This week, share prices of some of the biggest Software-as-a-Service (SaaS) companies plunged on no news at all. That presented an opportunity: A recently IPO’d cybersecurity company saw shares 33% lower than where they had been three weeks prior.
That company is CrowdStrike (NASDAQ: CRWD). And while it has been growing sales at an impressive pace, that’s not the most exciting part. Instead, investors should really focus on CrowdStrike’s ability to utilize the network effect in a powerful — and underappreciated — way.
But first, let’s cover the basics
Before diving into this powerful network effect, let’s cover the basics of what CrowdStrike does. The company was co-founded by current CEO George Kurtz in 2011. Prior to that, he was the chief technology officer at McAfee. While there, he realized there had to be a better way to stop sophisticated attacks from bringing major corporations to their knees. He wanted his solution to be faster, more efficient, and — most importantly — cloud based.
CrowdStrike’s mission is simple: to protect its customers from breaches. With that in mind, Kurtz developed CrowdStrike to function with two major pieces.
- The Threat Graph — The cloud location where all of the data collected from all of CrowdStrike’s customers can be collected and analyzed. It is also where the magic of artificial intelligence (AI) and machine learning (ML) can go to work.
- Intelligent, Lightweight Agents — These are the tools that individual customers use to handle their company-specific cybersecurity concerns.
While it may be a crude analogy, think of the Threat Graph as an aircraft carrier. It’s where all of the important stuff is aggregated, but it doesn’t really do any of the combat itself. It’s a home base.
The Agents are like the individual fighter planes. They are the ones executing the plans, and they can use the Threat Graph as a resource when necessary.
CrowdStrike offers 10 different modules — or tools — for customers to choose from. Think of those modules as 10 different types of weapons the fighter plane can have on board. Those tools range from device control to vulnerability management to malware analysis.
Impressive results
We’ll get to the why behind CrowdStrike’s amazing growth in the next section. But first, let’s highlight just how popular the company’s solution has been.
Below is the amount of annual recurring revenue (ARR) CrowdStrike has had on its books at the end of each of the previous 11 quarters. In other words, if CrowdStrike has 10 customers each paying $1 million per year, that’s $10 million in ARR. When the company reports sales, it only reports $2.5 million — as all of that needs to be spread out among the four quarters. But the bottom line is that ARR gives a great view into the health of CrowdStrike and its popularity.
Data source: SEC filings.
What’s more, this growth is presented on a quarter-by-quarter — not year-over-year — basis. Put it all together, and ARR is growing by 120% per year. The customers on the company roster include big names: 9 of the 20 largest banks and 44 Fortune 100 companies.
Increasingly, these customers are using more and more tools as well. Here’s the total number of clients using 4 or more (out of 10 currently offered) over a similar time frame.
Data source: SEC filings.
Management also announced in the most recent earnings release that this figure just eclipsed 50%. When you consider that the base of customers has also been more than doubling every year, these gains are impressive.
For instance, if there were 100 customers total at the end of 2018, 30 of them were using four or more modules. If, by the end of 2019, there were 200 customers total, 94 were using four or more modules. We can’t just look at the percentages without also taking this into consideration.
What does all of this mean? As companies use more and more modules, CrowdStrike’s software becomes more embedded in their everyday functioning. As that happens, those customers are loathe to switch, introducing a powerful moat thanks to high switching costs.
A powerful network effect
Truth be told, those switching costs alone would be enough to get me to buy shares. But the additional network effect is what’s really impressive to me.
Put simply, a network effect exists when each additional user of a service makes the service more valuable. Facebook is the exemplar: What’s the point of going on the network if none of your friends are there?
CrowdStrike has realized an ingenious way of using this effect. Because of the power of the Threat Graph — and the AI and ML that make it stronger — each additional customer makes the tools stronger.
Here’s what I mean: If there’s a cyberattack that’s never been seen before taking place in Asia, and the victim company uses CrowdStrike, I don’t need to worry about the attack hitting my company. Why? Because the Threat Graph will analyze the attack, learn from it, and immediately send updates to the Lightweight Agents at each customer to protect against that attack.
Take those dynamics and multiply them out across more than 3,000 clients around the world. As you can see, it would be silly for a company not to choose CrowdStrike. The company’s first-mover advantage has allowed it to gain an imperative head start on anyone else hoping to mirror its business model.
Prepare for a bumpy ride
After all of this, it might seem silly to not put all of your money in this one stock. But despite my glowing recommendation — and the fact that I have skin in the game — I implore you to proceed with appropriate caution.
Because it invests so much in R&D and sales right now — as it should — the company has lost $45 million in free cash flow over the past six months alone! It is also valued at $15 billion — or more than 40 times trailing earnings. High expectations are definitely baked into the stock price, and any hiccups could send shares reeling.
That’s why my position currently accounts for just 2% of my portfolio. If you’re interested in CrowdStrike but want to protect yourself from larger potential losses, I suggest a similar allocation.
