enterprise

CrowdStrike (CRWD) Q3 2024 Earnings Call Transcript – The Motley Fool


Logo of jester cap with thought bubble.

Image source: The Motley Fool.

CrowdStrike (CRWD 1.08%)
Q3 2024 Earnings Call
Nov 28, 2023, 5:00 p.m. ET

Contents:

  • Prepared Remarks
  • Questions and Answers
  • Call Participants

Prepared Remarks:

Operator

Thank you for standing by and welcome to CrowdStrike Holdings’ third quarter fiscal year 2024 earnings conference call. At this time, all participants are in a listen-only mode. After the speakers’ presentation, there will be a question-and-answer session. [Operator instructions] I would now like to hand the call over to VP of investor relations, Maria Riley.

Please go ahead.

Maria RileyVice President, Investor Relations

Good afternoon and thank you for your participation today. With me on the call are George Kurtz, president and chief executive officer and co-founder of CrowdStrike; and Burt Podbere, chief financial officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans; objectives; growth, including projections; and expected performance, including our outlook for the fourth quarter and fiscal year 2024 and any assumptions for fiscal periods beyond that, are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call.

While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaims any obligation to update or alter our forward-looking statements whether as a result of new information, future events, or otherwise. Further information on these and other factors that could affect the company’s financial results is included in the filings we make with the SEC from time to time, including the section titled Risk Factors in the company’s quarterly and annual reports. Additionally, unless otherwise stated, excluding revenue, all financial measures disclosed on this call will be non-GAAP.

Find out why CrowdStrike is one of the 10 best stocks to buy now

Our analyst team has spent more than a decade beating the market. After all, the newsletter they have run for over a decade, Motley Fool Stock Advisor, has tripled the market.*

They just revealed their ten top stock picks for investors to buy right now. CrowdStrike is on the list — but there are nine others you may be overlooking.

Click here to get access to the full list!

*Stock Advisor returns as of November 28, 2023

A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our earnings press release, which may be found on our investor relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. With that, I will now turn the call over to George.

George KurtzCo-Founder, President, and Chief Executive Officer

Thank you, Maria, and thank you all for joining us today. I would like to begin my remarks today by expressing gratitude to our customers who proudly trust CrowdStrike as their cybersecurity platform consolidator for the AI era; gratitude to our partners who win with CrowdStrike, taking our joint customers on Falcon platform transformation journeys from device to cloud to identity to data and beyond; and to our team for their passionate dedication to our mission: stopping breaches, fighting adversaries, and delivering the very best cybersecurity outcomes. Moving on to Q3. Despite a challenging macro environment and geopolitical tensions, I am extremely proud of the resilience of our business and that we delivered a record Q3.

CrowdStrike surpassed the $3 billion ARR milestone with an ending ARR of $3.15 billion, growing 35% year over year. CrowdStrike is the fastest and only pure-play cybersecurity software vendor in history to achieve this milestone. In Q3, we delivered double-digit net new ARR acceleration at scale, powered by customer demand for the depth and breadth of CrowdStrike’s AI-native XDR platform, terrific execution exemplified by rising win rates against our competitors, and acceleration in our Cloud Security and Identity businesses, as well as a record quarter in our LogScale next-gen SIEM business. Our standout top-line performance came in tandem with P&L discipline as our profitability soared to record heights.

Q3 was indeed a quarter of records. Let me share several of our financial highlights. Record net new ARR of $223 million, representing 13% year-over-year growth from acceleration in new and expansion business; record non-GAAP subscription gross margin; record GAAP and non-GAAP operating profitability; record free cash flow of $239 million, representing 30% free cash flow margin; and achieving free cash flow Rule of 66, up from 63 last quarter. Burt will share more color on our financials and platform adoption stats following my remarks.

This was a standout quarter and places us well on the path to $10 billion in ARR that we outlined in our latest investor briefing. The market continues to validate CrowdStrike’s widening leadership position. While others scale back R&D, we are increasing our investments as innovation is the lifeblood of our company. We continue to make meaningful investments in go-to-market and profitable growth.

To this end, we received multiple industry awards and accolades over the course of this quarter. Across industry analyst firms, CrowdStrike is consistently top-rated. In Q3, CrowdStrike was awarded a perfect 100% across protection, visibility, and analytic detections in MITRE’s latest ATT&CK testing, an industry first; recognized as Gartner Customers’ Choice and one of the highest rated in their latest peer insights voice of the customer for EPP report; named a leader in the Forrester Wave for Endpoint Security; and positioned as a leader in the IDC Vulnerability Management Marketscape. Our leadership position is translating into record demand for our exposure management solution in its first quarter on the market.

Our market presence and open platform approach to XDR is a uniting force in cybersecurity. In Q3, we hosted Fal.Con, our flagship customer and ecosystem event, with more than 4,000 attendees and 70 sponsors. This was fast followed by our Fal.Con On the Road series, where we have already hosted Fal.Con Tokyo and Fal.Con Sao Paulo with thousands in attendance. The drumbeat of innovation was loud and clear with multiple releases and announcements, showcasing CrowdStrike as the XDR leader, including the Falcon platform Raptor release, which standardizes all of our customers on LogScale.

This builds our platform data gravity, coupling native Falcon data with third-party data ingest, further enabling our customers to realize SIEM and XDR use cases on Falcon. Falcon for IT, a new module to unify IT and tech ops. From hygiene to patching, Falcon for IT lets customers consolidate multiple use cases and replace legacy products with our single-agent architecture. Our new Falcon Data Protection module that liberates customers from legacy DLP products with modern, frictionless data security, which prevents data exfiltration.

Falcon Foundry, a no-code application development solution, enabling both customers and technology partners to build directly on Falcon. Foundry epitomizes the true definition of a platform offering limitless apps. We announced the acquisition of Bionic, bringing application security posture management to the Falcon Cloud Security suite. Falcon Cloud Security is the industry’s most comprehensive and innovative cloud security offering, with integrated agent and agentless CSPM, CIEM, CWP, and now ASPM.

We released the beta and pricing for Charlotte AI, our AI-powered SOC analyst, which was incredibly well received. CrowdStrike’s generative AI leveraging multiple foundational models can turn hours of work into minutes while democratizing cybersecurity, unlocking value and adoption across the entire breadth of the Falcon platform. Enthusiasm for Falcon for IT, our automation and hygiene module for IT teams, is exciting to witness because it is something so intuitive that our customers want. Like Data Protection, Falcon for IT solves a clear and long-neglected pain point where customers are forced to rely on multiple legacy products that have long outstayed their welcome.

Customers are eager to consolidate their aging estate while reducing cost and complexity. Falcon for IT illustrates the power of CrowdStrike’s single-platform approach. We have the real estate and data foundation to solve ever-evolving use cases, delighting our customers while disrupting vendors that have failed to evolve. The resounding takeaway from my customer engagements at Fal.Con and throughout the quarter is that CrowdStrike is the right choice for CSOs, CIOs, executive teams, and boards.

Here’s why. Our built-by-design, single-platform architecture requires no integration, no stitching, and no platformization. Our unified cloud-native platform and critical beachfront real estate within the customer’s state naturally create cybersecurity data gravity, solving for today’s challenges while preparing for the unknowns of tomorrow. Organizations are looking for a trusted cybersecurity consolidator.

CrowdStrike is cybersecurity’s AI consolidator, liberating organizations from a litany of increasingly ineffective legacy tools, multiple agents, point products, and fragmented pseudo platforms. Illustrating this point, deals with eight or more modules increased 78% year over year in the quarter. This is what consolidation looks like. And third, stopping the breach matters more today than ever.

Adversaries continue to evolve, moving faster and increasing their use of dark AI, turning AI into a weapon for evil. At the same time, legislative and SEC regulatory oversight pressures boards and executives to prioritize cybersecurity. With these three takeaways in mind, let’s start by expanding on the first, why CrowdStrike is the definitive single security platform. Multiple fragmented platforms, consoles, and data silos forced customers to focus on integrating, not security outcomes.

Our relentless focus on innovation and commitment to a single, built-by-design platform creates cybersecurity source of truth. Built on this platform foundation, our Cloud, Identity, and LogScale next-gen SIEM products are examples of IPO-worthy hypergrowth businesses. Let’s take a look at our momentum in Cloud Security. Growth accelerated in the quarter, and we’re entering Q4 with a record pipeline.

Noteworthy wins in the quarter included an eight-figure total deal value with a new Falcon customer in the hospitality vertical, where we now secure their vast multicloud estate as part of a broader Microsoft replacement; a seven-figure Cloud Security expansion with one of the largest enterprise SaaS providers, where we replace multiple existing point products with Falcon Cloud Security; a seven-figure Cloud Security expansion with a major apparel brand, where we replace a firewall hardware vendor’s cloud security with our unified Falcon Cloud Security offering. CrowdStrike has one of the largest and fastest-growing cloud security businesses by ARR and customer count. The number of customers we protect in the public cloud has increased 45% from last year as we rapidly replaced other cloud security vendors in the ecosystem. Point product API-based CSPMs have emerged as the easiest to replace as the market rapidly adopts our consolidated view that, together, agent and agentless security stops the breach.

Combined with our recently completed Bionic acquisition, we’re the only vendor offering ASPM, CSPM, CWP, and CIEM under a single CNAPP umbrella. Moving to Identity Threat Protection, where we delivered a record quarter. More and more companies are investing in protection from the growing number of identity-based attacks, with highly visible breaches prominently covered in the news over the past few months. Identity Threat Protection wins in the quarter included an eight-figure total deal value win in the federal government, where a Falcon Identity landed as the identity security solution of choice; and multiple seven-figure wins across diverse verticals, including financial services, consumer packaged goods, and manufacturing, to name a few.

We see a long runway for guiding organizations on their zero-trust transformations with our Identity Threat Protection given a rapidly growing threat vector, a largely untapped market where most organizations aren’t protected, and our frictionless, unified architecture that secures identity across devices, clouds, domain controllers, and Active Directory. CrowdStrike pioneered the identity threat protection category, and we are unmatched in the market as the only company with a single-agent solution for both on-prem and cloud environments. Moving to LogScale. Our LogScale next-gen SIEM business achieved new records in Q3, surpassing the $100 million ARR milestone.

The combination of search speeds, data gravity, and cost efficiencies, all integrated within the Falcon platform, sets LogScale miles apart from its competitors. However, it is the future of this business that really excites me. Our LogScale next-gen SIEM opportunity is supercharged by pervasive discontent with legacy SIEMs, recent M&A activity, and CrowdStrike’s growing position as cybersecurity’s platform of record. We have seen a significant and pronounced increase in interest among customers looking to leapfrog their expensive, cumbersome, and slow legacy SIEMs.

Our next-gen SIEM offering is the right technology in the right place at the right time to benefit from market dynamics and the scale of CrowdStrike. Q3 wins include a seven-figure expansion in a major consumer staples company, selected LogScale to ingest data from third parties, correlate alerts, and benefit from long-term data retention; a seven-figure financial services new customer land, where CrowdStrike was called in to stop a breach. With the desire to operationalize their high-fidelity security data without compromising on costs, Falcon LogScale was an easy choice to replace the incumbent Microsoft. A seven-figure new logo land in a business process outsourcing firm that had decided it was time to replace their antiquated SIEM with LogScale while also adopting the Falcon platform for XDR, Identity, and Cloud Security.

Our advancement into the next-gen SIEM market is accelerated by the Raptor release, which brings LogScale to the forefront of the Falcon platform experience. With Raptor, we’ve made it significantly easier for customers to build their security and data lake efforts on top of LogScale next-gen SIEM across our native first-party data and that of any third-party product. Our single-platform approach evolves and broadens the aperture of cybersecurity. CrowdStrike is cybersecurity’s AI consolidator, liberating organizations from legacy AV, subpar EDRs, and a hodgepodge of hygiene, compliance, vulnerability, device management tools, costly and clunky SIEMs, and a confusing alphabet soup of immature cloud point products.

Readers Also Like:  Q3 Results HIGHLIGHTS: Tata Communications, Polycab, Home First, several other firms report earnings - Zee Business

This lengthy list of costly point products can be left behind, saving tens of millions annually for businesses. Most importantly, stopping the breach matters more today than ever before. Adversaries don’t discriminate. No matter the industry vertical, the geography, or the business side, stopping the breach is non-negotiable.

The business disruption and financial losses from breaches are growing. Cutting corners on security is one of the most costly choices a business can make. The cost associated with cleaning up a breach can exceed $100 million. Our seminal cybersecurity platform innovation, as well as threat intelligence and service expertise, delivers the best security outcomes.

This is why we win. Stopping the breach is the security outcome that CrowdStrike delivers. This makes our business incredibly durable in diverse economic cycles. We are a business necessity.

A win this quarter exemplifying our unmatched capabilities is a large multinational who was using legacy EDR until they were breached. They called CrowdStrike, and we quickly remediated the breach. Seeing the power of the Falcon platform, this customer purchased Falcon Complete, Identity Complete, and LogScale next-gen SIEM for hundreds of thousands of workloads. Helping this large multinational in their time of need showcases CrowdStrike’s differentiation.

Our AI trained on cybersecurity’s richest dataset drives the industry’s most comprehensive protection and automation. We coupled the right technology platform with cybersecurity’s best and brightest incident responders and the expertise that comes from curating the industry’s leading threat intelligence. The need for stopping breaches is not just an enterprise concern. The problem is just as pronounced in the SMB market, especially the S of SMB, where businesses remain stuck on legacy signature-based AV, oftentimes not knowing that better exists for them.

Falcon Go is fit for purpose, delivering big protection for their small business. With our latest release of Falcon Go, we delivered a whole new user experience, creating the easy button for cybersecurity, removing the need for CrowdStrike users to have cyber or IT skills. The new console is intuitive and preconfigured for immediate SMB success. We’re always looking to remove the friction from the customer experience, and this new release makes Falcon Go as easy as one click to accelerate customer adoption.

Falcon Go is a major step for SMB cybersecurity, and we are now investing in go-to-market. We launched sales of Falcon Go on Amazon Business, a marketplace where over 6 million SMBs purchase everything for their businesses. With Falcon Go, our mission of stopping breaches extends to businesses of all sizes, large and small. Our go-to-market is propelled by our partner ecosystem.

Partners bring CrowdStrike into new accounts and drive platform adoption in existing customers. Year to date, 62% of all our new logo wins were partner-sourced. The efficacy and success of our channel-led growth was reported by Canalys, the channel’s leading industry analyst firm. In their most recent cybersecurity research, Canalys reported CrowdStrike’s endpoint market share as No.

1, ahead of Microsoft. In addition, the research highlights CrowdStrike as the fastest-growing cybersecurity vendor in the channel, ahead of Microsoft and Palo Alto Networks, among others. We are setting new records. We announced surpassing $1 billion in AWS marketplace sales.

Being the first and fastest cybersecurity vendor to reach this milestone exemplifies CrowdStrike’s leadership position as the cloud cybersecurity platform of choice. And our AWS momentum is not slowing. This past quarter was a CrowdStrike record AWS marketplace quarter. Our global systems integrator alliance partners are increasingly engaging with us across the entire Falcon platform.

For example, EY built a 150-person strong and growing global LogScale next-gen SIEM practice based on the demand they are seeing for SIEM transformation in our technological superiority. In addition, EY refers their clients to CrowdStrike for incident response engagements and secure digital transformation projects. To date, we have done over $160 million in business with EY across 24 countries. In closing, in a challenging macroeconomic environment which impacted even the largest cybersecurity vendors, we delivered a record Q3, accelerating double-digit net new ARR growth, record free cash flow, and record profitability.

Surpassing $3 billion of ARR as the fastest and only pure-play cybersecurity software vendor in history to achieve this milestone validates CrowdStrike’s market leadership. Our Q4 setup is strong with a record pipeline, and the competitive gap between CrowdStrike and other players in the market continues to widen. I’m excited about the path we are on and the progress we are making to 10 billion in ARR. Today’s cyber environment is exactly why I built CrowdStrike.

The adversary is moving faster, and the rise of dark AI significantly increases attacker sophistication. Falcon has made cybersecurity easy and effective for small businesses to the world’s largest enterprises. Simply put, CrowdStrike is cybersecurity’s platform consolidator of choice. The platform is winning at scale.

Our customers are looking to Falcon for more, more workloads, more use cases, and more security outcomes. CrowdStrike remains unrelenting in our focus and promise: stopping the breach. With that, we have a busy and exciting Q4 ahead of us. And I will now turn it over to Burt for commentary on our financial performance.

Burt PodbereChief Financial Officer

Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP. Additionally, the results we are reporting today include the acquisition of Bionic, which closed during the quarter and was de minimis to revenue and ARR. Outstanding execution from the CrowdStrike team resulted in a record third quarter despite a continued challenging macro environment.

Financial highlights in the quarter included an acceleration in net new ARR growth, driving ending ARR well above the $3 billion milestone; 96% year-over-year growth in operating income and record operating margin; record net income, which more than doubled year over year; record GAAP profitability for the third consecutive quarter; and record free cash flow. In the third quarter, we achieved record net new ARR of $223.1 million, with year-over-year growth accelerating to 13%. Demand in the quarter was broad-based as we expanded our leadership across the market from large enterprises to small businesses. New customer acquisition, strong expansion business within existing customers, and a record quarter with the U.S.

federal government contributed to the acceleration in net new ARR growth, and ending ARR reached $3.15 billion, up 35% year over year. We continue to be very pleased with our platform strategy as subscription customers with five or more, six or more, and seven or more modules now represent 63%, 42%, and 26% of subscription customers, respectively. Our growth retention rate remained high, and our dollar-based net retention rate was slightly below our benchmark in Q3 as the mix of net new ARR from new customers has remained above our expectations and we continue to land bigger deals. Moving to the P&L.

Total revenue grew 35% over Q3 of last year to reach $786.0 million. Subscription revenue grew 34% over Q3 of last year to reach $733.5 million. Professional services revenue was a record $52.6 million, representing 57% year-over-year growth. The geographic mix of third quarter revenue consisted of approximately 69% from the U.S.; 15% from Europe, Middle East, and Africa; 10% from the Asia-Pacific region; and 6% from other markets.

Our investments in data center and workload optimization that we outlined in our Fal.Con investor briefing in September continued to bear fruit, resulting in record subscription gross margin performance, above 80% in the third quarter. Total non-GAAP operating expenses in the third quarter were $436.1 million, or 55% of revenue, versus $348.6 million last year, or 60% of revenue. Q3 sales and marketing and R&D expenses grew 23% and 31% year over year, respectively. We continue to invest aggressively in innovation and growth while exceeding our profitability expectations.

Third quarter non-GAAP operating income grew 96% year over year to reach a record $175.7 million, and operating margin increased by 7 percentage points year over year to reach a record 22%. As we outlined during our Fal.Con investor briefing in September, we have once again raised our target model, which now calls for subscription gross margin of 82% to 85%, operating margin of 28% to 32%, and free cash flow margin of 34% to 38%. We expect to achieve our new target model within the next three to five years as we also flight the company to reach $10 billion of ARR over the next five to seven years. Non-GAAP net income attributable to CrowdStrike in Q3 grew to a record 199.2 million, or $0.82 on a diluted per share basis, each more than doubling year over year.

Our weighted average common shares used to calculate third quarter non-GAAP EPS attributable to CrowdStrike was on a diluted basis and totaled approximately 244 million shares. We ended the third quarter with a strong balance sheet. Cash and cash equivalents and short-term investments totaled $3.17 billion and reflects the $238.7 million payment net of cash acquired for the acquisition of Bionic. Cash flow from operations was a Q3 record of $273.5 million.

Free cash flow reached a record $239.0 million, or 30% of revenue, achieving a Rule of 66 on a free cash flow basis. Moving to our outlook. As George outlined, strong demand for the Falcon platform is driving our pipeline to new heights. However, the macro environment remains challenging with continued increased budget scrutiny.

And as a result, we are not expecting to see the typical Q4 budget flush. Balancing these factors, we are maintaining our net new ARR assumptions which call for in line to modestly up net new ARR for the full year and double-digit year-over-year net new ARR growth in the second half. As our guidance reflects, we are raising our full year revenue and profitability expectations for the year. Additionally, we are maintaining our target of 30% free cash flow margin for the full fiscal year.

More specifically, for the fourth quarter of FY ’24, we expect total revenue to be in the range of $836.6 million to $840.0 million, reflecting a year-over-year growth rate of 31% to 32%. We expect non-GAAP income from operations to be in the range of $186.5 million to $189.0 million and non-GAAP net income attributable to CrowdStrike to be in the range of $199.6 million to $202.1 million. We expect diluted non-GAAP net income per share attributable to CrowdStrike to be approximately $0.81 to $0.82, utilizing a weighted average share count of 245 million shares on a diluted basis. For the full fiscal year 2024, we currently expect total revenue to be in the range of $3,046.8 million to $3,050.2 million, reflecting a growth rate of 36% over the prior fiscal year.

Non-GAAP income from operations is expected to be between $633.6 million and $636.2 million. We expect fiscal 2024 non-GAAP net income attributable to CrowdStrike to be between $715.2 million and $717.7 million. Utilizing 243 million weighted average shares on a diluted basis, we expect non-GAAP net income per share attributable to CrowdStrike to be in the range of $2.95 to $2.96. George and I will now take your questions.

Questions & Answers:

Operator

Thank you. [Operator instructions] Our first question comes from the line of Saket Kalia of Barclays.

Saket KaliaBarclays — Analyst

OK. Great. Hey, guys. Thanks for taking my question here and great to see the net new ARR return to growth in the quarter.

George, maybe for you. A lot of great stuff in your prepared remarks to run through, but maybe I’ll just stick to one question here. You know, you’ve talked about how the legacy SIEM market is starting to feel kind of like the legacy AV market did. And of course, we’ve recently seen some M&A in that market.

It’s probably too early, but maybe the question is what are prospective SIEM customers saying to you about LogScale and their willingness to explore other solutions besides their traditional SIEM? Does that make sense?

George KurtzCo-Founder, President, and Chief Executive Officer

It does, yeah. It’s a great question. So, when I look at the market today and I compare that to when I started CrowdStrike in 2011 and really talking to customers in 2012 and 2013 about replacing their legacy AV, it feels like it’s the same conversation just with a different context of replacing their legacy SIEM. What I found and I tend to like businesses and markets where this is in play is where the incumbents are entrenched but have a high degree of dissatisfaction, where the technology is legacy, and where the complexity is just high of patching all this stuff together.

And in talking to customers, they want better, faster, and cheaper, and they want something that works at cloud scale. If you look at what we’ve done with LogScale, it’s a much more modern version of a SIEM, a next-gen SIEM. We got ahead of the curve a couple of years ago when we bought Humio, which is now LogScale. We’ve now integrated it into our platform, and it’s extended out our XDR technology, and it allows us to do log and SIEM in the same platform.

So, from our perspective, the feedback that we’ve gotten not only from customers but partners like EY, who are building practices around this, this is a massive opportunity for CrowdStrike and now is the right time for us given the level of dissatisfaction, M&A, and the environment and the customers’ willingness to look for a much better solution, which also gives us data gravity in the platform.

Saket KaliaBarclays — Analyst

Makes a lot of sense. Thanks, guys.

Operator

Thank you. Our next question, please stand by. It comes from the line of Joel Fishbein of Truist.

Joel FishbeinTruist Securities — Analyst

Thanks for taking my question and good quarter on the net new ARR side. George, another question along Saket’s line but around the comments you made with regard to data protection. The same could be said about the legacy DLP market. And as you know, I would say that’s even longer in the tooth in some of the SIEM market players out there.

Readers Also Like:  Second Chick-fil-A site design receives planning commission approval - Elizabethtown News Enterprise

Love to hear how you are — you didn’t talk about it like you did Cloud Security, Identity Protection, LogScale, etc. How far are we in that displacement market and how big do you think they are and what’s the competitive dynamics there? It’d be really helpful. Thank you.

George KurtzCo-Founder, President, and Chief Executive Officer

Sure. Well, we actually showed our data protection technology at Fal.Con a couple of months ago. We’re actively working with some of the largest enterprises in the world to make sure that we account for all their requirements and their ability to actually move off their legacy DLP product. There’s not one customer that I’ve talked to that says they like their DLP product, period.

And in today’s environment with data in motion, particularly through cloud services, the ability to actually be able to track from endpoint through cloud where data moves, what type of data is out there, leveraging our AI to understand, is it something that should be moving in certain places is going to be incredibly important. And the way we look at it is the same way we look at legacy AV. There’s a better way to reimagine DLP into Falcon Data Protection. And we’re very, very close to being able to release that as we continue to put the fine touches on what customers are looking for and what they’re willing to write a check for.

So, stay tuned, but another massive market opportunity for us.

Operator

Thank you. Our next question comes from the line of Rob Owens of Piper Sandler.

Rob OwensPiper Sandler — Analyst

Great. Good afternoon. George, I guess staying on theme here with these extensible adjacencies, maybe you can touch on Falcon for IT? What early response has been since I guess showing it at your recent user conference and where do you see the opportunity on that front?

George KurtzCo-Founder, President, and Chief Executive Officer

Well, coming out of Fal.Con, I would say that was the No. 1 requested feedback item across all the great announcements that we had. I think it’s so overdue in the technology space to be able to unify IT and security. Sometimes, the technology isn’t the harder part.

It’s the org structure. So, having a single agent that’s both security and IT, can use a home for IT, I think, is very important. We’re actually working with large customers right now, gathering their feedback, and then we’re looking to have a product out probably in Q1. But so far, the feedback has been amazing in terms of what we’ve already delivered.

And now, we’re capturing additional capabilities for our first release. So, I think that one is — has a lot of legs to it and certainly opens up a massive TAM opportunity for us in IT, well beyond anything in security given the agent cloud architecture that we built. We’ve got the real estate, and we plan to monetize it.

Operator

Thank you. Our next question comes from the line of Matthew Hedberg of RBC.

Matt HedbergRBC Capital Markets — Analyst

Great. Thanks for taking my question. Burt, I’ve got one for you. Obviously, you didn’t comment on fiscal ’25.

I believe at this point last year, you did give a couple breadcrumbs on how to think about ARR. I’m curious, as we sort of sharpen our pencils on ’25, are there any guideposts or things that we should think about, whether it’s growth or profitability?

Burt PodbereChief Financial Officer

Hey, Matt. Great question. So, for us, we are always looking to maximize our growth while, at the same time, paying attention to the bottom line. So, that’s never changed.

We are absolutely going to continue to invest in innovation. We’ve got — we announced so much at our last Fal.Con. We’ve got a lot of momentum. We’re going to continue to invest to continue that momentum.

But also at the same time, we recognize that we want to make sure that we’re a very well-run company and people are seeing the output of that certainly in this quarter, and we don’t plan on changing that at all for next year.

Operator

Thank you. Our next question comes from the line of John DiFucci of Guggenheim.

John DiFucciGuggenheim Partners — Analyst

Thank you. George, it’s impressive to really — to see the consistency of your team at scale here, but I’m just curious how did traction continued into the end of the October quarter and then again into — well, we’re almost through November, relative to the October period? And the reason I’m asking this is that we’ve generally heard of a fade in business activity through October across the industry, not necessarily with you. I mean, actually, we didn’t hear it with you, but across most others, and it’s actually sort of shown up in the results of some of your security peers. So, just wondering maybe what are you seeing — what did you see into the end of the quarter and what are you seeing at the beginning of the January period?

George KurtzCo-Founder, President, and Chief Executive Officer

Yeah, we certainly had a strong October. I think as I said in my prepared remarks, the macro environment is still challenging. And make no mistake about that deals take longer, a lot more scrutiny, a lot of signoffs. And there’s a lot more work that goes into these larger enterprise deals.

Getting deals done, even like FalconFlex, which are more enterprise-like in their nature, you know, takes time. So, we had a great October. But in general, you know, buyers are still cautious. And I think the fact that we’re able to provide a real platform play that allows them to consolidate in other technologies and ultimately save money accrues values to us.

But it certainly takes a lot of time and effort to get the deals over the goal line. But team did a great job, and October was strong for us.

Operator

Thank you. Our next question comes from the line of Tal Liani of Bank of America.

Tal LianiBank of America Merrill Lynch — Analyst

Hi, guys. I have — first question is Bionic contribution. You said it was de minimis. Can you define what’s de minimis for net new — the contribution to net new ARR? And then the quarter was phenomenal, but I do see some weakness across the board of cyber companies with billings.

In your case, it was down about 2%. I also see some weakness in deferred revenues. How do I reconcile what I see with billings with deferred — with the underlying drivers that are very strong and your strong execution? Why is — why are we seeing weakness not just with you, maybe with the entire space, but why are we seeing weakness with billings across the board? Thanks.

Burt PodbereChief Financial Officer

Thanks, Tal. Good question. I’m going to start with billings. Yeah, you’re correct.

For us, specifically, you know, we don’t manage the business to billings and we feel that ARR gives you the absolute best proxy to revenue and we felt that that’s the right metric, as you know, since we went public, to give you more transparency into the health of our business. And that’s the metric that really guides you on health. With respect to billings ourselves, I mean we think about billings similar to probably most of you out there is that, you know, billings typically for hardware companies, they use that when they don’t disclose any sort of bookings metric. And that’s not us, right? We think that, you know, billings has certain things that, you know, just are not as relevant as a metric like ARR.

You’re comparing a balance sheet item to a P&L item. And for us, the P&L is going to dictate, you know, the health of the business. So, for us, you know, billings obviously is going to be impacted by duration. And there are many things that go into that.

And, you know, remember also that when you think about on a year-on-year basis, we’re still up on billings, and that’s the one thing that you want to take away. You know, for us, when we think about how we want to continue to be transparent, you know, ARR really gives you that notion of where we’re going and how we’re doing. And I think that that’s the focus and it has been, by the way, since we went public. Even as a private company, that’s the one that we manage the business to, that’s how we, you know, look at how to give out quotas to our reps, etc., etc.

So, for us, that’s not going to change. And, you know, I hope that answers that question.

Operator

Thank you. Our next question comes from the line of Adam Borg of Stifel.

Adam BorgStifel Financial Corp. — Analyst

Awesome. Thanks so much for taking the question. Maybe just for George on CNAPP. It’s obviously great to hear the traction.

As we look ahead, should we still view this as more of an upsell opportunity to existing customers, or what needs to happen for this to be more of a tip of the spear to drive net new logos? Thanks so much.

Maria RileyVice President, Investor Relations

I’m sorry. Would you mind repeating your question?

Adam BorgStifel Financial Corp. — Analyst

Great. Do you hear me OK now?

Maria RileyVice President, Investor Relations

Yeah, we can hear you now.

Adam BorgStifel Financial Corp. — Analyst

Great. Sorry about that. Maybe just on CNAPP. It’s great to see the continued traction there.

And as the market matures, should we view this as more of an upsell opportunity, or what needs to happen for this to be more of a tip of the spear to drive net new logos?

George KurtzCo-Founder, President, and Chief Executive Officer

Yeah. It’s really a bright star for us when you look at our CNAPP capabilities of cloud workload protection, CSPM, CIEM, ASPM now with Bionic. We really have, I think, the — one of the most complete cloud security offerings in the industry, and we’re winning deals with it. We’re leading in many cases, particularly forward-leaning cloud companies that we’re selling to.

If you look at the latest threat environment and what’s happening and how identities are being abused and two-factor authentication systems being bypassed, those sort of things, it’s important to have a full suite of cloud protection. And I think this is sort of the awakening time for that industry and that companies can’t just say, hey, we’ve got something, you know, from a cloud provider or we’re going to go at it alone. I remember many, many, many years ago, companies didn’t run antivirus, right? And you would say that’s silly. Today, everybody runs an antivirus-type technology.

It wasn’t so silly, you know, 30-, 35-plus years ago. And I think this is kind of the inflection point in the cloud world where you’re going to have multiple levels of protection, both agent and agentless. And the fact that we’ve been able to harmonize those two together and deliver a very robust agentless technology, combined with the best cloud workload protection in the industry, gives us a real advantage.

Operator

Thank you. Our next question comes from the line of Mike Walkley of Canaccord Genuity.

Mike WalkleyCanaccord Genuity — Analyst

Great. Thanks. George, you touched on the new release of Falcon Go to better target SMB customers with more concise packaging. Can you just give us some color on how this segment of your business is trending as some of your competitors have called out, you know, soft SMB spending due to the macro? And also, just how is this new release helping address pain points for these smaller customers? It seems like you’re starting to accelerate win rates in this segment.

George KurtzCo-Founder, President, and Chief Executive Officer

Well, we saw a very strong SMB segment. We’ve done a lot of work, A, starting with our partners like Pax8 and others, Dell, in that market. So, meeting the customers where they like to buy is really, really important. And then coming up with a very innovative and easy-to-use technology designed for the SMB.

Our latest release of Falcon Go is literally one-click install, and the feedback that we’ve gotten from customers are like, wow, this is the easiest thing I’ve seen. It just works. And I think you’re going to see even more broad adoption because we’ve made it so easy to install. You don’t have to be an IT professional.

And then we’ve got, you know, our partner network that are building services around it. So, they’re able to generate dollars. We’re able to sell our product through their channels where they meet the customers. And I think we’ve taken a very innovative and effective approach in our partnering strategy, and this is something that we’ve really worked on over the last year or 18 months, and we’re bearing the fruit of it right now.

Operator

Thank you. Our next question comes from the line of Gray Powell of BTIG.

Gray PowellBTIG — Analyst

OK. Great. Thank you for taking the question. Yeah, I was just wondering if you could repeat the commentary on the potential for a year in budget flush.

I think you said that it was not going to be a typical year. And if I remember correctly last year, the commentary was more like there’s going to be little or no budget flush. So, I guess my question is like how does this year look in comparison? Is it better, same, worse? Just sort of what’s your confidence level on trends?

Readers Also Like:  Share Market Today LIVE: Sensex drops 500 pts, Nifty below 18,150 dragged by financial, IT stocks - Zee Business

George KurtzCo-Founder, President, and Chief Executive Officer

I think we’re looking at it saying, you know, it may not happen, right? So, we’re not necessarily counting on that. And if it does happen, fantastic. And you have to, again, keep in mind that, you know, our fiscal year end is the beginning of a new budget cycle as well. So, we have a year-end budget if it comes in December and the new budget is in January.

But we — you know, the macro environment, I would say, has remained steady. As I said earlier, still challenging, and, you know, we’ll see if a budget flush comes, but, you know, that’s not something that we’re counting on.

Operator

Thank you. Our next question comes from the line of Jonathan Ho of William Blair.

Jonathan HoWilliam Blair and Company — Analyst

Hi. Congratulations on the strong quarter. I just wanted to get a little bit more color around the Charlotte AI revenue potential and maybe what customer use cases are seeing the most interest so far. Thank you.

George KurtzCo-Founder, President, and Chief Executive Officer

Well, we announced our pricing at Fal.Con. That was actually well received with customers. And in terms of the overall use cases, as I’ve talked about in the past, really, it’s helping a Tier 1 SOC analyst uplevel themselves to be a Tier 3, right? It’s really driving SOC automation, which is a big focus for us with things like Charlotte and things like Falcon Foundry. How do you drive automation into organizations to give them better outcomes? And at the end of the day, they would be willing to pay for something if it’s going to save them time or money or make their job easier.

And what we’ve seen in the customers who are using Charlotte right now in its preview mode is they’re able to do things way faster than they ever could and they’re able to explore and ask questions that they haven’t been able to do in the past, right? Just — it just makes it so easy to have Charlotte gather up all the information and then take an action on their behalf. So, A, the pricing has resonated well with customers. You know, we’ll see how it shakes out as we get into full swing of things. But overall, what we’ve put together and the fact that it isn’t an independent chatbot, it’s really a foundational platform service that’s wired into everything that we do and allows automation through all the modules, I think is a home run for us.

Operator

Thank you. Our next question comes from the line of Gregg Moskowitz of Mizuho.

Gregg MoskowitzMizuho Securities — Analyst

OK. Thank you for taking the question. George, in your prepared remarks, you expressed a lot of excitement for Falcon for IT, but in addition to better security, better unification with IT, it also strikes me as having the potential to be a real ROI-driven sale for many customers. Do you agree with that? And if so, is that going to be an angle that you really go after from a go-to-market standpoint?

George KurtzCo-Founder, President, and Chief Executive Officer

Well, it’s exactly what we’re hearing from customers. I was with a customer last night, and they were saying we’re so excited for Falcon for IT because we’ve got to work — you know, we find the problems, we document them, and then we’ve got to work with the IT teams to get them fixed. And a lot of times, they’re tooling is well behind what we can do with Falcon. And they sort of end up fixing it themselves with IT because we just have the capabilities to do that.

So, to be able to carve out a hole for IT and seamlessly help them understand their exposures on their assets that matter and then drive the automation to actually remediate those is incredible. And it goes beyond just kind of simple remediation. If you think about all the internal use cases in HR. A, you know, an employee might have an issue, they might have to investigate it, they might have to do forensics on systems.

Systems are remote all over the world. We’ve got many, many airlines that use our technology. They don’t want to send out an IT person to go fix the kiosk that has, you know, Microsoft blue screen. So, what can they do? They can use Falcon for IT to bring it back to health.

Tremendous savings in terms of cost and travel and complexity. So, this one, I’m really, really excited about. And again, we’re working to get all the components of what customers need, at least for this first release. And then I think sort of the sky’s the limit of what we can build out there.

Operator

Thank you. Our next question comes from the line of Gabriela Borges of Goldman Sachs.

Gabriela BorgesGoldman Sachs — Analyst

Good evening. Thank you. George and Burt, I have a question for you as you think about your fiscal year ’25 planning assumptions. You mentioned a couple of times that the macro environment is very consistent.

Clearly, the execution on growth and profitability is very consistent. I’d love your observations on what’s incrementally changing, meaning as you think about your priorities into next year, what’s new versus this time last year? Thank you.

George KurtzCo-Founder, President, and Chief Executive Officer

Well, I’ll start now, and I’ll let Burt jump in. I think from a priority perspective, just on go-to-market and product, and let you talk about the fiscal piece, Burt, but we continue to drive innovation. You know, our focus has been on innovation, not integration. And I think that’s shown in what we’ve been able to deliver in the market, how fast we’ve been able to come out products.

Falcon was our richest release of technology. So, we want to continue to be the innovation leader in security. And I think customers will recognize that. From a go-to-market perspective, there’s a lot of work that we’ve done in terms of really, really making sure we’ve got the right hygiene across the enterprise and making sure that we can compress these, you know, basically, time in sales cycles to get deals done when we need to and vector them in.

And then also as we go down market into SMB, creating the right products for that segment and then delivering it through the right channels. So, what we have is working, so it’s going to continue to drive innovation, continue to remove friction in the go-to-market motion, and continue operational excellence, you know, up and down the sales and the partner organization. Burt.

Burt PodbereChief Financial Officer

Thanks, George. So, in terms of how we think about the macro next year, we’re not going to predict a change in the macro until we actually see it, right? I think that’s going to be the wait-and-see game for most companies, and that’s certainly the one that we’re going to take. But that’s how I see it.

Operator

Thank you. Our next question comes from the line of Alex Henderson of Needham.

Alex HendersonNeedham and Company — Analyst

Great. Thank you so much. Thanks for a great print, but I was hoping you could give us some clarity around some of the key metrics that people use to track conditions, closure rates, whether they’re stable, improving, or eroding, cycle time. I know you’ve said your deal size is up.

And I think at the — at Fal.Con, you talked about a significant increase in pipeline build. I think the comment was made on the stage that your pipeline target that they had tried to build was more than double the target. So, I was hoping you could talk about what the pipeline looks like as we go into this quarter and into the new year.

George KurtzCo-Founder, President, and Chief Executive Officer

Great. Well, when we look at the current macro environment, it is stable. But as I talked about in the Q&A and in the prepared remarks, it’s still a challenging environment. It takes a lot of effort to get deals done.

And again, it depends on the segments. Some segments are going to be a little bit longer in the enterprise and SMB a little bit shorter. But that being said, you know, when we look out and we look at things like our pipeline, we have a record pipeline. And we have that because I think we’ve got the best product suite in the industry.

We’ve got customers that are truly understanding the platform capabilities of what we’ve built. They’re coming to us and saying, hey, let’s sit down and go through your road map and our road map, and let’s figure out what we can consolidate. So, they’re coming to us with the openness of wanting to buy more and leveraging things like FalconFlex to be able to have bigger commits at CrowdStrike, which is important. And, you know, overall, it’s, as I said, still a tough environment, but I think we’ve got some key metrics like the pipeline that is encouraging to us.

And when you look at LogScale and our Cloud business and our Identity business, I mean these are absolutely bright stars across the entire platform. And again, keep in mind, we’re not selling individual piece parts. People are buying the platform, and that’s what’s driving the growth.

Operator

Thank you. Our last question comes from the line of Eric Heath of KeyBanc Capital Markets.

Eric HeathKeyBanc Capital Markets — Analyst

Great. Thanks for squeezing me in here. George, I guess I’ll come back to the SIEM conversation. So, appreciate the color on the synergies of using LogScale to do the analytics on top of your first-party data that you’re already capturing.

Makes a ton of sense. But I guess can you push out a bit more as to why your AI engine and your proprietary endpoint data is a better approach to capture the next-gen SIEM opportunity that many seem to be targeting, including those that claim to have more first-party data sources.

George KurtzCo-Founder, President, and Chief Executive Officer

Well, when you look at just kind of the data gravity and what customers care about from a security perspective, I would say 85% of really the value of the data and the data that’s generated comes from the endpoint. That really is the richest source of data because that’s where it’s generated from. As it goes across the network, you know, it gets down-selected and you lose a lot of the fidelity. So, we already have a lot of that data.

So, let’s start there. Then when you look at LogScale, LogScale is very robust and has the capabilities to ingest just about any type of third-party data into the product and very effectively without creating an index, which is its unique capability, index-free ingestion, which means you get immediate results. So, from a platform perspective, we sort of have the data gravity already. We’ve got that 85% of the data.

So, customers would rather give us 15% that we don’t have and leverage, you know, LogScale to replace their SIEM. And beyond replacing their SIEM, that’s the security use case, we have customers — many, many customers that use it for all kinds of performance management, logging their infrastructure, logging their Kubernetes clusters. So, when you combine the fact that we’re coming out with Falcon for IT now with LogScale, which can log any data above and beyond security, we think that’s a much broader opportunity than just SIEM itself. It opens up the entire data architecture of an organization to CrowdStrike.

Operator

Thank you. I would now like to turn the conference back to George Kurtz for closing remarks. Sir.

George KurtzCo-Founder, President, and Chief Executive Officer

Well, thank you. And I first want to close by acknowledging the heroic dedication of our team in Israel who continue to remain focused on CrowdStrike’s mission. Our thoughts are with each and every one of you in these trying times of war. Thanks all of you for your time today.

We appreciate your interest and look forward to seeing you at our upcoming investor event and happy holidays.

Operator

[Operator signoff]

Duration: 0 minutes

Call participants:

Maria RileyVice President, Investor Relations

George KurtzCo-Founder, President, and Chief Executive Officer

Burt PodbereChief Financial Officer

Saket KaliaBarclays — Analyst

Joel FishbeinTruist Securities — Analyst

Rob OwensPiper Sandler — Analyst

Matt HedbergRBC Capital Markets — Analyst

John DiFucciGuggenheim Partners — Analyst

Tal LianiBank of America Merrill Lynch — Analyst

Adam BorgStifel Financial Corp. — Analyst

Mike WalkleyCanaccord Genuity — Analyst

Gray PowellBTIG — Analyst

Jonathan HoWilliam Blair and Company — Analyst

Gregg MoskowitzMizuho Securities — Analyst

Gabriela BorgesGoldman Sachs — Analyst

Alex HendersonNeedham and Company — Analyst

Eric HeathKeyBanc Capital Markets — Analyst

More CRWD analysis

All earnings call transcripts



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.