Trending Assets
Top investors this month
Trending Assets
Top investors this month
Cybersecurity $CRWD
Agility is required in a perpetually evolving industry.
I recently posted about Software and how it should occupy space in your portfolio. You can find that post here.
I spoke about the increasing use of software and how it ironically requires more software to manage and secure software and IT infrastructures. Let's look at how Crowdstrike is navigating an ever-evolving industry.
Securing our software and computing architecture
The march towards cloud-native architectures gives way to increasingly complex IT infrastructures. This can create exploitation gateways for security breaches and hackers. Opportunity breeds solutions.
The cybersecurity industry changes quickly, and the evolving landscape gives rise and fall to many companies. It’s hard for investors to track them all and the encompassing innovations. But, it's more difficult for companies operating in the space to innovate and pioneer ahead of the curve.
Source - Global Market Insights: Global Cyber security market
In another post, I spoke about the problems companies face when they innovate outside their core competencies and pursue ideas that do not align with the firm's strategic intent and resources. Another mistake is introducing products that your customers do not need or want at this particular time. You can read the post here or the in-depth write-up on my Substack by here.
Crowdstrike
I will explore how Crowdstrike is navigating an ever-evolving industry whilst strategically introducing new products and remaining within its core competency. More importantly, these are products being necessitated by their customers.
Source - Earnings presentation Oct 2022
I like Crowdstrike’s approach to the problem. They have been incrementally introducing products, and customers are purchasing those new modules.
Source - Earnings call Q3 2022
Crowdstrike recognizes that other companies offer Cybersecurity products that aren’t within their core competence, and rather than compete directly, they’ve partnered with those companies.
Source - Earnings call Q3 2022
Partner-sourced ARR growing 55% YoY is impressive and highlights the importance of offering the best-in-breed solutions rather than trying to encroach into areas they cannot lead.
Crowdstrike offers similar modules; however, customers will go to the leaders of the respective spaces, so rather than diluting their go-to-market strategy, partnering is a better option. Moreover, it's a two-way street, and both parties can benefit. This isn't zero-sum, and the overall market continues to grow.
Source - Earnings presentation Oct 2022
Even though they have strategic partnerships, they are slotting in new offerings and modules that complement their customer's needs closer to what they already offer. If we look at 'identity Protection', this was the most significant contributor to ARR within the emerging product category.
They understand their customer's needs, introduce products that have a material impact on the business, and align with strategic intent. This resulted in a seven-figure expansion with a leading global brand.
Source - Earnings call Q3 2022
Monitoring IT infrastructure
The cardinal sin of a company is straying too far afield from its core offering. You're probably sick of hearing this now, but Crowdstrike seems to have found itself doing this and performing well.
This is in no small part to their acquisition of Humio. Humio is a log management platform. This is the space in which Datadog $DDOG operates. Datadog is more comprehensive and can provide monitoring, security, and analytics for developers.
Humio, now sold as Falcon LogScale under the Crowdstrike brand, is a way to primarily ingest massive amounts of data at any throughput, providing visibility into logs that can alert the team to incidents allowing them to respond.
Source- Crowdstrike Website
In short, it helps Crowdstrike offer a SIEM (Security Information and Event Management) product. So, it's not quite encroaching on Datadog but instead complements Crowdstrike's current offerings. For the record, Datadog and Crowdstrike can integrate.
The new product seems to be doing well, as management has hinted in the most recent earnings call.
Source - Earnings call Q3 2022
App store
Crowdstirke also makes it remarkably easy to add additional security modules, explore partner integrations, and offer free trials. This is achieved through their app store.
I like the idea of an app store in an industry that can be pretty convoluted and has many offerings. It's clean, easy to use and provides explanations making the whole process seamless and intuitive.
The ultimate goal - A fully integrated platform
CEO Geroge Kurtz has mentioned in the past and continues to mention in earning calls about providing a fully integrated platform. We've already explored why this can be tough, especially within a rapidly changing industry.
Not only that, but being able to provide every security module as your core competency would be a goliath task. If it can be done, then certainly the use of AI has to be included, and that is the bedrock of what Crowdstrike offers with their flagship 'Graph' products.
Source - Earnings presentation Oct 2022
They have added other security products to this 'Data Fabric', alongside their 'Graph' products.
The CEO is undoubtedly confident, and a good sign of leadership for a disruptive company is their ability to make predictions and deliver. Talk is cheap, but products and results are worth their weight in cash flows.
Consider recent commentary from Q3 2022 earnings calls about becoming a completely integrated security offering.
TL;DR
Let me sum up
- They underwent a comprehensive framework test called MITRE ATT&CK. It's an assessment tool that helps organisations understand their security readiness and uncover vulnerabilities in their defences.
- It's an alternative to a framework called Cyber Kill Chain developed by Lockheed martin.
- It was the first closed-door test, meaning participants were not given prior knowledge of the adversary. No retesting was allowed, mimicking what would happen in a real-life situation.
- Crowdstrike performed the best out of the 16 participants.
- They won another test called SE Labs EDR ransomware detection and protection test.
- They achieved 100% ransomware protection with zero false positives.
- CEO Kurtz puts this down to their Graph technology and use of AI
- They claim through their assessment and analysis that enterprise customers save time and resources equivalent to 3.5 full-time employees due to operational efficiencies.
- CEO believes these results and achievements show Crowdstrike is on the right path to becoming a truly integrated platform that can protect from cyber threats, reduce operating costs and negate the need of having several disparate technologies stitched together.
Conclusion
Cybersecurity is a harsh industry, so we see fragmentation and companies coming in and out of fashion alongside their technological offerings. Crowdstrike is taking a reasonable approach by partnering where it can and strategically introducing new products its customers want.
Often companies struggle to offer products that do not align with core competencies and resources, but Crowdstrike is managing to do this, and the results are bearing fruits. Granted, they haven't made a complete General Electric move and introduced something entirely outwith their competency. But Credit where it's due, and the integration of Humio for log observability has been successful.
Using emerging technology, primarily AI, is a good strategy. They seem to be building on top of that success, paving a path towards becoming an integrated platform. The journey ahead will not be easy, but I give the benefit of the doubt in receipt of the CEO's conviction and subsequent results.
Already have an account?