This is an analysis by David Marlin, our equity analyst. In this analysis, he explains why he is long CrowdStrike.

A periodic transaction report filed on September 3^rd revealed Nancy Pelosi and her husband Paul Pelosi purchased 5,000 shares of CrowdStrike for a total investment of roughly $650k.  It’s easy to speculate why the Speaker of The House would be purchasing shares of a cybersecurity company that has a history of working with the Democratic National Convention and FBI.  CrowdStrike was instrumental in alleging Russia interfered in the 2016 election, an allegation that led to a multi-year investigation. 

The timing of this purchase, just weeks before the 2020 election, makes one contemplate her reasoning. Perhaps the Speaker of The House believes CrowdStrike will once again be instrumental in maintaining the integrity of the 2020 election results. Perhaps she believes CrowdStrike is positioned to win a large government contract. Perhaps she believes cybersecurity will become a bigger priority in the future in the government and commercial sectors.  Or perhaps we are overthinking this, and the Speaker of The House had nothing to do with this and her husband is simply bullish on the company’s fundamentals and technicals. 

In any case, seeing the Speaker of The House purchase 5,000 shares of CrowdStrike adds confidence to my conviction in the stock.

Nancy Pelosi has not been the only one to make a large investment in CrowdStrike recently. In fact, CrowdStrike saw institutional ownership increase 15% in Q2 from Q1.  The stock has become a favorite of hedge funds and tech/growth focused funds, which further adds to my confidence that the company has a bright future ahead of it.    

Below, I discuss this bright future in regards to security leading budgets and current initiatives.  I also dissect areas of strength in the previous earnings report and why I expect this strength to continue in the future. 

Cybersecurity: More Prevalent Than Ever

The COVID-19 pandemic has increased the importance of cybersecurity, with 3 out of 4 business leaders seeing cybersecurity as a top priority in COVID recovery.  The speed and size of change to a remote workforce has uncovered some gaps in the cybersecurity of many organizations.  Data shows that business leaders are aware of these gaps and cybersecurity spending is expected to increase to address them.

Through the end of July, CrowdStrike observed an increase in eCrime activity up over 330% since the start of the year versus in 2019. In its Q2 earnings call, CrowdStrike’s CEO claimed that in the first-half of 2020, the company saw a 154% increase in distinct and sophisticated intrusions and stopped 41,000 potential breaches, which is more than all of last year combined. 

This survey from Credit Suisse shows Security Software is the top priority among business leaders surveyed.  The 10- percentage point increase from January to July indicates that business leaders are prioritizing security software more than ever in the age of COVID and remote work.

Morgan Stanley recently held a survey on key initiatives in 2020 and found that cybersecurity is the top priority among business leaders.  95% of the leaders surveyed agreed cybersecurity is a priority, with 38% expecting to engage a service provider.  These numbers indicate that cybersecurity is the #1 priority for business leaders and that the industry is expected to see more engagement than any other. 
 

CrowdStrike: Product Overview

CrowdStrike was founded with the goal of reinventing security for the cloud era.  CrowdStrike’s Falcon platform delivers comprehensive breach protection against today’s most sophisticated attacks on the endpoint, where the most valuable corporate data resides. 

The company offers 11 cloud modules on its Falcon platform via a subscription-based model that covers numerous security markets, including endpoint security, security & IT operations (including vulnerability management), and threat intelligence. 

CrowdStrike’s AI based security model is focused on collecting large amounts of data, centrally storing it in a single model, and continuously training its algorithms with vast amounts of data.  The more data that the Falcon Platform collects, the more intelligent the platform becomes in detecting and stopping breaches. 

CrowdStrike: Opportunity

With cybersecurity spending expected to increase at a 10% CAGR over the next 3 years, CrowdStrike is in an ideal position to continue its momentum.  Endpoint security is expected to be the 2^nd biggest priority among security spending.       
 

Source: AlphaWise, Morgan Stanley Research

Endpoint security is a critical element of a multilayered security strategy, as endpoints are frequently the first point of entry for attackers.  Specific to endpoint security software, CrowdStrike’s market share has nearly doubled over the last year. The company has been identified as the fastest growing endpoint security software vendor by IDC Worldwide. 

In a recent survey conducted by Morgan Stanley, CrowdStrike is shown to be the top endpoint protection vendor among the business leaders surveyed.
 

Source: Morgan Stanley Research
 

CrowdStrike’s Falcon is armed to fight sophisticated threats and stop breaches through a combination of malware prevention, enterprise detection and response (EDR), and threat hunting.  Specific to enterprise detection and response, CrowdStrike has been named 1 of 3 leaders by Forrester research and 1 of 5 by Gartner.

Financials:

CrowdStrike reported excellent Q2 results on September 2^nd, comfortably beating revenue estimates with an 84% YoY growth rate. Subscription revenue grew 89% YoY, ARR grew 87%, and the company now boasts a total of 7,230 subscription customers (+91% YoY), 57% of which have greater than 4+ modules. 

CrowdStrike has exhibited consistent growth in the number of its customers using 4+ module subscriptions, indicating that existing customers are happy with the platform and continue to spend more to add additional protection.

Source: CrowdStrike Investor Presentation
 

The company now has 49 of the Fortune 100 companies as customers. Moreover, CrowdStrike took a significant step towards profitability in Q2 with its first quarter of positive operating margin (4%).  The company also generated positive free cash flow for the quarter at an impressive 16% FCF margin.  This was CrowdStrike’s second consecutive quarter of positive adjusted EPS, and the company is expecting to breakeven for the full year with a $0.05 EPS estimate at the midpoint of their FY21 guidance. 

Management raised revenue guidance for Q3 and FY21, calling for 71% YoY growth in Q3 at the midpoint.  This outlook bakes in logical conservatism and represents a fairly easy target for CrowdStrike to beat.

CrowdStrike has a history of outperforming estimates, averaging an 8% revenue beat over consensus in the last 4 quarters.  In its 6 quarters of public history, CrowdStrike has never missed on revenue or EPS estimates. 

Looking ahead to Q3, consensus estimates are calling for 71% YoY growth, exactly in line with the outlook management gave after Q2. CrowdStrike’s history of outperformance will likely continue as the company has posted consistent growth rate percentages of 89-89-85-84 in its last 4 quarters. 

Risks:

The biggest risk for CrowdStrike is related to the intense competition they face within the cybersecurity industry.  The market for security and IT operations solutions is intensely competitive and characterized by rapid changes in technology, customer requirements, and by frequent launches of new or improved products to combat security threats. 

CrowdStrike remains the fastest growing endpoint security platform, but if they are unable to react to new competitive changes, they will see a decline in growth and lose market share.  The company must continue to adapt in a highly dynamic industry to sustain its growth levels. 

Competitive pricing pressure could end up damaging CrowdStrike’s profit margins and forcing the company to lower its prices to compete. 

Many of the company’s competitors, including Microsoft and VMware, have deep pockets and the threat of a price war remains one of the biggest risks to CrowdStrike.  Microsoft is a $1.7T company with the assets and resources to challenge CrowdStrike’s margins in the future. 

Relative to its total addressable market, CrowdStrike appears pricey.  The company is valued at a market cap of $31.3B.  The most recent estimate of CrowdStrike’s TAM comes from its S-1, where management estimated a total global opportunity of $29.2B in 2021.  However, its fair to assume CrowdStrike’s TAM has grown significantly since that report was released in June of 2019.  In that report, management estimated that the global market for endpoint security would reach $8.7B in 2021, but more recent data shows the endpoint security market will be worth $18.4B in 2024. 

Conclusion:

CrowdStrike is ideally positioned to continue its strong momentum as the company continues to benefit from increased security spending.  Within the realm of increased security spending, endpoint protection has been revealed as the 2^nd biggest priority among business leaders, where CrowdStrike is the fastest growing vendor.  Nancy Pelosi’s vote of confidence bodes well for the company as we head in to the 2020 election, where CrowdStrike may again play a crucial role.  I believe CrowdStrike will grow faster than expectations over the next few quarters as the company achieves FY profitability for the first time in its history.