Crowdstrike (CRWD) is another Silicon Valley startup that recently went public with triple digits across the board including revenue growth, net retention rate, and annual revenue-run rate, which may have you wondering, how does one tell all of these Silicon Valley IPOs apart? For the Crowdstrike IPO, as with most cybersecurity companies, competitive landscape is crucial and requires bulletproof product differentiation as security is a very crowded space. This analysis will look into the product differentiation between Crowdstrike and its competitors for endpoint security to achieve an understanding of valuation and to form a prediction of how Crowdstrike will perform as a public company. Addressable market will also be taken into consideration as endpoint security has demand limitations.

Overview of Endpoint Security

Understanding the basics around endpoint security is important as Crowdstrike’s strength resides in how the software uses artificial intelligence to detect breaches. Some of the company’s growth may also come from offering multiple cloud modules, which provides various product features for flexibility.

The primary category for Crowdstrike is endpoint security, which secures endpoints on a network, defined as end-user devices, such as mobile devices, laptops, and desktop PCs, although endpoint security can also include servers in a data center and IoT devices.  Endpoint security protects the corporate network from remote devices by securing the endpoints on the network. Traditionally, endpoint security consists of security software centrally managed on a server or gateway and software on the client devices. The server authenticates logins from the endpoints and updates the software when needed.

Crowdstrike’s product improves this process by aggregating the data from the endpoints across their entire customer base while using AI and behavior pattern-matching to stop breaches. According to CrowdStrike, their Falcon product correlates more than 90 billion security events globally to prevent and detect threats. Relying on AI’s detection capabilities for security breaches and fraud is becoming a trend into the foreseeable future. For instance, I recently interviewed Mastercard’s Vice Chairman on how Mastercard uses pattern-matching to detect fraud and unusual behavior on my tech podcast and has been successful in preventing high-loss activities such as money laundering as these behavioral patterns appear erratic to AI, and become easily detectable. 

Crowdstrike had one offering until 2017 when the company launched multiple cloud modules to provide flexibility, which are all subscription-based. According to Crowdstrike, offering different subscription options has been successful with 47% of customers buying over 4 modules, per the S-1 Filing.

Crowdstrike IPO and S-1 Filing by the Numbers

Crowdstrike has grown at a blistering pace from $37 million in revenue in 2017 to $92 million in 2018 to $219 million in 2019. The numbers published for the Crowdstrike IPO show an undeniable triple-digit growth trajectory, but keep in mind, that cybersecurity is a crowded field with many players dealing in endpoint security – more on this below.

Loads of Competition:

Endpoint security is a crowded space. Not only do you have incumbents like Symantec, but you have small to mid-cap companies – both public and private. The market size for endpoint security was at $6.4 billion in 2018 and will grow to $13.2 billion by 2022, according to Statista. Meanwhile, you have more than 20 companies competing for the $7 billion slice of pie. This is the bigger concern for Crowdstrike. Investors in Crowdstrike will have to believe that crowdsourcing endpoints and scanning for breaches with AI is enough of a differentiator to pull ahead and maintain a lead.

Assuming Crowdstrike claims the entire endpoint security market, the current valuation impedes investor returns. The market cap for Crowdsrike is at $14 billion, at time of writing – or 200% of the current addressable market and over 100% of the addressable market for 2022.

This is not the addressable market in the S-1 filing, however, which is listed at $24.6 billion in 2019 and expectations to reach $29.2 billion in 2021. The addressable market that Crowdstrike claims is a bit distorted, in my opinion, as it aggregates various forms of revenue streams (which are not later broken out in the S-1 filing). For the most part, Crowdstrike is considered an endpoint security product and frequently ranks on analyst reports for this category. There is very little mention of Crowdstrike ranking in any of the other categories which are being used to stretch the addressable market, notably, threat intelligence, security and vulnerability management, IT service management software, and managed security service.

We have some indication that 47% of customers bought over 4 modules, per the S-1 Filing, but it’s unclear if these modules should fall under the endpoint security addressable market rather than under separate addressable markets as these modules cannot stand on their own. This is paramount to valuing the company (is Crowdstrike endpoint security or should it be placed under various categories) as the growth for endpoint security is too lean to have this high of a valuation.

Meanwhile, other cybersecurity companies such as Carbon Black, Trend Micro, and Palo Alto Networks have not don’t particularly well on the public markets recently relative to other tech investments.

• Carbon Black went public in 2018 in the $23 price range and is now trading at $15 due to a shift to cloud and other challenges required to keep up with competition. CarbonBlack is going through a “significant corporate transition,” consolidating its offerings into a cloud-based security platform, which confirms the competitive environment.
• Trend Micro is the third-largest vendor in the Endpoint Protection Platforms (EPP) market and has a market cap of about $6.3B and has traded sideways for years between $30-$50 with a peak in September/October this year at $60 but saw a correction and resumed the $45 price.
• Palo Alto Networks provided weaker guidance in the most recent earnings report and we’ve seen the price drop over the last month from $250 to $195. The company is also transitioning to the cloud and undergoing changes that impacted the recent earnings.

Conclusion

Crowdstrike’s IPO financials sparkle with triple-digit growth percentages across the board, as do many startups going public this year. However, the competitive landscape is fierce and the addressable market of $24 billion provided in the S-1 filing questionable. Perhaps the cloud modules expand the endpoint security addressable market beyond the $7 billion size, but not by much in the current calendar year as endpoint security platforms are more of a value-add than a sum of the aggregate security markets. In addition, cybersecurity is a lukewarm market compared to hotter tech industry verticals. The cloud-level AI aspect to detecting breaches is very interesting for future years, however, I am respectfully on the sidelines for now.