Mad Hedge Technology Letter
January 17, 2024
Fiat Lux
Featured Trade:
(GROW WITH CROWDSTRIKE)
(CRWD), (NVDA)
Tag Archive for: (CRWD)
CrowdStrike (CRWD) is expensive by any metric, but so are other tech stocks like Nvidia (NVDA).
The trajectory of the stock still looks bright.
The cybersecurity company truly dishes out impressive growth numbers.
They are expected to grow sales by 39% over the next year and growth remains voluminous with no headwinds appear in the short term.
I’d be foolish not to mention one of the largest tailwinds in the tech sector in the form of defending and deterring digital malicious actors.
It’s real and capital is being allocated towards it.
The global cost of cybercrime is expected to double by 2028.
Sporting a market capitalization of $68 billion, CrowdStrike would need annualized returns of 18% to reach the $1 trillion club by 2040.
What do they mainly do?
Sifting through trillions of data points every week, CrowdStrike's single-agent, cloud-based cybersecurity platform grows more robust for each additional customer that joins its platform.
Quickly expanding its solutions from focusing primarily on endpoint protection (think laptops, printers, and servers) to becoming a complete security platform, CrowdStrike has grown from three security modules in 2016 to 27 today.
Each module provides a unique security solution and can be added by customers to fit their specific needs - all by relying upon just one agent, CrowdStrike's Falcon platform. The average number of agents on an endpoint today is 13 or more, so CrowdStrike's platform offers much-needed vendor consolidation for businesses looking to simplify their operations.
CrowdStrike is gradually becoming a one-stop shop for businesses' cybersecurity needs. Its growth potential and optionality seem almost boundless as it releases new modules tailor-made for its customers' desires. Look no further than two of its recent module advancements, each highlighting the company's ongoing shift toward becoming a complete security platform:
Falcon ID: CrowdStrike's identity protection and detection modules could become the company's next massive growth outlet. With 80% of global attacks stemming from exploited IDs, sales for these solutions grew from $7 million in annual recurring revenue (ARR) in Q3 of 2021 to over $200 million in Q2 of 2024.
Falcon Cloud: Bolstered by its recent acquisition of Bionic, which focuses on identifying and protecting items in the cloud, CrowdStrike now offers a complete cloud security solution. Growing its ARR from $106 million in Q4 of 2022 to nearly $300 million today, this cloud unit operates in a market expected to be worth over $32 billion by 2028.
Crowdstrike also landed an eight-figure deal from the federal government in its latest quarter. It counts less than 1% of the public sector as customers, so deals like this ignite a juicy channel of new revenue.
Thanks partly to its land-and-expand business model, CrowdStrike sees increasing profit margins for each additional module it sells to existing clients and each new customer it adds.
Who doesn’t like accelerating revenue and hypergrowth?
That’s what you get from CRWD.
The stock has been in overdrive pushing to new heights so I wouldn’t chase it right here.
It was only 365 days ago that the stock was at $101 and just touched $283.
That extraordinary rise is not the norm but is common with hyper-growth stocks.
It’s time to take the foot off the pedal and wait for a large dip which I do believe we will get.
That will be the next buying opportunity around $240 per share for CRWD.
Mad Hedge Technology Letter
November 30, 2022
Fiat Lux
Featured Trade:
(WEAK SALES FOR 2023)
(CRWD), (APPL), (SNAP), (DASH)
Tech growth needs a timeout.
The recent earnings report from cyber security software firm CrowdStrike (CRWD) illustrates the difficulty for firms to project strength in forward guidance.
2023 isn’t looking so rosy for selling security software.
CRWD management offered us weak guidance citing a weakening macroeconomic picture and specifically telling us that small businesses are reluctant to sign new contracts for 2023.
The macroeconomic picture at best isn’t getting better, therefore, some of the forward guidance is coming in tepid.
The natural reaction is for tech stocks to sell off.
In 2022, it’s never been more difficult being a tech CEO and some of the best tech growth companies are getting haircuts that we used to never see before.
Even more worrisome is that tech companies like Apple and Twitter are starting to cannibalize each other because tech is now perceived as a zero sum game more than at any other time I can remember it.
Firms simply don’t think the pie is big enough to share.
This is why ecosystems like Apple and others are executing policies that directly hinder competition.
Unfortunately, cyber security is another add-on that is being sacrificed as tech companies become leaner and meaner.
Many tech companies can still function by skimping on the security defenses.
Shaving the fat to the bone is what we are currently seeing and that doesn’t bode well in the short term for tech stocks that are used to thriving in the excesses.
Another example is Snapchat (SNAP), which ordered back staff to a 4-day in-office work week starting February.
And it’s not just Snapchat or CrowdStrike.
The belt tightening has been broad-based in technology with DoorDash cutting another 1,250 jobs today.
Many of these growth companies over-hired during the government-mandated lockdowns and now are regressing back to the mean.
Since there are no more lockdowns in non-Chinese countries, there is no need for the giant number of DoorDash food deliverers.
Yet the US consumer is still spending even if they get less for each incremental $1 spent.
CrowdStrike reported annual recurring revenue (ARR) of $2.34 billion, up 54% year over year. The company also added 1,460 net new subscription customers for the quarter.
In high times, CrowdStrike and the tech growth with superior business models are unique and stand out.
However, in overwhelming macroeconomic weakness, CRWD gets lumped in with the rest.
I don’t recommend buying CRWD on the dip even if it feels cheap.
The peak CRWD share price almost reached $300 meaning the current stock price is only around 35% of what it once was.
Tech growth will overshoot to the upside when it finds it mojo again, which won’t come back until sometime in 2023.
The lockdowns brought forward a tsunami of demand, revenue, and momentum.
Now we are experiencing the reversing of those tailwinds which is why the stock price has suffered.
Avoid tech growth for now, they will have their time in the sun once again once the headwinds have been digested and CRWD should be on your list for a tech growth stock to purchase on the way up.
Mad Hedge Technology Letter
October 18, 2021
Fiat Lux
Featured Trade:
(THE BEST CLOUD SECURITY GROWTH STOCK TODAY)
(CRWD)
Today’s sophisticated hackers are going “beyond malware” to breach organizations.
These hackers are increasingly relying on hard-to-detect methods such as credential theft and tools that are already part of the victim’s environment.
Falcon is the preeminent security platform built by CrowdStrike (CRWD) to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks.
Falcon is the major reason why this tech stock is growing so rapidly and why many investors are jumping on the bandwagon.
The stock is up over 400% in the past 5 years, and this is just the beginning of its growth.
CrowdStrike Falcon responds to malicious challenges with a powerful yet lightweight solution.
It unifies next-generation antivirus, endpoint detection and response, cyber threat intelligence, and managed threat hunting capabilities.
Management’s approach to stopping breaches with the Falcon platform is foundational to CrowdStrike's leadership position and maintaining the overperformance which many investors have been impressed with.
Using AI, machine learning, and an intelligent lightweight agent, the Falcon platform defends against today's most sophisticated threats with unmatched speed and simplicity.
Simply put, companies need to employ a holistic breach prevention strategy rather than overly relying on malware prevention.
Nearly every breach you have ever heard of had two things in common, the victims had both a firewall and an antivirus solution, which is why management decided to build the Falcon platform from the ground up to stop breaches and not just prevent malware.
Meanwhile, competitors have fallen further behind as they continue to blindly promote a strategy that relies on malware prevention versus a comprehensive solution, focused on people, process, and technology that stops breaches.
Today, more than half of the detections analyzed were not malware-based.
Attackers are increasingly attempting to accomplish objectives without using malware.
They are exploiting the proliferation of vulnerabilities and abusing systemic weaknesses in identity architecture to get on the system and then move laterally.
This makes it more difficult for legacy and next-gen malware-focused products to be effective because they are not focused on breach prevention.
To further demonstrate my point, I'd like to share a situation with a certain unnamed company using Microsoft's legacy security products that failed to rise to the challenges of today's adversaries and ended up unnecessarily costing them.
This company experienced a long and difficult deployment process, particularly in low bandwidth environments where endpoint performance was critical.
Notably frustrated, this company began to evaluate alternatives when it was unfortunately hit by ransomware that encrypted their primary and backup data, causing weeks of business disruption and a financial impact estimated to be in the tens to hundreds of millions of dollars.
This is a typical story that is told to CrowdStrike and more will follow as the volume of companies ill-prepared is voluminous.
Many of these damaging experiences by companies are then followed by their in-house IT teams connecting with CrowdStrike’s incident response team to remediate and stabilize their IT operations — followed up with deploying Falcon Complete across their environment.
The Falcon platform processes approximately 1 trillion events per day from millions of agents, delivering unprecedented security insights.
This empowers Falcon to benefit from crowdsourcing and economies of scale unlike any other solution on the market today, which I believe enables AI algorithms to be uniquely effective.
CrowdStrike’s success hinges on growing leadership as the trusted security partner of choice and especially growing the Falcon platform.
Several outside reports have praised Falcon Complete and recognized its strength in its breach prevention warranty, fully remote automated remediation, breadth of threat hunting capabilities, and strong machine learning and artificial intelligence capabilities for detection and response.
The net result of focusing on the Falcon platform to increase revenue upside is the subscription revenue growing 71% over Q2 to reach $315.8 million.
While it’s understandable that subscription gross margin fluctuates quarter to quarter, management expects it to remain solidly within an increased target model range of 77% to 82%.
For the next quarter, CrowdStrike expects total revenue to be in the range of $358 million to $365.3 million, reflecting a year-over-year growth rate of 54% to 57%.
Management has reaffirmed that demand for their Falcon platform is still hot, but I am not thrilled that the total revenue growth is expected to drop to the mid-50% from 70%.
Even though this drop is a seasonal adjustment, it was only just in 2018 when the company was doing $100 million in total revenue, and we are talking now about reaching $2 billion per year after almost surpassing $1 billion per year in 2020.
The stock has substantially more upside and any significant drop should be bought.
We are hovering near all-time high’s so any 5-10% drops should be bought into.
I am still highly bullish on this cloud security company and believe its best days are ahead of them.
Mad Hedge Technology Letter
June 28, 2021
Fiat Lux
Featured Trade:
(HOW TO STOP RANSOMWARE-AS-A-SERVICE)
(CRWD)
The world has changed, and protecting one’s network has been thrusted to the top of every CEO's checklist and the CFO is there to make it happen smoothly as well.
Just how to protect the most critical computer networks is still a work in progress; many firms still haven’t got a clue.
Just recently, oil pipeline operator Colonial Pipeline revealed that it had opted to pay hackers a $4.4 million ransom to regain control of its infrastructure.
Another headline rattler, major meat company JBS learned they, too, had been hacked.
The ultimate cost of all this hacking?
Cybersecurity Ventures currently pegs the annual figure at around $6 trillion, though further estimates that the ransomware "business" will be worth $10.5 trillion by 2025.
Threat actors are well resourced and becoming more sophisticated as we speak.
Crazily enough, ransomware-as-a-service sites are making it simpler for even novice e-criminals to run successful and lucrative campaigns, which is contributing to the proliferation of ransomware activity.
This is highly illegal yet actors from abroad feel almost immune wielding their power from offshore authoritarian strongholds where dictators usually chuckle on the news that western companies have been hacked again.
The 2020 CrowdStrike Global Security Attitude Survey revealed that more than half of organizations surveyed worldwide had suffered a ransomware attack within the previous 12 months.
A scary fact is that many of these ransomware attacks, failures and successes, are not publicly reported because companies don’t want the negative publicity and the accompanying stock sell-off with it.
Some hacks are just too big to hide under the carpet.
At the same time, organizations need to transform their businesses in order to keep up with evolving business needs such as work from anywhere and moving their critical applications and workloads to the cloud.
Naturally, this is the perfect time for hackers, new and old, to pounce on the transitory nature of deploying networks into a work-from-home set-up.
CrowdStrike’s Falcon platform is at the epicenter of restoring trust to the security apparatus of companies worldwide.
The integration of threat intelligence and threat hunting into the Falcon platform provides deep insight into the adversaries and how they operate.
Extensive capabilities of the Falcon platform significantly set CrowdStrike apart from both legacy and next-gen vendors.
This includes their acquisition of Preempt and Humio, which could not have been timelier as companies are discovering new ways to shore up protection of their active directories, stop lateral movement and have even greater real-time visibility and search into their endpoints, identities, applications, network edge and cloud from a single data layer.
CRWD was also recognized as the best cloud computing security solution and best managed security service at the 2021 SC Awards where Shawn Henry, president of services and chief security officer, received a Security Executive of the Year award as well.
This growth company has the accelerating metrics to back up its hubris.
In the first quarter, they reached a new milestone as subscription customers surpassed the 10,000 mark.
They added 1,524 net new subscription customers including the customers CRWD acquired from Humio. On an organic basis, the net new subscription customers added in the quarter grew 69% year over year. In total, they now service 11,420 subscription customers worldwide.
To sum up the positivity, the outperformance is attributed to CRWD’s Falcon platform's ability to fully utilize the power of the cloud and AI to stop breaches and provide community immunity.
Also helpful, is the ability to easily and rapidly deploy lightweight agent at scale across both endpoints and workloads without requiring a reboot, while other next-gen vendors fail to scale and require reboots.
The platform is easy to use and easy to manage all from a single user interface; and their ability to leverage the power of the cloud to collect data once and solve many real-world business problems that deliver better outcomes and immediate ROI for customers.
It is entirely possible that with the rate of ransomware accelerating, CRWD will be able to grow the service base from over 11,000 now to 100,000 in less than 2.5 years.
They should be able to achieve this while accelerating their subscription gross-margin target to 85% which would represent an acceleration of the current gross rate margin of 77%.
This company is growing faster and becoming more profitable, what’s there not to like?
In light of the strength I just mentioned, a pullback to $230 would be a great entry point to ride to over $400.
If the firm can at least deliver 70,000 customers in the next few years, the stock is easily at least $400 which would make it around a $100 billion company.
That is entirely doable for CRWD.
Mad Hedge Technology Letter
May 14, 2021
Fiat Lux
Featured Trade:
(THE GOLDEN ERA OF CYBERSECURITY SPEND)
(PANW), (FTNT), (CRWD), (AMZN), (GOOGL), (ORCL), (MSFT), (IBM)
The tech sector and the U.S. government are poised to engage in a more transactional relationship than ever before after the cybersecurity attack on Colonial Pipeline and the U.S. President’s executive order that followed it.
This doesn’t mean just servicing an email account, but this will incorporate broad-based networking cloud infrastructure from the top-down and the bits in between.
Technology is just getting too good, too fast, and applicable to the point that it allows nefarious actors to wield it in a way that could damage and permanently set back sovereign nations and global business.
Don’t get me wrong, this was already in the works, and U.S. President Joe Biden has signaled his intent to ramp up the IT spent, but this cyberattack that is causing gas hoarding in parts of South Eastern United States is just the event to really kick this initiative into overdrive.
Colonial Pipeline paid the almost $5 million ransom payment that will encourage similar type of behavior in the long-term.
The Cyberattack also means that the relationship between U.S. tech and government could swerve from net negative of a relentless anti-monopoly narrative to one in which big tech will be anointed as the saviors to the foreign cyber-criminals and paid handsomely to defend the operations of private and state U.S. business.
The latter sounds much better to Silicon Valley than the former and the bigwigs in Silicon Valley might ostensibly push this marketing dynamic of internet protection to save their bacon and get the regulatory heat off their back.
Polarizing figures such as U.S. Senator Elizabeth Warren have made it a point to bash big tech whenever she sees fit which is more often than not.
CEOs like Facebook’s Mark Zuckerberg have tried a disingenuous approach of blaming China’s marginal data privacy policies as a way to protect its Instagram business and prevent growth monster TikTok, a Chinese app, from cannibalizing its cash cow business.
The origin of the Colonial Attack is purportedly to be Russian which would offer more fuel to the fire and create a ready-made reason for U.S. government to pour incremental billions into Silicon Valley and its array of almost multi-trillion dollar heavy hitters while protecting their business moat.
This event also means Tesla is toast in China.
Officials in China banned Tesla vehicles from military bases and housing compounds amid concerns that potentially sensitive data from its onboard cameras could be collected and stored on Tesla servers.
Once the data privacy genie is out of the bottle, it’s hard to contain the fallout and Tesla will need to adopt a whack-a-mole strategy in China which often proves futile in the long-term.
The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.
This is all just the beginning, a little taste of what’s on the menu.
Collaborating with U.S tech companies to improve its efforts to identify, deter, protect against, detect, and respond to these actions and actors is now a must.
The Federal Government must also carefully examine what occurred during any major cyber incident and apply lessons learned.
Incremental improvements will not offer the security Americans need; instead, the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.
It’s the authorities’ job and to offer resources to protect and secure its computer systems, whether they are cloud-based, on-premise, or hybrid.
The scope of protection and security must include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT)).
Contracts will be signed with IT and OT service providers to conduct an array of day-to-day functions on Federal Information Systems. These service providers, including cloud service providers, have unique access to and insight into cyber threat and incident information on Federal Information Systems.
Increasing the sharing of information about such threats, incidents, and risks, and enabling more effective defense of agencies’ systems and of information collected, processed, and maintained by or for the Government are necessary steps to accelerating incident deterrence, prevention, and response efforts.
The executive order signed by Biden shows that within 60 days, the Director of the Office of Management and Budget will hash out “language for contracting with IT and OT service providers and recommend updates.”
The U.S. must take decisive steps to modernize its approach to cybersecurity and must increase the Federal Government’s visibility into threats while protecting privacy and civil liberties.
Money will be spent to accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS); centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks; and invest in both technology and personnel to match these modernization goals.
Prioritizing money spent on addressing “critical software” will translate into huge paydays to many cloud providers and not just the big guys.
Most recently, The Central Intelligence Agency awarded its long-awaited Commercial Cloud Enterprise, or C2E, contract to five companies—Amazon Web Services (AMZN), Microsoft (MSFT), Google (GOOGL), Oracle (ORCL), and IBM (IBM).
No doubt they will be vying for more government procurement contracts since they already have one hand in the honey jar.
At a lower level, readers should consider buying cybersecurity companies Fortinet (FTNT), Palo Alto Networks, Inc. (PANW), and CrowdStrike Holdings, Inc. (CRWD), but these smaller names come with more volatility.
This event really anoints the impending future as the golden era of IT cybersecurity spend and it will never go back to what it once was.
Paying for IT protection is here for the long haul and this goes for private companies and public institutions.
Nearly 80% of senior IT and IT security leaders believe their organizations lack sufficient protection against cyberattacks despite increased IT security investments made in 2020 to deal with distributed IT and work-from-home challenges, according to a new IDG Research Services survey commissioned by Insight Enterprises.
There will be a huge boom in IT cybersecurity spend because CEOs don’t want to be the idiot that allowed cybercriminals to hijack their whole business.
That’s the fastest way to end a management career.
Last time I checked, it’s a hard slog up the corporate ladder to land a prime CEO gig and it’s not getting any easier.
