Please ensure Javascript is enabled for purposes of website accessibility

Why CrowdStrike Stock Is Still a Smart Buy

By Trevor Jennewine and Olivia Zitkus – Oct 29, 2021 at 10:15AM

You’re reading a free article with opinions that may differ from The Motley Fool’s Premium Investing Services. Become a Motley Fool member today to get instant access to our top analyst recommendations, in-depth research, investing resources, and more. Learn More

Despite huge returns in the past year, this cybersecurity stock could still make you richer.

CrowdStrike (CRWD -0.11%) has become the gold standard in endpoint and cloud workload protection, a branch of cybersecurity concerned with safeguarding devices like desktops and servers, as well as cloud applications and services. The stock has soared 380% since making its public debut in 2019 and could be just getting started.

In this Backstage Pass video, which was recorded on Oct. 15, 2021, Motley Fool analyst Olivia Zitkus shares her thoughts on CrowdStrike with Motley Fool contributor Trevor Jennewine, highlighting the company's strong financial performance and growing market opportunity.

Find out why CrowdStrike Holdings, Inc. is one of the 10 best stocks to buy now

Our award-winning analyst team has spent more than a decade beating the market. After all, the newsletter they have run for over a decade, Motley Fool Stock Advisor, has tripled the market.*

They just revealed their ten top stock picks for investors to buy right now. CrowdStrike Holdings, Inc. is on the list -- but there are nine others you may be overlooking.

Click here to get access to the full list!


*Stock Advisor returns as of October 20, 2021


Olivia Zitkus: CrowdStrike is a cybersecurity company that uses AI, artificial intelligence, to power its security platforms. The AI helps the clients safeguard their devices and their data, in both private and in public works spaces.

I think the real differentiator for this conversation, and for the emphasis that CrowdStrike likes to put on its business, is the AI itself. It's continuous AI analytics operate on a trillion high-fidelity signals every single day. All of that information is sent to its proprietary threat graph, where breaches are recognized and then they're stopped.

So, that sifts through information a lot like a human brain might just at a way faster rate, and it can predict and hunts and hunt down and investigate all these different threats. CrowdStrike has, I think 19 different modules now, something like that, cloud-based, endpoint-based, security, IT, operations, all that stuff. Falcon is probably the best known endpoint cloud system in its lineup. I'll talk a little bit more they just had another investor product presentation this past Wednesday, I'll talk about that a little bit later. But Falcon leans on AI to just become more efficient at recognizing and responding to threats overtime, because AI thrives on data and more data and more data.

Since it was built in the Cloud, it's often a more effective and cheaper cybersecurity solutions than on-premises or on-prem, as they like to call, it security products. I'm going to share my screen now. Great. Awesome.

The slide that you all can see now, cross-check at a glance. Let's just chat about super optimistic stuff first. In the recent quarter, CrowdStrike reported $1.34 billion annual recurring revenue, ARR. We like to put extra attention on that form of revenue for SaaS companies, because it tells us the value of the recurring revenue of the business's term subscriptions normalized over the whole calendar year. If you're not normally a tech investor, that term might look a little strange to you, but it's good to become familiar with.

The company has got over 13,000 subscription customers now, and 66% of those are subscribed to four or more modules. You see 70% year-over-year ARR growth on this slide; I think the company is expecting about 56% to 61% year-over-year growth for the full year 2022, which is a little bit of a drop from that, but nothing terrible given I think the insane last year that CrowdStrike has had. I'm going to go to the next slide here.

What I want to do is talk about competitors and problems a little bit. Obviously, their take is that other products are expensive, they are less effective, they are less efficient. When I think of competitors to CrowdStrike, I think of SentinelOne which is a smaller competitor but it offers a hybrid approach to security with both in the Cloud and on-site. Then Palo Alto Networks as well. They work well with on-site firewall appliances, but they're also expanding into AI. Trevor, do you have any other thoughts on any other competitors that I'm missing for CrowdStrike?

Trevor Jennewine: I think Microsoft Defender, I think that's probably their biggest competitor. Then I think there's some other legacy ones like McAfee. I don't want to take too much time [LAUGHTER] here.

Olivia Zitkus: No, do it. Go for it.

Trevor Jennewine: I mentioned that they have a founder CEO, George Kurtz. He tells the story, in 2011 he was on a flight and he was sitting in the business class, he was sitting next to a gentleman who opened up his laptop. I should have said this first, George Kurtz used to be an executive for McAfee, so he used to work for McAfee. He was on this flight in 2011, the guy next to him opens up his laptop and he said it took about 15 minutes to boot up the laptop because the McAfee software took so long [LAUGHTER] to load. That was his moment of realization; he's like there's got to be a better way to do this. That's when he came up with the idea to pivot to cloud-based architecture. I love that story. I think there's just a lot of passion.

Olivia Zitkus: That's a great story. It brings you back to going to Best Buy and buying the little McAfee disk when that was a thing. Yes. That's a great story, I'm glad we paused for that. Awesome. I'm just going to click over to the next slide. You guys get the point. This is a good overview of CrowdStrike's cloud-native platform, which is comprised of three elements. You've got the single intelligent agent, the distributed Threat Graph, which I mentioned at the overview, and then all these different cloud modules. The agent is what provides that deployment of the service itself and stops all kinds of attacks. Eliminates that agent bloat that you saw in the last slide and all the scheduled scans, the Cloud-native which uses, that's where you have that cloud-scale AI that builds relationships from different sources into itself so that it can accurately predict and prevent threats and stop breaches. Then you've got the modules themselves. Am I right? Sorry, there's a fly right in front of my face. There are 19 now, Trevor? [LAUGHTER]

Trevor Jennewine: Yes. That's exactly the number I had in my head.

Olivia Zitkus: Yeah. Okay. Cool. That's a cloud-native platform. Just crowd-sourced security data which I think is pretty interesting. All those words are very large but I'm just going to keep going. Next up, I wanted to skip that one. Let's go to the Threat Graph a little bit. Again, you just see in this distributed Threat Graph. They show you the time analysis of how long it takes their system to recognize and stop breaches. Six minutes and two seconds; I would say that's relatively impressive. If anything, that's going to need to get faster and faster over time. Here is an outline of all their different modules from endpoint security all the way down to the CrowdStrike store.

The log management, Humio, that was a recent acquisition. I think, earlier this year that was closed on for log management. I think that acquisition ultimately added to the platform by adding that data ingestion and other analysis capabilities for first and third-party data. But it also hurts the company just from an outward earnings perspective. It came with a lot of stock-based compensation schemas that hurt the company financially, at least in the short term, as lots of those pricey acquisitions do. Let's keep plugging along here. We've talked about AI.

Customer base. I wanted to talk about just subscription customers in general, because we talked about Fortune 100 and Fortune 1000 makeup a little bit with Cloudflare and how I think they have 19% of the Fortune 1000, excuse me. As of July 31 of this year, CrowdStrike had 63 of the Fortune 100 on its customer list, and 234 of the Fortune 500, as well as 14 of the top 20 banks. I didn't actually look up what defined the top 20 banks, so there's a star at the bottom of that slide [LAUGHTER] so I might go ahead and do that.

But there's also been 81% year-over-year growth in subscription customers, which for the previous quarter meant over 1,600 new subscription customers. For this company is interesting because the customer growth rate is higher than revenue, which I think is a good sign that this company is going to have to land a lot of new customers and probably wait a while for them to buy new products, and to settle into new products, and to want to spend more money at the company. But yeah, both of those metrics I think are growing at a nice clip.

Great. Let's talk about total addressable market. As I mentioned before, my favorite fake slide [LAUGHTER] in every investor presentation. When I first look at slides like this I always just think why does this business think that its market could reach, in this case, $43.6 billion by 2023. I think CrowdStrike's got a pretty good arguments on the next slide for a 2% compound annual growth rate from now till then.

Total Cloud IT spend in 2023 is going to be north of $215 billion, and cloud security spend's only going to make up 1% of that. Supposedly, that should be between 5% and 10% -- that's what CrowdStrike thinks at least. The spend probably won't quite match what should be happening. That sounds like some poor companies out there are going to have to learn the hard way that [LAUGHTER] they do need to spend more money on security or just in general. As we've seen over the past year, companies will feel pushed obviously to not just diagnose all of their issues after they happen. They want to pre-treat to make sure that those issues do not occur at all, which is the best scenario.

Here's that slide. According to the IDC, an organization should spend between 5% and 10% of its IT budget on security. That's where that 5% to 10% came from. I guess after a certain point, the strategy for CrowdStrike is going to turn from the people are knocking at your door for this product versus build it and they will come, kind of thing. I think once there is that level of trust established with the company and a lot of their existing users, their plan, you can see in the slide below with all their cloud modules, they're just going to keep tacking on useful things. Once a company is in a network like this is, their customers get stuck, and it's a very effective strategy.

Let's talk about ARR growth. This just displays the annual recurring revenue that we had discussed before on the prior slides. But I also wanted to touch on strong revenue growth in general. This slide shows they're 84% subscription year-over-year growth. For the year-to-date fiscal year 2022, we've got 72% subscription year-over-year growth.

Teresa Kersten, an employee of LinkedIn, a Microsoft subsidiary, is a member of The Motley Fool's board of directors. Trevor Jennewine owns shares of CrowdStrike Holdings, Inc. The Motley Fool owns shares of and recommends Cloudflare, Inc., CrowdStrike Holdings, Inc., Microsoft, and Palo Alto Networks. The Motley Fool has a disclosure policy.

Premium Investing Services

Invest better with The Motley Fool. Get stock recommendations, portfolio guidance, and more from The Motley Fool's premium services.