it. When you find a company like Zoom, who was already executing well before they broke the mould, it’s pretty compelling. Very few companies are capable of executing like that, so the odds of another team coming along with even greater capability in the exact same industry seems pretty remote.

Never mind that I see the word “moat” tossed around a lot, but unfortunately I think most investors can’t tell a moat from a hole in the ground. That sounds like an insult, but it’s true for me as well. What I mean is, depending on the industry, most investors are incapable of making a valid judgement on what constitutes a moat, and can’t assess the answers they get back about it, for or against, when they ask the question.

As a software developer I know how difficult it is to just get a team to make something that looks nice and “modern”, is functional for the user, and uses resources efficiently and effectively. It’s a constant tug of war between the aesthetic-but-clueless impulses of management; the perfectionist-but-useless impulses of graphic design; and the IDGIS-nerd impulse to just plop a button over there just because and meanwhile let’s upgrade the tech stack. Getting all these groups to work well together is a huge challenge.

But that’s just a bonus for me. Anybody can see it’s a well-oiled company, which is probably all the moat needed.

I think you fail to understand network effect and what a powerful moat it is. How about Facebook, do they have a moat? Facebook’s technology is not difficult to replicate. Gaining 2.6 billion MAU is incredibly difficult to achieve. That’s network effect. That’s a moat.

Does Google have a moat? From a technology perspective, absolutely not. Microsoft (not a startup) tried to take away their business with Bing. How’s that going? Not so well. Google is a verb. Bing is a noun.

If you fail to understand that that’s a moat, you don’t understand network effect. Zoom has become a verb in an unbelievably short period of time. People use Zoom for the simple reason that other people use Zoom. Zoom has close to 13 million MAUs. Not a Facebook, but in a very short period of time they have become the dominant teleconferencing tool. They in fact have a technological moat. The product works nearly flawlessly (the security problems were vastly overblown and have been largely addressed, I could say more about this, but won’t dwell on it. You can find more on this board if you look for it). On boarding is a breeze. Cost is competitive. And, BTW, they have Zoomphone, it hasn’t been talked about that much, but they provide a simple, easy to install, easy to use PBX alternative that supports transition from a phone call to a teleconference without hanging up. That’s a moat.

You mentioned SAS as having a gorilla glue moat. I’m pretty sure that a company with a big investment in SAS with a lot of software tools built around it is probably going to stick with it. But I’ll bet dimes to dollars SAS will not have any success in stealing AYX customers. SAS is a beast. AYX is elegant. SAS demands expert users. AYX supports citizen data scientists.

I could list several more companies and explain the moats that you don’t see, but I can see that as a fruitless exercise.

In the end, Saul has advised that you should not invest in any companies that make you lose sleep. If you aren’t comfortable with the investment for whatever reason, don’t make that investment. I got uncomfortable earlier this year with the environment, I didn’t suddenly feel like the investment in one or another company was a bad idea. For me it was making an investment during the horrific pandemic and what I perceived to be the impact on the economy was folly. I sold all my positions. I sat on cash for a while, even as I saw that it was a major financial blunder. But, I was able to sleep. I’m pretty much back in the market with the exception of having held back about three years worth of cash. Turned out the opportunity cost of being out of the market started interfering with my sleep. Even with my exit and slow return I’m up just under 37% while invested in these moatless companies.

Good luck to you. I think I know why you have adopted your screen name.

Arg, sorry about the bold. The Fool won’t upgrade their software, even though it’s probably TRIVIAL TO DO. (Can they hear me better if I type in all-caps?)

Clearly, the Fool’s case the quality of their software isn’t a moat…

1poorguy,

With regard to your definition of a moat, there are very few companies that have what seem to fit. Technology has advanced to the point that patents mean very little and even chips can be outsourced. Owning the fabrication lab might just be a drain on capital and resources at this point. But in any case, anyone is free to decide what investing criteria they have. But I think the requirement of that type of moat basically excludes all software companies. My guess is that it takes years to develop such a moat and by the time one develops, a company is not going to be in its hypergrowth stage.

The thing about being a growth investor, though, is that the concept of a moat or competitive advantage simply doesn’t matter that much. You just find fast growing companies, make your best assessment of whether the growth is real (rather than acquired or incentivize), then ride the stock until it no longer fits your criteria. That could be in a quarter or a decade. As they say, the proof is in the pudding.

Some work related issues have kept me away from posting for a while. However, I wanted to share my idea of a moat with relation to the SaaS companies we’re invested in.

Saul says…

…as of todays close, is 239% of what it started the year at.

There’s a lot of meaning in that line. The SaaS stocks discussed here have performed exceptionally well as Saul pointed out for a reason; and that reason is staring at our faces and it’s hard to not see it. It’s the era of the cloud and digital transformation… The paradigm shift is happening as we talk…

If you’re a traditional business owner today, you have ONLY TWO options…either embrace the digital transformation OR embrace oblivion. ( I have mentioned this a couple of times earlier… when I helped move an on-premise application to the cloud for one of the greatest software companies in the world some years back, the cloud wasn’t a big deal then. However, a very competent leader of my division who later became the new CEO saw that the move to the cloud was inevitable and we followed his vision).

Now, what’s the fuss about this cloud and data all about? Well, it’s all about Securing, Monitoring, Transferring/Consuming and Analyzing that data in the cloud. Using that data to build ML/AI and much more.

The companies that are innovating and growing market share in the above areas are defining their own moats. Obviously the market is slowly realizing that and hence the appreciation these stocks are seeing ( which is proved by the 239% Saul mentioned). These products appeal to developers and tech companies because they are easy to adopt and provide a lot of productivity, cost savings, security and help in maintaining a competitive edge. Sometimes these benefits are hard to comprehend for a traditional business because they may not be tangible in a way traditional businesses have been trained to think. Thanks that perception is now changing; for e.g. look at the speed that Fedex transformed during the pandemic.

Of course there’s competition ( which is very healthy and absolutely necessary) but the winners are emerging ( either due to best of breed or network effect or both). These companies have greatly benefited due to thae pandemic. Remember that these companies just didn’t start yesterday but have been building their foundations in the past several years; the pandemic has proven to be their catalyst! Businesses and individuals are realizing the benefits of productivity and cost savings in the long term even if it means paying out a monthly subscription fees for these SaaS services.

That’s the moat!

Here’s a link to a post where I had tried to map my stocks to their areas of operation in the cloud.

https://discussion.fool.com/just-a-follow-up-the-expectations-mo…

Hope this helps.

Cheers!

ron

long < ZM, DDOG, CRWD, FSLY, OKTA, NET, AYX, LVGO >

P.S. I’ve greatly increased my position in FSLY by selling some OKTA in the past couple of months.

With regard to your definition of a moat, there are very few companies that have what seem to fit… I think the requirement of that type of moat basically excludes all software companies. My guess is that it takes years to develop such a moat and by the time one develops, a company is not going to be in its hypergrowth stage.

The thing about being a growth investor, though, is that the concept of a moat or competitive advantage simply doesn’t matter that much. You just find fast growing companies, make your best assessment of whether the growth is real (rather than acquired or incentivized), then ride the stock until it no longer fits your criteria. That could be in a quarter or a decade. As they say, the proof is in the pudding.

Thanks IRdoc, you said it so much more clearly and elegantly than I did. It’s the growth that tells the story. If a company is growing revenue very rapidly, year after year, it’s evident that they are probably doing what they are doing much, much, better than anyone else. And if they quit doing it so much better than others (or run out of room to grow) and slow down growth, we reduce our positions and then get out. As you said, a formally defined “moat” simply doesn’t figure into the calculation and doesn’t matter that much. For a lot of our companies, their moat is just that they do it so much better, and that it would take so much work and expense to duplicate what they do, and by the time you did they’d be further along anyway. Thanks again.

Best,

Saul

If I can add my perspective as someone who has been investing in these stocks since long before this board even began. I also speak as someone whose personal portfolio is up more than 100% this year and who has done returns since I started investing my own money that exceed 40% per year. No sour grapes here!

Over the past 18 month my exposure to high growth (i.e. 30+% revenue growers) has gone from 60% to 30% of my personal investments - I also own a big slug of large cap tech stocks which have increased in size, and more value type TMT plays than I used to which is the difference, and most of what I have left in growth are not things that are popular on this board for various reasons. Probably SE is the only one I see any discussion about at all - and even then I am selling that actively up here. Growth simply no longer offers the opportunities it used to. Everyone and their dog is investing in stocks like Fastly and Zoom with no thought process whatsoever about what long term margin/moat/market opportunity is. And in several cases companies are seeing severe short term decelerations e.g. COUP, AYX yet no-one on this board cares about that - nor in the market for now.

Software is probably going to get relentlessly competitive long before these companies get close to levels of revenue and profitability that can justify current valuations. There are billions of dollars of VC going into competing with these companies, and every larger company with any kind of platform is trying to spread into adjacent areas.

There are numerous stocks in the market today that trade at multiples from which it is virtually inconceivable they will offer good multi-year returns. In many cases you could have invested in companies like Google and Facebook at these multiples years ago and not made any money at all. And those are the best companies of all time from a financial perspective!

I’m glad you guys are finding success. But I think everyone on here should take a hard think about whether they have a strong fundamental understanding of the companies they are buying and what kind of expectations are baked into the valuations that they are paying. E.g. my estimates on Coupa (owned for a while, sold at half (!) the current price ) is that by 2030 they need 7% of global GDP ex-China to transact on their platform. And that’s not eligible GDP - that’s total GDP, and assumes a huge take rate on Coupa Pay. My suggestion is that each of you invested in Coupa should run your own calculation on this kind of idea and figure out if you’re comfortable with the assumptions that come out. And maybe you are - which is great and you should continue to own the stock if so. And remember that on an organic basis it will grow mid teens this year.

The funny thing for me is the number of things I sold because I thought their fundamentals would deteriorate due to covid (COUP AYX are good examples) and I was dead right that the fundamentals would get worse, but I got the investment judgment dead wrong. AYX is 35% above where I sold it in February and COUP trades at more than double where I sold it - after calling fundamental deteriorations in their business perfectly. That’s the market we live in.

I hope you all continue to do great!