CrowdStrike Holdings, Inc. (“CrowdStrike”, “Crowd”, or “CRWD”) will be the biggest beneficiary from the ongoing transition in the Cyber Security industry from a signature-based, on-premise (“on-prem”) solution to a behavior-based, cloud-enabled solution (“Security-as-a-Service” or “SECaaS”). The security challenges presented by the global digital transformation, in addition to today’s remote or hybrid workforce, are best solved by a cloud-native platform. CrowdStrike Falcon is the leading solution for the modern enterprise, as it aggregates and analyses data in the cloud, operates at scale, and is easy to deploy and manage on a fully remote basis. The company is a leading innovator in the space and will continue to gain market share in a fast-growing industry. The market is not appreciating the sustainability of the company’s growth profile and ability to maintain industry leading margins. This company is the ideal example of an “asset-light compounder,” which can provide a critical service to all enterprises in the modern age.
CrowdStrike is a SECaaS company providing cloud-native endpoint protection, which leverages crowdsourced data and cloud analytics to detect and prevent cyber threats. The CrowdStrike Falcon platform is the first multi-tenant, cloud native, intelligent security solution capable of protecting workloads across on-prem, virtualized, and cloud-based environments. The company offers 11 cloud modules via a SaaS subscription-based model and provides services across multiple large security markets, including endpoint security (“EPP”), security and IT operations (including vulnerability management), and threat intelligence.
– Global Cyber Security market is currently worth $173B in 2020 and expected to grow to $270B by 2026, a 7.7% CAGR; external solutions est. 8.4% CAGR. (Forbes)
– Crowd’s end markets yields a global TAM of $26.9B in 2020; expected to grow at a ~9% CAGR to $31.9B by 2022.
– Crowd has 1.6% current market share based on FY 2020 revenue of $481.4MM; SCM expects growth to 5% of TAM.
– CrowdStrike is capitalizing on the market opportunity by:
1. Cloud-based architecture: Customers can immediately implement and scale.
2. AI over threat detection: Replaces existing anti-virus.
3. Internal teams of experts: Analyzing threat database and providing proactive services to detect and prevent attacks.
4. Marketplace: Falcon platform ties directly into to other SECaaS & analytics providers.
1. Large and expanding total addressable market (“TAM”): Estimated to 9% CAGR to $31.9B by 2022 (gaining market share).
2. Innovation: Leading solution in the market and continued module expansion to address evolving customer needs.
3. Growing Customer Base and Partnerships: The company continues to onboard customers at a rapid pace, as evidenced by the 105% increase in the latest quarter. The partnership with Amazon removes friction from the sales process and has proved highly beneficial, evidenced by the 75% sequential increase in ending ARR from the partnership.
4. Great Management Team: CEO George Kurtz is a co-founder (founder-led is important) of the company with over 26 years of experience in security. He started Foundstone in 1999, a leading incident response firm that was acquired by McAfee in 2004 for ~$86MM. He held a variety of positions at McAfee including Worldwide CTO, GM, and EVP of Enterprise.
5. Robust Fiscal Year Q1 2021 Results: It was a blowout quarter in which they sustained industry leading growth and enacted customer friendly solutions to assist with the COVID-19 pandemic.
6. Future Outlook: The company’s continuous innovation and market leading solutions, coupled with strong industry tailwinds, will allow the company to sustain above average growth for many years and become an industry leading player.
1. Average Contract Value (ACV):
– Market View: Estimated 1% quarterly increase to ACV
– SCM View: The ACV reported in the Q1 FY 2021 quarter was $92K, an increase of 2.5% over the FY 2020 average. The company should be able to achieve this quarterly growth rate at a minimum, which will result in an ACV of $100K by the end of FY 2021. SCM’s conviction is based on the company’s continued ability to land customers with more modules, which means higher contract value. As the company rolls out more modules, ACV will only increase.
2. Subscription Customers:
– Market View: NTM net addition of ~3,000 customers
– SCM View: NTM net addition of 3,300 customers, +57%
3. Gain in Market Share
– Market View: 3.5% of total market share by 2022
– SCM View: 5.0% of total market share by 2022
Conviction Level: Why SCM view is Right
1. Informational Advantage: Industry expert provided SCM with critical pieces of information regarding CrowdStrike’s position in the marketplace.
2. Behavioral Advantage: Cognitive biases make the market resistant to change. CrowdStrike’s level of disruption and ability to displace market incumbents is being underestimated in the consensus view, as there is a resistance to this sea change.
3. Analytical Advantage: In-depth industry and company research, which may not be performed by all participants.
What is the Market Missing? Why is there a Mispricing?
The market is underestimating the growth potential of CrowdStrike and its ability to continue capturing market share. This has resulted in a muted forecast of new customer additions, flowing through to lower revenue estimates and associated price targets. There has been an error in the processing of information that has been made public through various interviews and industry trade associations and experts.
Customer Forecast: The annual revenue impact of 300 customers, assuming a $100K annual contract value (ACV) is $30MM. At SCM’s median EV / NTM Sales multiple of 29.0x, that equates to an Enterprise Value difference of $870MM, or $4 / share.
ACV Forecast: A $5K ACV difference, based on 7,100 estimated average customers for FY 2021, results in a $35.5MM revenue differential. At the median EV / NTM Sales multiple of 29.0x, that equates to an Enterprise Value difference of ~$1B, or $5 / share.
Catalyst for Each Critical Factor (Calendar)
1. Average Contract Value: Q3 2021 Earnings Report – estimated December 5, 2020 (this would be the second quarter that the market sees faster than 1% growth rate again)
2. Number of Subscription Customers: Q4 2021 Earnings Report – estimated March 19, 2021 (the FY 2021 report will show the market underestimated FY 2021 net customer growth)
3. Endpoint Protection Platform (“EPP”) Market Share: CY 2022 when Gartner releases updated market share.
Risk / Reward
SCM sees the downside being that CrowdStrike’s multiple contracts to the peer average of roughly 23.0x, which would result in a price target of ~$98. This would be a ~4% loss based on the closing market price of $102.1, and within SCM’s 5% loss rule.
Pre-Mortem and Who’s on the Other Side?
Investment in CRWD failed, what went wrong?
·Market multiples contracted significantly
·Crowd was unable to prevent an attack on a customer’s network, damaging its brand and reputation
·Microsoft focuses more on cyber security, limiting Crowd’s ability to gain market share
·The company suffers delays in rolling out more modules
·The internal sales team becomes ineffective and channel partners decide not to push the Falcon platform
·Server space becomes limited and pricing increases on the company, eating into gross margins
Who’s on the other side of the trade and why are they selling? Why could they be right and SCM be wrong?
·Institutions may be trying to sell the stock since it has appreciated significantly since its March lows
·Valuation may have gotten too far ahead of itself, which will require multiple contraction
·SCM’s belief in CrowdStrike’s ability to gain market share may be too optimistic, the market may think legacy players will be able to retain more share
·The market could also have the view that other SECaaS companies and private, venture capital backed firms, pose more of a challenge to Crowd than SCM ultimately thinks they will
All investment strategies and investments involve risk of loss. Nothing contained in this website should be construed as investment advice. Any reference to an investment’s past or potential performance is not, and should not be construed as, a recommendation or as a guarantee of any specific outcome or profit.