CRWD analysis

Here is a good analysis I recently came across for CRWD. (This link was given out for free by the author.)

https://drive.google.com/file/d/1noPST2TIFpBMrBrZnqWl63cC2Di…

Just curious - Is there anyone on the board who has a strong bear argument for CRWD? I have seen debates for almost every other main stock that is discussed here, but I don’t remember seeing anyone take the bear side for CRWD in the last several months.

The main bear arguments I have seen come down to:

  • Valuation is high
  • There are many competitors and the security segment is littered with companies that started strong and flamed out.
  • All it takes is one major security breach for the stock price to crash

Long CRWD (just bought quite a bit more today and made it my 3rd largest position).

19 Likes

To add to this list of potential bear arguments

  • End point security specifically is not a hyper growth market… so CRWD is really driving others out and winning by taking market share… this is very different than say FSLY, NET and ZM… where they lead a growing pie - however, CRWD is winning for a specific reason… Cloud based end-point security (as opposed to distributed / device based) is a growing market and CRWD has huge lead…
  • CTO and co-founder left the company recently - though he did so to address bigger goal in cybersecurity world
  • CEO is overly aggressive, has a history of driving out his partners and taking over the reins in previous companies… - although this makes him a lot more successful… I cant see George different than Musk or Bezos or even Jobs and Gates in the way ruthless / aggressive personalities win in extremely dynamic world of tech investing.

I think the real question to me on CRWD is not what the bear case is… but why CRWD is not getting valuation multiple like FSLY or ZM or NET or DDOG…
The answer to me here is that investors are skittish about security software due to past problems… specifically companies like FireEye had meteoric rise and crash and burn… so this space has a bit of stigma… that overly competitive stigma is valid… and that to me is an opportunity for discerning investors like those on this board…

As I said above… CRWD is not in slow growing “overall end point security market”… CRWD is leading “cloud based end-point security market”… which happens to be hyper growth subset of former… or in other words and CRWD is enabling end point security transition from legacy model to cloud based model… and in the process also addressing problems of the legacy model where it was easy to lose to next better mouse trap… with cloud based approach, CRWD has built an inherently stronger moat as it can detect and address potential threats much faster than anyone else…
I think this particular nuance is reflected in ever growing revenue and cash flow while still not well appreciated by investors who keep wondering if / when will CRWD deliver a nasty surprise…

So I think as long as investors remain cautius about CRWD as security play, it does not need any other bear case… once this resistance is dissipated (like it resistance to invest in LVGO dissipated this year), CRWD valuation multiple should match to DDOG and ZM… and at that point, we have to be a lot more cautious… for now, CRWD is my personal highest conviction stock for next 4 quarters…

nilvest…
CRWD is my second largest position only because LVGO has multiplied this year! and I am still highly convinced on LVGO / TDOC story to not reduce it much.

45 Likes

"- End point security specifically is not a hyper growth market… "

What makes you say that?

Just factoring the growth of endpoints, which has to be exponential, creates a high rate of TAM expansion. Even if every existing endpoint was covered (which is highly unlikely) smartphones alone are expected to add 4 BILLION units this year (https://www.statista.com/statistics/330695/number-of-smartph…) and while that is only about 8.5% growth, that is only phones, not tablets, laptops, IoT devices, virtual machines, etc. Technically a device is not an endpoint. An endpoint is the point of origin of any communication between a user and a server (or software on the user’s side communicating with a network via some API). This means a new endpoint is formed anytime a web address wants to expose a new way of communicating, which happens all the time. I’m not sure if CRWD is only talking in terms of devices (agent installs?) or API endpoints though.

"…Cloud based end-point security (as opposed to distributed / device based)…

I think I get what you are saying here but for clarity: Being cloud-based on the backend has nothing to do with excluding devices from their business (they are not in opposition). In fact, in their recent presentation deck their “Proprietary Distributed Threat Graph” mentions a patent for “real-time model of states of monitored devices”. The next slide, “Falcon Platform: Defining the Security Cloud” shows end point security covering devices and has icons for light-weight agents on all operating systems including mobile (which means devices) and mentions workstations and mobile. Crowdstrike’s agent runs on devices and communicates up to their backend in the Cloud as opposed to communicating directly with a central server hosted by customers.

I would argue they are winning market share because of how they are using all of the aggregated data with a learning model to provide a better product. A simple lightweight install gives you coverage powered by their entire threat detection network and the response to new threats is super fast compared to the old model where you’d have to wait for a software update to make your local agent smarter. If a distributed attack is launched, the old model could provide protection for the next time it happens but with Crowdstrike you can be protected during the current attack because who ever in the network gets hit first would provide information for the rest of the network right away. The added intelligence means an even faster, potentially automatic, even potentially predictive/preventative, response. …at least that is my understanding. I’m not a security expert.

7 Likes