Final hours! Save up to 55% OFF InvestingProCLAIM SALE

Earnings call: CrowdStrike celebrates strong Q4 with record metrics

EditorBrando Bricchi
Published 03/06/2024, 01:57 PM
© Reuters.
CRWD
-

CrowdStrike Holdings, Inc. (NASDAQ:CRWD) has reported a robust performance in its fourth-quarter earnings, showcasing significant growth across key financial metrics, including a record net new Annual Recurring Revenue (ARR) and operating margin. The cybersecurity firm's AI-driven, single-platform technology, Falcon, continues to gain market traction, while strategic acquisitions and product expansions are set to further enhance its data protection capabilities.

Key Takeaways

  • CrowdStrike's record net new ARR reached $282 million in Q4.
  • The company achieved a record operating margin of 25% and record free cash flow.
  • Falcon platform's ease of deployment and vendor consolidation benefits are driving its popularity.
  • Cloud security demand surged, with nearly 200% year-over-year growth.
  • Identity protection ARR surpassed $300 million.
  • CrowdStrike announced the acquisition of Flow Security to bolster its data protection offerings.
  • The company set a target to reach $10 billion in ARR within the next five to seven years.

Company Outlook

  • CrowdStrike expects Q1 fiscal year 2025 revenue between $902.2 million and $905.8 million.
  • Full fiscal year revenue forecast is between $3,924.9 million and $3,989.0 million.

Bearish Highlights

  • The company does not guide to ARR, but the outlook suggests a positive trend.
  • Q1 is expected to be the low point for net new dollars for the year.

Bullish Highlights

  • CrowdStrike reported 34% year-over-year growth in ARR and 36% in revenue.
  • Operating income and net income saw substantial increases, with 86% and a more than doubling, respectively.
  • Free cash flow grew by 39% to $938.2 million.
  • GAAP profitability was achieved for the past four quarters and the full fiscal year.

Misses

  • The company did not discuss any misses during the earnings call.

Q&A Highlights

  • CEO George Kurtz emphasized the strength of CrowdStrike's platform architecture and its seamless integration capacity.
  • The recent release of the Charlotte product and the new Falcon for IT product have both been well-received.
  • CrowdStrike's partnerships with Dell (NYSE:DELL) and Pax8 are expected to open additional market routes.

CrowdStrike's fourth-quarter financial results have painted a picture of a company in strong standing, with its Falcon platform at the forefront of its success. The firm's focus on a single-agent approach and its cloud-native, microservices architecture are resonating with customers who are looking for integrated, efficient cybersecurity solutions. With the addition of Flow Security's technology, CrowdStrike is poised to offer even more robust data protection. Moreover, the company's financial achievements and positive outlook reflect its strategic initiatives and market position. As CrowdStrike continues to innovate and expand its offerings, it remains a notable player in the evolving cybersecurity landscape.

InvestingPro Insights

CrowdStrike Holdings, Inc. (CRWD) has been a highlight in the tech sector, especially with its recent fourth-quarter earnings revealing substantial growth. To provide a deeper insight into the company's financial health and market position, let's delve into some real-time data from InvestingPro and InvestingPro Tips, which could be crucial for investors looking at CRWD.

InvestingPro Data:

  • Market Cap (Adjusted): $79.92B USD, reflecting the company's significant valuation in the cybersecurity market.
  • Revenue Growth (Quarterly) for Q1 2023: 32.63%, indicating a strong upward trend in the company's sales.
  • Price / Book as of the last twelve months of Q4 2023: 31.02, which suggests that the stock is trading at a premium compared to its book value.

InvestingPro Tips:

  • Analysts anticipate sales growth in the current year, which aligns with CrowdStrike's positive revenue forecasts and the company's ongoing market expansion.
  • The company is expected to be profitable this year, which is particularly noteworthy given the recent achievement of GAAP profitability for the past four quarters and the full fiscal year.

These insights underscore CrowdStrike's robust market presence and the potential for continued growth. For investors seeking a comprehensive analysis, there are 15 additional InvestingPro Tips available for CRWD, which can be accessed at https://www.investing.com/pro/CRWD. Discover more about CrowdStrike's financials, market potential, and investment viability with these expert insights.

To enhance your investment strategy, use coupon code PRONEWS24 to get an additional 10% off a yearly or biyearly Pro and Pro+ subscription at InvestingPro. This offer provides an opportunity to leverage real-time data and expert analysis to make informed investment decisions.

Full transcript - Crowdstrike Holdings Inc (CRWD) Q4 2024:

Operator: Thank you for standing by and welcome to CrowdStrike's Fourth Quarter and Fiscal Year 2024 Earnings Conference Call. At this time, all participants are in a listen-only mode. After the speaker presentation, there will be a question-and-answer session. [Operator Instructions] I would now like to hand the call over to Maria Riley, Vice President of Investor Relations. Please go ahead.

Maria Riley: Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, President and Chief Executive Officer and Co-Founder of CrowdStrike; and Burt Podbere, Chief Financial Officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives, growth, including projections, and expected performance, including our outlook for the first quarter and fiscal year 2025 and any assumptions for fiscal periods beyond that, are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call. While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements, whether as a result of new information, future events, or otherwise. Further information on these and other factors that could affect the company's financial results is included in the filings we make with the SEC from time to time, including the section titled risk factors in the company's quarterly and annual report. Additionally, unless otherwise stated, excluding revenue, all financial measures disclosed on this call will be non-GAAP. A discussion of why we use non-GAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our earnings press release, which may be found on the investor relations website at ir.crowdstrike.com or on our form 8-K filed with the SEC today. With that, I will now turn the call over to George.

George Kurtz: Thank you, Maria. And thank you all for joining us today. CrowdStrike delivered an exceptional fourth quarter that far exceeded our expectations. It was another quarter of records. Record net new ARR of $282 million, continuing our acceleration trend, growing 27% year-over-year. Record operating margin of 25%, up 10 percentage points year-over-year. Record free cash flow reaching 33% of revenue and a free cash flow Rule of 66. Record GAAP profitability and record cloud identity and next-gen SIEM ending ARR of greater than $850 million together, more than doubling year-over-year. These results illustrate CrowdStrike's substantial and widening competitive moat, exceptional business acceleration, and validated market leadership. Building on my founding vision, CrowdStrike is the only single platform, single agent technology in cybersecurity that solves use cases well beyond endpoint protection. Falcon is the easiest and fastest cybersecurity technology to deploy, and our single AI native platform makes vendor consolidation instant, frictionless and natural. The feedback we receive from customers, prospects and partners alike is consistent, eagerness to deploy the Falcon platform, ease of adopting more Falcon platform modules, and excitement from continuous innovation with new Falcon capabilities delivered weekly. Leaving stitched together point products and PowerPoint platforms behind, CrowdStrike customers realize the benefits of superior outcomes and lower TCO. A recent IDC report echoes this, showcasing $6 of return for every dollar invested in the Falcon platform. That is ROI. Free is never free. Customers understand the difference between product pricing and the total lifetime cost of operating inferior technology. Given the Falcon platform's ROI and TCO savings, we believe we will continue to see favorable pricing dynamics. I'm thrilled with our performance, which is a testament to the execution and passion from the very best team in cybersecurity. Unified by our focused mission, we stop breaches. My gratitude to all CrowdStriker’s on a job well done. Our execution and discipline across the business, coupled with overwhelmingly positive market feedback, gives me strong conviction in our fiscal year 2025 momentum, which Burt will cover in more detail. The current macro environment remains stable and consistent with prior quarters. We expect continued deal scrutiny throughout this coming year. We remain focused on operational excellence, while delivering market-leading growth at scale, assisting organizations of all sizes to consolidate and improve their cybersecurity. In contrast to the macroeconomic backdrop, the state of the threat landscape has never been more elevated. In CrowdStrike's recent 2024 Global Threat Report, we unpack the harsh realities of cyber today. Key findings include: first, attacks are faster than ever. What took adversaries hours has shrunk to minutes and seconds. Attack speeds will only accelerate. Second, the cloud is increasingly under attack. We tracked a 75% increase in cloud intrusion attempts. The cloud is today's battleground for cyberattacks. And third, generative AI is an adversary force multiplier. GenAI puts advanced cybercrime tradecraft in the hands of attackers of all skill levels, Gen.AI will dramatically grow the adversary population. The Global Threat Report showcases our threat intelligence leadership. We collect trillions of threat signals daily, creating one of the world's largest and fastest growing cyber threat data sets. From day one, we've been an AI company, training the industry's most effective and accurate AI models to prevent attacks based upon our data moat. Embedded in the Falcon platform is a virtuous data cycle where we collect cybersecurity's very best threat intelligence data, build and train robust preventative and generative models, and protect CrowdStrike customers with community immunity. Our team of data science PhDs operate this continuous and real-time process, constantly evolving Falcon's AI foundation to predict adversary activity and stay ahead of threats. Our ever-growing data corpus and unique access to Cyber's freshest data at the source alongside our technology and our human incident response, threat analysts, data science, and engineering expertise, together serve as a structural competitive advantage. Along with AI, cybersecurity is a top priority in my discussions with numerous boards. In today's environment of heightened cyberattacks, the latest SEC breach disclosure regulation only increases the pressure on companies and their boards. We regularly assist boards with regulation readiness by bringing cybersecurity from the back room to the boardroom. This, alongside the severity of the threat landscape, makes effective cybersecurity an increasingly mission critical necessity. That said, cybersecurity today is a frenetic vendor bizarre. Disjointed point feature copycat products clutter the market, attempting to band-aid symptoms instead of curing the illness. OS vendors use their market position to create a monoculture of dependence and risk, and in many cases serve as the breach originator. Even worse, multi-platform hardware vendors evangelize their stitched together patchwork of point products masquerading as thinly veiled piecemeal platforms. And what organizations inevitably realize is that, vendor lock-in leads to deployment difficulties, sky-rocketing costs, and subpar cybersecurity. The outcome is shelf wear and sunk costs. ELA and bundling addiction become the only way to coast customers into purchasing non-integrated point products. If the organization trapped in these fragmented pseudo platforms riddled with bolt-on point products that are the ones suffering from fatigue. In stark juxtaposition, what CrowdStrike customers tell us is that, when you build the right single data-centric AI platform, deliver the right frictionless native solution, and architect the right go-to-market organizations purchase because they need more, receive more, and understand how cybersecurity transformation saves them time and money. Our deal metrics validate this. First, record deal volumes. In Q4, we closed more than 250 deals greater than $1 million in deal value, more than 490 deals greater than $500,000 in deal value, and more than 1,900 deals greater than $100,000 in deal value. Deal counts grew by more than 30% year-over-year across all deal segments. Second, record platform adoption, deals with eight or more modules more than doubled year-over-year. And lastly, continued rising win rates. In Q4, we saw steadily rising win rates across the board, validating our technological leadership over the competition. These results are driven by the following: the winning AI platform, the right solution, and our frictionless go-to-market motion. Let me begin with our winning AI platform. The secret to cybersecurity's leading platform is our single platform has one console and one agent. It solves an ever-expanding set of cybersecurity and IT use cases. Our single platform is open. Our single platform is data-centric, AI native, and scalable, delivering immediate times of value. Key wins prove the value of the Falcon platform, which makes point product consolidation and vendor replacement a reality. A recent seven-figure win in a Fortune 1000 company highlights how our platform consolidates at scale. Falcon replaced an OS security vendor, a legacy AV vendor, and a next-gen vendor. We eliminated multiple Microsoft (NASDAQ:MSFT) consoles and multiple agents to a single console, single agent, and single platform of Falcon. Our platform approach organically inspires customers to deploy Falcon cloud security as their first CSPM, CIEM and ASPM. solutions. An eight-figure multi-year win in a Fortune 100 business where the Falcon platform displays five different products. With recent breaches costing them hundreds of millions, it costs too much to keep using ineffective cybersecurity tools. They purchased EDR, Next-gen AV, Identity, file integrity monitoring, and vulnerability management, reducing the number of agents on their devices by approximately 50%. What used to require five installs is now done with one. There are countless similar stories. Our platform approach makes landing with multiple solutions at once easy and adopting increasing capabilities over time and organic experience. We collect data once and reuse it many times for today's and tomorrow's use cases. Our application of GenAI makes cybersecurity predictive and accessible for all skill levels. It's all on one platform, one agent, and one integrated workflow. Next, delivering the right solutions. Our market-leading cloud security, identity protection, and next-gen SIEM solutions are in demand, because they solve painful customer problems. These businesses collectively are more than doubling year-over-year. Each are IPOable businesses and each play lead roles in Falcon platform consolidation. I'd like to start with our breakout cloud security solution where we are setting new records and winning at scale. Our cloud security momentum accelerated in the quarter with net new ARR growing nearly 200% year-over-year. At more than $400 million in ending ARR, CrowdStrike is one of the largest cloud security businesses in the market and was recently positioned as a market leader in Forrester's cloud security wave. Here are a few recent cloud security wins. An eight figure multi-year win in a hyper-growth AI company. This company's endpoint footprint is in the low thousand. However, with its rapidly expanding cloud estate, this transaction marks our largest inside sales deal of all time. Falcon Cloud Security protects their LLM development and cloud environment. This customer uses CrowdStrike for CSPM, CIEM, CWP and ASPM. From the SMB to large enterprises, our sellers and partners win with Falcon Cloud Security. A leading hyperscaler grew its use of Falcon Cloud Security, praising our Linux capabilities. This large eight-figure transaction takes us deeper into the account where we're not only on every device, but now across large parts of their cloud. The win extends CrowdStrike leadership in securing the world's largest clouds. A global financial services giant replaced their Palo Alto Prisma Cloud products in a large seven-figure deal. The Palo Alto cloud security products required separate management consoles and separate agents because cloud security is on a separate Palo Alto platform altogether. CrowdStrike was able to deliver an expected 70% time reduction in management as well as more than $5 million in annual staffing cost savings. The patchwork of multi-product, multi-agent, multi-console, separate platform technologies resulted in visibility gaps, asynchronous alerts, and overall fatigue managing cloud security. Falcon single platform with its integrated cloud security components was a win for the customer. Customers are starting to realize that CSPM doesn't stop the breach. It is a compliance and reporting tool. Cloud security has moved beyond CSPM. Customers are increasingly realizing that a holistic suite encompassing runtime protection is the only way to protect from active real-time threats. CrowdStrike built the first native single agent and agentless cloud security solution. We've taken cloud security beyond CSPM to include CIEM for securing cloud identity, ASPM for locating, controlling, and securing cloud applications, CWP to stop malicious behavior and breaches. And now we turn to securing the cloud data itself that flows in and out of the cloud. Turning our cloud security focus to data, we're incredibly excited to announce our intended acquisition of Flow Security. Flow stood out as the most unique technology amongst a sea of early startups by delivering the industry's first and only cloud data runtime security solution. Let me explain. The majority of companies in cloud data security focus on two things: discovery and classification. Here's where Flow stands apart. Runtime data discovery and classification. Data is analyzed, pre and post-decryption, enabling precise and instant results. Real-time and continuous data visibility, a live view into data risk, not just at rest but also in motion with LLM-powered adaptive policies. Data leakage prevention, the ability to block data exfiltration, including the data exposed through GenAI services. Simply put, Flow is the industry's first and only cloud data runtime security solution. Flow will also enhance our native data protection module, which is off to a great start already replacing legacy DLP products in Fortune 500 accounts. Customer frustration with legacy DLP is at a fever pitch, similar to the days of legacy AV, where outdated products overstayed their welcome. We will now be able to offer a cloud centric next gen alternative, addressing a market currently shackled by ineffective legacy vendors, estimated to be an $8 billion TAM in CY 28. With Flow, we will have the most comprehensive data protection from code to application, to device to cloud focused on stopping breaches. Next, let's look at identity protection which surpassed $300 million in ARR, more than doubling year-over-year. Q4 was also a record quarter of net new identity customer adds. With 80% of attacks involving identity vectors, we've made identity protection standard fare for modern cybersecurity, because it is already integrated into our single agent. Other vendors attempt to offer identity protection through non-integrated afterthought features or simply lack identity protection altogether. Our identity threat detection and response module remains the market's only single-agent solution that stops lateral movement, protects credentials, and secures where identities are actually born, active directory. Wins from the quarter include a seven-figure deal with a mega cruise line using a next-gen product that can never be fully deployed. Upgrades and operations were a disaster. When I personally met with them, they were beyond frustrated with being the quality control test bed and tired of too many incidents that slipped past their current vendor. Our identity solution delivered in one, not two agents, sets the Falcon platform apart. An eight-figure transaction with a major chip manufacturer added identity to their Falcon deployment. Trapped in a large Microsoft ELA, this organization realized Microsoft needed to bring in a startup to augment its current offering. This piecemeal approach to identity protection created a massive burden of deploying another unproven agent. The customer saw the immediate value of Falcon identity. Our single agent and single platform approach reduced their Microsoft dependency. Lastly, let's discuss LogScale next-gen SIEM, an inflecting Falcon platform solution. We added record net new next-gen SIEM ARR in Q4, growing over 170% year-over-year. As of the end of Q4, our next-gen SEIM-ending ARR is now greater than $150 million, selected by well over 1,000 customers. Our next-gen SEIM is quickly emerging as the go-to splunk alternative for all businesses looking to leave legacy SEIMs. Following M&A consolidation in the legacy SEIM market and mounting dissatisfaction with a slew of withering SEIMs, the market is hungry for better technology, lower TCO, and instant time to value. In LogScale next-gen SEIM, all CrowdStrike data is already resident, saving the expense and time of data transfer. Customers are looking to standardize on the right cloud-native data centric platform for actioning their data, where they're manually searching, using automated AI power queries, or trusting partners to manage their next-gen SIEM Falcon experience. With pipeline already in the hundreds of millions, there's overwhelming interest in LogScale next-gen SIEM. One of many noteworthy wins from the quarter was in partnership with Deloitte, which has a hyper-growth LogScale next-gen SEIM practice. Together, we closed a seven-figure multi-year next-gen SEIM deal with a large European manufacturer displacing Splunk (NASDAQ:SPLK) and [Elastics] (ph) and beating out Azure Sentinel. This customer now has 16 Falcon platform modules deployed. A major mobile computing company standardized our LogScale next-gen SIEM in a seven figure multi-year deal, replacing a legacy SIEM. We competed against Palo Alto's XIM. The customer was looking for an open architecture versus a closed, vendor locked-in approach to cybersecurity. The complexity of having to deploy many different Palo Alto products and multiple agents made CrowdStrike an even easier choice. Lastly, a Fortune 500 hospitality brand grew its relationship with us, again, displacing Splunk and Azure Sentinel in a seven-figure deal. In partnership with EY and their global LogScale next-gen SIEM practice, this customer grew their SIEM use cases by bringing in security and IP data more than before, retaining that data for years and benefiting from faster searches. LogScale next-gen SIEM was significantly faster than Azure Sentinel, with a substantially lower total cost of operation, which helped drive this win. Our LogScale next-gen SIEM wins illustrate our sticky and growing data gravity within businesses of all sizes. I can confidently say LogScale next-gen SIEM is one of the fastest growing SIEM solutions on the market today. Our pace of innovation has never been faster. We're incredibly excited to announce that Falcon for IT and Charlotte AI are generally available. As our customers look to solve increasingly complex IT challenges across their heterogeneous environments, Falcon for IT excitement is palpable. Our customers are also excited about the GenAI productivity gains from Charlotte AI, where over 80% of our beta users believe they will save hours to days of work each week using Charlotte AI. The third and final driver of CrowdStrike's growth at scale is our frictionless go-to-market. I'm a big believer that customers don't buy what they don't need and should never be forced to do so. At Falcon, we announced Falcon Flex (NASDAQ:FLEX), a flexible licensing model where we enable customers to use the products they want, when they want, over the course of a multi-year subscription term. Falcon Flex drives customer stickiness, enabling larger lands and helping us expand with customers adopting more Falcon platform solutions faster. A recent noteworthy Falcon Flex deal was a multi-million dollar transaction with a Fortune 500 technology company that leveraged Falcon Flex to go all in with Falcon, consolidating and displacing legacy IT hiking products, point cloud products, and legacy DLP products. The right platform, solutions, and go-to-market make us the partner ecosystems leading choice. Some partnership highlights include: accelerating momentum with Dell. Since announcing our Dell partnership last year, we've transacted more than $50 million of total deal value together with customers in every segment and geography. We're in the early innings of where this partnership is going, and I'm thrilled with the momentum that we have with Dell as they standardize new offerings, such as their own MDR service on Falcon. Our MSSP business is growing by triple digits year-over-year, fueled by the right technology, strategy, and partners. MSSP increasingly want the platform, not part of the platform, to power cybersecurity transformation. MSSP are bringing Falcon to tens of thousands of SMBs who lack the staff and time, but still need the outcome of the industry's best cybersecurity. Our AWS Marketplace business continues to accelerate at scale, surpassing $1 billion in sales. The AWS Marketplace continues to be one of the fastest growing routes to market. A vast majority of our Marketplace business also transacts through resellers and SIs, where we've unified partners and cloud marketplaces for ease, speed, and end customer value. The Falcon platform is validated, tested, and certified. Industry analysts regularly recognize Falcon in our leadership. Here are two recent examples. First, the Gartner (NYSE:IT)'s EPP Magic Quadrant. Our placement speaks for itself. CrowdStrike's positioning as highest inability to execute and furthest to the right in completeness of vision and this year's Magic Quadrant solidifies our unequivocal market leadership ahead of Microsoft and every other vendor profile. Second, the farthest away for cloud security place CrowdStrike as one of only two leaders in the entire cloud security market, ranking highest provision and innovation. In conclusion, CrowdStrike single agent, single unified data centric platform, and our mission to stop breaches sets us apart. In starting the company, we brought cybersecurity to the cloud. We pioneered AI for cybersecurity. And we've quickly become the de facto security platform that disrupts, displaces, and consolidates other vendors. I couldn't be more excited about the year we completed, as well as our bright future. CrowdStrike's contribution to cybersecurity goes beyond technology. It's the power of the Crowd. We are cybersecurity's community. When cybersecurity professionals apply for jobs, CrowdStrike certification is the required skill set. In the reseller and ISV ecosystem, CrowdStrike is at the top of the line card. In SOCs across every vertical and geography, CrowdStrike is the security operating system. It's CrowdStrike that's on the screen. When talking about the threat landscape, CrowdStrike pioneered commercial threat intelligence that governments and companies of all sizes depend on. It's CrowdStrike that delivers billions of new threat detections every month to stop the breach. It's CrowdStrike that is the search bar of security where analysts complete millions of XDR queries daily. It's CrowdStrike that created cyber security's first dedicated GenAI stock assistant to make every user a power user. It's CrowdStrike where more than half a million cybersecurity defenders log in every day to protect society by stopping breaches. The technology, the crowd, the mission, This is what makes CrowdStrike cybersecurity definitive platform. With that, I'll turn the call over to Bert.

Burt Podbere: Thank you, George. And good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP. CrowdStrike delivered an exceptional fourth quarter and a record finish to the year, highlighting our outstanding execution, growing market leadership, and accelerating adoption of the Falcon platform. For the full fiscal year, we achieved 34% and 36% ending ARR and revenue growth, respectively, while delivering significant leverage on the bottom line. Operating income grew 86% year-over-year to reach a record $660.3 million, or 22% of revenue, and net income attributable to CrowdStrike and EPS more than doubled to reach a record $751.8 million or $3.09 per diluted share. Free cash flow grew 39% year-over-year to reach $938.2 million or 31% of revenue, exceeding our target for the year. Additionally, we are very proud to have achieved the important milestone of GAAP profitability for the past four quarters and full fiscal year in less than five years following our IPO. Our achievements in fiscal year 2024 represent another high watermark for CrowdStrike. Through our consistent focus on execution, we have efficiently scaled the business, growing ending ARR by over 10 time from our IPO in fiscal year 2019, delivering significant operating leverage and growing our free cash flow margin profile to above 30%. We continue to aggressively invest in our innovation engine and flight the company to achieve its vision of reaching $10 billion in ARR over the next five to seven years. Moving to the specifics of the fourth quarter, we achieved record net new ARR of $282 million, up 27% off of last year's record Q4, representing our second consecutive quarter of accelerating growth. And we finished the quarter with $3.44 billion in ending ARR, up 34% over last year. Demand in the quarter was broad-based and we have a record Q1 pipeline as we executed on our platform strategy, closed many large consolidation deals, and extended our leadership across the market from large enterprises to small businesses. While companies may be fatigued with other vendors, they have embraced CrowdStrike's platform strategy and want to buy more of the Falcon platform. This is evidenced by: first, the number of deals with eight or more modules more than doubling year-over-year in Q4; second, subscription customers were five or more, six or more, and seven or more modules growing to 64%, 43%, and 27% of subscription customers respectively; third, the number of customers with greater than $1 million of ending ARR growing to more than $580; and finally, the growth of deals with total value exceeding $1 million accelerated to over 30% and reached an all-time record at over $250 million in Q4. We finished the year with 29,000 subscription customers, which excludes smaller customers served through our MSSP partners. We are landing bigger with new customers on average, adopting 4.9 modules out of the gate, an increase over last year. Our gross retention rate remained high at 98% and our dollar-based net retention rate was consistent with last quarter at 119%, which is slightly below our benchmark as the mix of net new ARR from new customers has remained above our expectations and we continue to land bigger deals. For the interim FY 2024 quarters, net retention was 119% in Q3, 119% in Q2, and 122% in Q1. Looking into FY 2025, we expect our dollar-based net retention rate to fluctuate within plus or minus a few points of 120% as the business scales to even greater heights and customers continue to land bigger and with more modules. Moving to the P&L, total revenue grew 33% over Q4 of last year to reach $845.3 million. Subscription revenue grew 33% over Q4 of last year to reach $795.9 million. Professional services revenue was $49.4 million, representing 26% year-over-year growth. The geographic mix of fourth quarter revenue consisted of approximately 68% from the U.S., 16% from Europe, Middle East, and Africa, 10% from the Asia Pacific region, and 6% from all other markets. Total gross margin increased by 282 basis points year-over-year to reach 78% and subscription gross margin was above 80% in the fourth quarter, an increase of 291 basis points over the prior year. Our strong gross margin performance was driven by our ability to command stable pricing, supported by the exceptional customer value delivered by the Falcon platform, as well as our continued investment in data center and workload optimization. Total non-GAAP operating expenses in the fourth quarter were $448.1 million, or 53% of revenue, compared to 60% of revenue in the prior year. Our strategic investments in talent and innovation underpin our ability to scale the business and deliver profitable growth. In the fourth quarter, non-GAAP operating income grew 123% year-over-year to reach a record $213.1 million, and operating margin increased by 10 percentage points year-over-year to reach a record 25%. Non-GAAP net income attributable to CrowdStrike in Q4 grew to a record $236.2 million, or $0.95 on a diluted per share basis, each more than doubling year-over-year. Our weighted average common shares used to calculate fourth quarter non-GAAP EPS attributable to CrowdStrike was on a diluted basis and totaled approximately 248 million shares. We ended the fourth quarter with a strong balance sheet. Cash and cash equivalents and short-term investments grew to a record $3.47 billion. Cash flow from operations was a record $347.0 million. Free cash flow reached a record $283.0 million, or 33% of revenue, achieving a Rule of 66 on a free cash flow basis. Before I move to our outlook, I'd like to provide a few modeling notes. First, we are encouraged by the momentum in the business, including larger deal sizes, increased win rates, and a record Q1 pipeline. However, we continue to maintain a consistent and prudent approach to our outlook amid a macro environment that remains challenging, and therefore the guidance we are providing today assumes a consistent, challenging macro backdrop. Second, while we do not specifically guide to ending or net new ARR, given the incredible performance of Q4, I will share our current seasonality assumptions with respect to net new ARR and Q1, which calls for Q1 net new ARR year-over-year growth to be at least double digits up to the low teens. Third, given our strong momentum in the market, we are increasing our pace of hiring in FY 2025 as we continue to invest in our innovation engine and go to market functions to scale the business to $10 billion of ARR and beyond. As a result of increased hiring in the first half of the year, changes to the timing of our merit cycle and the timing of certain marketing programs, we expect operating leverage to be more weighted to the back half of FY25. Next, we are raising our free cash flow target for FY 2025 from between 30% and 32% to between 31% and 33% of revenue. Our assumptions on interest income and expense, CapEx and cash outlay for taxes will be included after this call in our earnings presentation available on our investor relations website. Moving to our outlook. For the first quarter of FY 2025, we expect total revenue to be in the range of $902.2 million to $905.8 million, reflecting a year-over-year growth rate of 30% to 31%. We expect non-GAAP income from operations to be in the range of $188.1 million to $190.8 million. And non-GAAP net income attributable to CrowdStrike to be in the range of $220.4 million to $223.1 million. We expect diluted non-GAAP net income per share attributable to CrowdStrike to be approximately $0.89 to $0.90 cents utilizing a weighted average share count of 248 million shares on a diluted basis. For the full fiscal year 2025, we currently expect total revenue to be in the range of $3,924.9 million to $3,989.0 million, reflecting a growth rate of 28% to 31% over the prior fiscal year. Non-GAAP income from operations is expected to be between $863.6 million and $913.0 million. We expect fiscal 2025 non-GAAP net income attributable to CrowdStrike to be between $940.3 million and $989.7 million. Utilizing 250 million weighted average shares on a diluted basis, we expect non-GAAP net income per share attributable to CrowdStrike to be in the range of $3.77 to $3.97. George and I will now take your questions.

Operator: [Operator Instructions] Our first question comes from the line of Saket Kalia of Barclays. Your question please, Saket.

Saket Kalia: Okay, great. Hey, guys, thanks for taking my question here and congrats to the team on a strong finish to the year.

George Kurtz: Thanks, Saket.

Saket Kalia: George, short thing. George, maybe for you. I think the number that sticks out the most to me from the quarter is the $850 million in ARR from maybe what I'll call platform products. So the question is, can you just talk about the competitive landscape in a couple of those areas like cloud security and SIEM? I mean, definitely a rising tide in some of those markets, but also some good competitors. What do you think is giving CrowdStrike a right to win in those markets?

George Kurtz: Thanks, Saket. Obviously, a key part of our success has been that all of the modules [indiscernible] are platform, which is really key driver. And when I started the company, it was really about creating this data platform that allowed us to ingest data at scale and then create multiple use cases. And really what you're seeing is many, many years of hard work that allow us to solve use cases beyond just core endpoint protection. So when we think about cloud security, customers are really looking to rationalize the alphabet soup of cloud products that are out there. And they're looking not only for posture management, but runtime protection. And they want it all integrated into a data platform. So I think given what we've done and some of the acquisitions including now Flow, we are obviously well positioned in that area and a lot of interest from our customers, and we've seen a lot of success. When we think about the SEIM market, and maybe more importantly, the legacy SEIM market, customers are just frustrated with the existing technologies, the cost structure around those. And what they're looking for really is a data platform like CrowdStrike and now LogScale’s natively integrated into the product. It's a better way to give them the outcome they want, which is faster results, better overall outcomes, and a lower TCO. So I think it's this data concept that we've been talking about for many years that everyone now is starting to see the fruits of our labor and how we can solve use cases well beyond just endpoint protection. Bert?

Burt Podbere: Yeah. So I would agree, George. I think at the end of the day, for us, when we're thinking about the different products that are in our portfolio, it's really about the platform. We sell the platform. Regardless of what are the products that are in the platform, they all kind of work off of each other, and we're just out there solving as many outcomes as we possibly can.

Saket Kalia: Great. Thank you.

Operator: Thank you. Our next question comes from the line of Brian Essex of JPMorgan. Please go ahead, Brian.

Brian Essex: Great. Good afternoon. Thank you for the question -- for taking the question and great to see the strong results from the team. George, you're articulating a few thoughts on consolidation pricing in your prepared remarks, but wanted to ask a little more directly and maybe follow up to Saket's question. Both for you and Bert, one of the other vendors in this space has talked about a strategy of platformization. So maybe with that in context, how does this impact your go-to-market and pricing?

George Kurtz: Well, thanks, Brian. As you might imagine, I heard a lot about platformization over the last week. To me it's kind of a made-up-so-gazey term, but what I believe our competitors are talking about is bundling, discounting, and giving products away for free, which is nothing new in software and security software. It's been done for the last 30 years. So when we think about what we've seen in the past with other competitors, we know free isn't free. And what customers are saying is more consoles, more point products masquerading as platforms create fatigue in their environment. And one of the things again that we've been focused on is that, single agent architecture, single platform, single console that allows us to stop the breach, but more importantly, drive down the operational cost and supply many use cases or solve many use cases that are out there. So, I've been around the block for a bit. I've seen this movie of wrap and roll and bundling together with multiple products that were acquired and last time I saw that I was at McAfee. So I don't know, Bert, you have anything to add to that?

Burt Podbere: Yeah, I think, George, look, at the end of the day, we sell on value. And we've never been a company that's done deep discounting. We've never been a company that has increased our prices to get more ARRs. That's not us. And at the end of the day, for us, we're here to help customers get the greatest amount of outcomes at the lowest TCO period. And to George's point, free is not free, and good is not good enough.

Brian Essex: Thanks, Bert.

Operator: Thank you. Our next question comes from the line of Rob Owens of Piper Sandler. Please go ahead, Rob.

Rob Owens: Yeah, good afternoon and thanks for taking my question. I was wondering if you could address the modest step up in billing's duration. After a year of compressing durations, your total billings outgrew your short-term billings and it does appear that customers are committing for longer contracts, wondering if that's a function of your consolidated platform or another dynamic in the market. Thanks.

George Kurtz: Hey, Rob. So I think it's a couple of things. One is, for sure it's about the platform. But second, Q4 is historically we've seen a lot more of the multi-year deals. We also see more renewals in Q4 as well. But billings in general, remember it's a noisy metric right? It's heavily influenced by duration and timing of deals within the given quarter. But having said that, at the end of the day, we do manage the business to ARR. And that's the one that we focus in on. Billings for us is just an aftermath. You're right. It was a strong billing quarter, but that's not really how we run the business.

Operator: Thank you. Our next question comes from the line of Joel Fishbein of Truist. Please go ahead, Joel.

Joel Fishbein: Thank you, and congrats on the great execution as well. George, just a follow-up for you on the data market or the DLP market, and congrats on the acquisition of Flow. Just curious how that will be integrated. You didn't really mention how big that is for you guys, but obviously a very big market that is right for disruption and maybe talk about the competitive dynamics of that market as well.

George Kurtz: Sure. Well, we're excited about this because not only do we get the classification of data, but we also get the runtime protection in the cloud. So it's a perfect fit for our data protection module. And again, what I talked about in prepared remarks was that, there's a lot of similarities to what I saw when I started the company in legacy AV to legacy DLP. I don't even like the term DLP we call data protection, because it's really about how data flows and data in motion not only in a company's organization but through all of their cloud and all of the applications. So I think it's a perfect fit. We're excited about the team. We're excited about the technology that will be integrated, of course, as part of our platform. We spent a lot of time on that, making sure the customer has got the right user experience. And we'll get this acquisition closed out in the next couple of weeks, and then we'll be heads down with the integration. But so far, so good on our data protection module. We've got some wins there and a tremendous amount of interest in replacing the legacy DLP technologies.

Operator: Thank you. Our next question comes from the line of Andrew Nowinski of Wells Fargo. Your question, please, Andrew.

Andrew Nowinski: Thank you for taking the question. This is just a really amazing quarter again, particularly in light of some of the noise that's been in the market. So I wanted to ask about the expanded partnerships with Dell that you announced today, and also about the -- I think, the Pax8 partnership that you announced at your user conference last year. I guess first, how did both partners contribute to results in the quarter relative to your expectations? And then second, have you factored in a contribution from those partners into your F 20Y25 outlook? A - George Kurtz I'll take the first part and I'll turn it over to Burt. So we obviously are very excited about the Dell partnership. I'll start with them. I talked about that earlier. And really, we're in the early innings. We're winning deals, large enterprise, all the way down the SMB, taking advantage of their reach and their go-to-market motion. So still early days, and we've already put up some big numbers from that partnership. When we look at Pax8 and the like, again, it's still early days, but we've seen tremendous success, particularly down-marketing the SMB, and what customers are looking for, even if the smaller customers are looking to solve big problems, they can't be hit by ransomware, they can't have an impact to their business. So it's a perfect model for us to get to those SMBs. And it's, like I said, early days, but tremendous results so far. Bert?

Burt Podbere: Yeah. So I think that we're very excited about both the partnerships, both Dell and Pax8. They represent additional routes to market, but it's still early days on both of them, as George had mentioned. But they're one of many routes to market. We do believe that they're going to bring deals to us. And we're excited to have them on board as partners.

Operator: Thank you. Our next question comes from the line of Tal Liani of Bank of America. Please go ahead, Tal.

Tal Liani: Hi, guys. So we had discussions this kind of past few weeks about the pricing environment of the XDR market and the ability to offset this with add-on modules. And the question is, you touched on it, but I want to ask, do you feel the contribution of Microsoft and Cortex from Palo Alto and others, do you feel their impact on pricing of individual components of your package? And is there a story about price compression of each individual component offset by the bundle or that you just don't see the XDR pricing pressure that Paolo Alta was talking about? Thanks.

George Kurtz: Well, again, I mean I can -- I try to focus on what we've been able to do. And as the leader in the space, we've been solving problems for a long time. And when we look about -- we look at the impact that ransomware and some of these very prominent breaches have had, you're talking about hundreds of millions of dollars for companies. So to buy a platform that has the capabilities to stop breaches is really what customers are looking at. And when we think about sort of one-off modules or things of that nature, for us, we're looking at the total package and the solution of what we put together. And of course, it's a competitive environment, but you have to have a competitive product, you have to have the right level of innovation, and you have to have the right go-to-market motion, which we talked about in some of the prepared remarks. So it has been competitive. It has -- will be competitive. But at the end of the day, what we're finding is that customers want the right outcome. And we've seen the free is not free, and we see that good enough is not good enough. And I think customers are smart enough to realize the difference between price and total cost. And that's what we've been able to show with every dollar spent on CrowdStrike is a $6 return on their investment. And we're going to continue to deliver value and outcomes for customers.

Operator: Thank you. Our next comes from the line of Alex Henderson of Needham. Please go ahead, Alex.

Alex Henderson: Great. Thank you so much. So first thing you ever said to me, George, was that you're a platform, not an endpoint company. I think you've been proving it with high alacrity over the last year. With the comments coming in about plantation. It sounds like the response that you're having here is that the companies that are trying to do that are really just offering bundles of products, but they're not truly integrated. You're platform is based off of cloud native, microservices, API driven. And I think if you were to talk to the degree to which you integrate any acquisition into that platform, it would be radically different than what we're hearing or seeing from some of the other players. So can you talk about why the microservice cloud-native architecture in a single platform integrated upfront is the way to go and how hard it is for companies that are trying to disparate packages into a platform that wasn't designed as a platform from the get-go because I think ultimately, that's the key differentiator here. And I would think that with the acquisition of flow, you'll be able to integrate it much more rapidly because it's API-driven because it's microservice based. Can you talk to that?

George Kurtz: Yes. Sure, I can. Thanks, Alex. It's a great . And I do remember our early conversations finally, and you're absolutely right about being the platform for cybersecurity when I started the company. So when we think about architecture, architecture does matter and really what we've created is a very data-centric architecture that allows us to get data at scale into our platform leverage our AI and then create the outcomes. It's that collect once we use many. We have a single platform. Our competitors have many other platforms as they call them. We have a single agent. Our competitors have five, six, seven, eight, depending on the competitors. So when we look at our architecture, it was really designed from the beginning to solve the problems of today and the future problems. And the result of that is ease of use, the outcome that a customer is looking for, stopping breaches and lowering the cost and future bringing what they want. I've -- in a prior life, I've been involved in companies that acquired a lot of products. And I can tell you, it is near impossible to stitch all this stuff together, particularly at the agent level unless you're very diligent about it. And I can tell you from a CrowdStrike perspective, we've been very diligent about our acquisitions, as you've seen, and thoughtful on the pricing. But also what's important to realize is that we bought products and we really haven't sold some of them for the better part of 18 months because we wanted to focus on the integration, things like identity. And now we see the fruits of our labor. So it's this focused, long-term diligent approach to our acquisitions, I think, that have helped us because we started with a very innovative cloud-native platform from the beginning.

Operator: Thank you. Our next comes from the line of Roger Boyd of GBS. Please go ahead, Roger.

Roger Boyd: Great. Thanks for taking the question. And again, congrats on a really strong end of the year. I wanted to talk about Charlotte. The customers that we've spoken to that were part of that early access program pretty positive on both what the product can do today as well as the pipeline and where it could go in the future? George, you said at a couple of positive stats around automation. Any updated view on your ability to monetize the Charlotte product or the time line to monetization from here? Thanks.

George Kurtz: Well, yes, that is the goal. We already have paying customers in Charlotte. We just released it. So the good news for us, and I think the good news for our customers is they see the value and they're willing to pay for it. Obviously, we're in the early innings of this, but the way we've architected as a foundational component of our platform, it allows us to create expertise around different areas of the platform as well as automation. Leveraging the native automation capabilities that we have. So our overall goal, again, is how do you drive automation in the stock, how do you modernize the stock? And how do you take the collective wisdom of CrowdStrike and its years of knowledge in fast categories and bring that to bear for customers big and small. And so far, we've gotten the response from customers where they understand the time savings and the value that it can bring. So more to come on this. Obviously, we just GA-ed it over the last week or so. But overall, I'm very encouraged by what we're hearing and seeing from customers.

Operator: Thank you. Our next comes from the line of Matt Hedberg of RBC. Please go ahead, Matt.

Matthew Hedberg: Great. Thanks for taking my question. I'll offer my congrats as well, guys. Burt, your new ARR commentary was helpful for Q1. I'm curious, this time last year, I believe you talked about flat net new ARR growth for fiscal 2024. And obviously, I think you guys did about 6% this year. Any just sort of like directional guardrails you give us from a full year perspective in terms of sort of just thinking about from a net new perspective.

Burt Podbere: Hi, Matt. Thanks. So with respect to ARR, obviously, we don't guide to it. But we have talked about in the past where we've started the year in Q1 and build and that's kind of really all I can really comment on ARR. You can kind of infer where we're going with our guide. And -- but at the end of the day, our guide, the methodology has remained consistent, and that's how we think about it.

Matthew Hedberg: So it sounds like Q1 -- it sounds like your commentary on linearity, you would expect Q1 to low point for net new growth or net new dollars for the year.

Burt Podbere: Yes, That would be accurate.

Matthew Hedberg: Excellent. Thanks, guys.

Burt Podbere: Thank you very much.

Operator: Thank you. Our next -- actually, pardon me. Our last comes from the line of John DiFucci of Guggenheim.

John DiFucci: Thank you for taking my question. Listen, as everybody said, these are really impressive results, no matter how you look at it, but especially as compared to others out there. I'd like to ask another about the past is -- I know, George, you think, but the past is the past. It's great. It's great to see. But I'd like to ask another about the future. I know Charlotte AI is the sexy new product. It's everybody or AI winner are you a loser I mean. And we'll see how that develops. But given your lightweight agent and all the data you collect or even could collect. It just seems that Falcon for IT could be a whole new world for you, which might make it harder given it might perhaps be a different buyer, but certainly worth it. I guess how should we think about the development of this product going forward, given your -- I know it just was generally available, too, but I'm sure you've had early conversations with customers.

George Kurtz: Well, I've got to tell you that the customer excitement around Falcon for IT is off the charts. When we talked about at Falcon and now that's generally available, customers are looking for a better solution in this area. And one of the things that we found is that the security team has been solving a lot of IT problems and challenges for IT for a long time, and we really needed to carve out a home for IT. So when you look at some of our competitors in that market, it's -- obviously, it's a pretty big market, but having a single agent and the ability to actually solve IT problems, which many of our customers were doing already is fantastic. So again, early days, but the feedback and the interest is off the charts for Falcon for IT, and it goes to the heart of how we built the platform. To collect data doesn't have to be security data. It can be almost any data related to either our agent first-party data or now third-party data we can ingest. And that solves many use cases beyond what we originally came to market with. So I think the sky is the limit there.

Operator: Thank you. I would now like to turn the conference back to George Kurtz for closing remarks. Sir?

George Kurtz: So I want to thank all of you for your time today. We appreciate your interest and certainly look forward to seeing you at our upcoming investor events. Thank you so much.

Operator: This concludes today's conference call. Thank you for participating. You may now disconnect.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.