Crowdstrike IPO - Summary

Jon Ma | June 10, 2019

Please read the important disclosures at the end of this document

Crowdstrike is going public this Wednesday, June 12th. We wanted to provide a high-level summary of what Crowdstrike does in straight-forward terms. Enjoy!

Interested in understanding how Crowdstrike stacks up against other public SaaS companies like Alteryx, MongoDB, Slack, Elastic, and Zoom? See our other post "Crowdstrike IPO in 5 Metrics"

Summary of Crowdstrike

📝Description (ELI5): Similar to how Salesforce transformed the CRM market by leveraging the cloud, Crowdstrike thinks of themselves as creating a new category called Security Cloud. CrowdStrike's product Falcon is a SaaS based platform for next-generation endpoint protection that detects, prevents, and responds to attacks. The company's cloud-based and AI approach is in contrast to on-prem endpoint security solutions or primarily rules-based and signature-based anti-virus companies like Symantec and McAfee.

Crowdstrike's Falcon is a single lightweight agent that installs on the customer's endpoint that feeds data into Crowdstrike's cloud-based database called Threat Graph. By leveraging the cloud, Falcon is able to continually collect, process, and analyze threats across all customer's endpoints in real-time. As there's more data that's fed into Falcon, there is more data to train Crowdstrike's AI models with, increasing the overall efficacy of Falcon.

With Falcon, Crowdstrike sells 10 cloud modules including endpoint security, security & IT operations,and threat intelligence. See the Falcon Platform graphic below: FalconPlatform

TL;DR The point of Crowdstrike is to protect customers from breaches

🙏🏼 ROI of Product: Customers choose to use Crowdstrike because

1) Ease of adoption by only having to install a light weight agent versus other vendors require 2 GB+ which provides for a terrible and slow user experience. Company claims a customer recently deployed Falcon to over 100,000 endpoints globally in <24 hours.

2) Superior efficacy rates in detecting threats and preventing breaches

3) Reduced total cost of ownership by consolidating security products into a single platform

4) Allow already busy security organizations to automate previously manual tasks so that teams can focus on their most important objectives.

💵Business Model: Typically 1 year subscription to Falcon platform and cloud modules priced per-endpoint and per-module. Average annual contract value is ~$124,000.

🏢Customers: Impressive enterprise customer list including 2,516 subscription customers worldwide like AWS, HSBC, Hyatt, ADP and 44 of the Fortune 100, 37 of the top 100 global companies, and nine of the top 20 major banks.

🤑Go-To-Market: Crowdstrike started off primarily selling to enterprises with a combination of top down sales (field sales + inside sales) and working with channel partners. However, starting in December 2017, Crowdstrike started to offer a low-touch/low-sales solution in the form of a 15-day free trial access to their next-generation anti-virus module and also making it easy to download Crowdstrike from AWS's marketplace. The goal is to expand outside of just enterprises and to also capture the small and medium business market which is a growth opportunity for the company.

💰Market: Crowdstrike currently has cloud modules in the corporate endpoint security, threat intelligence, security & vulnerability management, IT systems and service management, and an offering in the managed security service market. The company claims the global opportunity across these markets is estimated to be $24.6 billion in 2019 and is expected to reach $29.2 billion in 2021. Clearly, the market for Crowdstrike is quite large.

💪Competition: Crowdstrike lists the following lists of competitors in their S-1. Note, Cybereason, SentinelOne are also strong competitors in the endpoint security market.

  • Legacy antivirus product providers: McAfee, Inc. and Symantec Corporation, who offer a broad range of approaches and solutions with traditional antivirus and signature-based protection.
  • Alternative endpoint security providers: BlackBerry Cylance and Carbon Black, Inc., who offer point products based on malware-only or application whitelisting techniques; and
  • Network security vendors: Palo Alto Networks, Inc. and FireEye, Inc., who are supplementing their core perimeter-based offerings with endpoint security solutions.

This document is for general informational purposes only. This document does not constitute investment advice or any offer to provide investment advisory or investment management services. The information in this document should not be construed as any current or past endorsement, recommendation or sponsorship of any company or security by SaaSy Metrics, LLC. This document does not constitute a solicitation, offer, opinion, or recommendation by SaaSy Metrics to buy or sell any security, or to provide legal, tax, accounting, or investment advice or services regarding the profitability or suitability of any security or other investment. At the time of issuance of this document, SaaSy Metrics, LLC did not hold any interest in Crowdstrike. Please refer to our User Agreement for more detailed information.