...We would like to remind you that during today's presentations, we will be making forward-looking statements. These statements reflect our views and expectations only as of today. While we believe these forward-looking statements are reasonable, the outcomes are subject to risks and uncertainties, so actual results could differ materially from our expectations. Please see the Risk Factors section of our most recent 10-Q, filed with the SEC, for further information about these risks and uncertainties. Furthermore, we undertake no obligation to update these forward-looking statements as a result of new information or future events. Additionally, unless otherwise stated, excluding revenue, all financial measures discussed in this presentation will be non-GAAP. Please refer to our disclosures on why we use non-GAAP financial measures and the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures in the Events and Presentation section of our Investor Relations website.
Please welcome Chief Financial Officer, Burt Podbere.
All right. Welcome, everybody. Good morning. I hope everybody had their coffee. Excited to have you here. I've already spoken to a bunch of you today, and since earnings, I think I've seen a few of you two or three times. So thanks for coming out again. Thanks for coming to speak with our customers and our partners. That's a big part of this event for everybody in this room. I think that, you know, we've had quite a few last few days. I hope that all of you were able to catch George's keynote, where we saw Satya video streamed. I hope that you caught Mike's keynote, where we had that FBI excerpt.
That was kinda really informative and kinda gave you an idea about what we're really dealing with, and it's pretty severe. We have an exciting lineup for you today. I can't wait to get started. Quickly, I wanna go over the agenda. We've got George, who I'll introduce in a second, is coming on up. We've got some fireside chats with our customers and our partners. We're gonna have lunch, which is gonna be right to my right over here. Then Mike and myself will round it out with the presentations, and then we'll take Q&A. So that's the agenda. You know, it's exciting for us, and I look forward to, you know, speaking to many of you even after this event.
Without further ado, I'd love to introduce my friend and co-founder and CEO of CrowdStrike, Mr. George Kurtz.
Hopefully this works. Yeah, there we go. All right. You guys look pretty good for two days in Vegas, I have to say. So, thanks for coming. I hope you enjoyed the keynotes that we had yesterday and today. I think it's really indicative of what we've been able to put together as a company, and I love hearing the customer success stories, one of my favorite takeaways. Okay, so let's jump into building cybersecurity's most resilient platform. This has always been the topic of the day. We talked a lot about it, and part of... Hopefully, everybody caught my keynote yesterday.
Part of what I talked about is really resilient by design, and security is an element of being resilient, but resilient by design is something, as a company, that we're focused on and committed to and driving towards. And that really means something that's foundational, something that's adaptive, and something that's continuous. And making CrowdStrike the pillar of success in helping our customers become more resilient and delivering the right outcomes, which is stopping the breaches. So let's talk about July nineteenth and some of the takeaways, the things that we actually put in front of our customers. Number one is customer control, right? Hopefully, you've seen the root cause analysis, a little bit technical, but obviously giving our customers more control, enhance the configuration and visibility of delivering content and configuration updates.
The second one is the ability to roll out in a fashion that they deem appropriate for them, the ability for them, our customers, to actually roll it out in concentric rings in their own network, and then obviously some changes in terms of our rollout and content testing and guardrails. Then third is external third-party input review and validation. If you were in the last session, Mike talked about the public report that we have out now from Accenture. That actually went through and verified and validated what we said in the root cause analysis, what we actually did. All that is done, checked, and it's available in the report. So that is all good news.
As we think about moving forward in our architecture and what we've built, we've really brought cybersecurity to the cloud, right? We've brought AI to cybersecurity, and we created cybersecurity's platform of record for our customers. You hear time and time again of how customers are solving new and unique use cases, how they're actually leveraging all of the rich data that CrowdStrike provides, that goes well beyond just security. You heard the stories about leveraging it for IT, for visibility, for asset information. Why does it all work? It's a single agent architecture, no multi agents required, and it's not a store and forward model like a lot of our competitors, which require gigabytes of storage on the endpoint before they actually can send that data to the cloud. What does this mean from an architecture perspective? We're delivering unmatched protection.
If you look at how we're actually stopping breaches and what we're doing, it is unmatched in the industry, and it's led by our AI-powered detection, right? On the endpoint itself, we've got machine learning models, we've got behavioral capabilities, we've got cloud capabilities. All of that is brought to bear for our customers. Manageability, a single console, single agent, frictionless deployment. Let me just put in perspective when we think about, again, our architecture we built. There's a reason we built it this way. It's the only technology that you can install without a reboot. Go ask any customer if they want to reboot their environment, they're gonna tell you, "No." Right? These are key advantages that we have. Manageability, we hear time and time again, "Your product works." We deliver it, it's installed, it's up and running. We can manage it at scale.
We don't need a whole bunch of other boxes. We don't need a bunch of different tenants. We don't need a lot of complexity. We install it, and it works. And that comes to the scale piece of it. What we've built, how we've started as a cloud-native architecture, as opposed to many of our competitors who started on-prem or have versions that actually run on-prem, it gives you an idea. When you start as a cloud-native technology, you have the ability to unlock the power of the CrowdStrike cloud, as well as leverage and harness the data that we actually collect. Innovation. I talked about innovation. We are an innovative company. We set the stage for so many areas: cloud-delivered, EDR, MDR technologies. The MDR wasn't even a concept, right, until we started to deliver that.
It wasn't even a term till, I guess, Gartner gave it a term, so we helped pioneer a lot of these things in the security ecosystem, and we're gonna continue to do that, and in Mike's keynote, we went through so many rich innovations, whether it's our new user experience, whether it is some of our capabilities to detect insider threats for our customers, the ability to expand all of our cloud capabilities into a single user interface, providing real values to our customers. And then adoption. We know that customers, as they adopt our technology, they keep using more and more of it, which is, as you've seen in this room, the module count keeps going up and up, and it becomes very, very sticky in their organization. So what does this mean?
I talked a little bit about the technology architecture, but the architecture actually sets up the business architecture and the advantage there. The fact that we collect data one time, and we can reuse it many times, is an incredible business advantage. It creates a data moat for us. Again, how do our competitors work? Either they limit what they collect, or they have massive system requirements where they have to store and forward this information, and if you just do a little homework and look at the system requirements of a CrowdStrike technology versus any of our competitors, it's orders of magnitude different because we don't have all these storage requirements to keep the data resident and then filter out what goes up, which adds latency and delays, so once we have that data, then it can be monetized, right?
And for years, we've talked about the modular framework. We collect it once. Yes, there's a cost to the collection, but then once we've actually paid for that cost, we can create unique workflows on top of the Falcon platform, and then we can monetize those. And that continues to add gross margin enhancements to us because we've already collected. Almost every new module is pure gross margin. Certainly, there's processing costs and storage costs, but incremental margin for us as we add modules. Look at our customer base, greater than 70% of the Fortune 100, 18 of the top 20 banks, 44 of the 50 states, an incredibly rich and diverse customer base, which we've curated over a long period of time.
We are the largest independent software vendor securing Windows, which we're proud of, and we are working hand in hand with Microsoft on the future of an open ecosystem, open kernel, and also, helping to define with Microsoft and others, these sort of additional capabilities they wanna add to the operating system that folks like CrowdStrike and other security companies can use, as well as other organizations in their ecosystem, to help do things, in a fashion that works for us and works for Microsoft, and works for the customers. So we're excited about that. Hopefully, you were excited to see Satya show up on the screen. That was a bit of a surprise, I would guess, for many.
I didn't think that would be possible a few months ago, but I have to say, we've got a very good working relationship. They were super helpful during the incident, and you know, at the end of the day, it's good to see two companies come together. Security and customer outcome is much bigger than any one company, and when companies can come together, yes, we still compete, but we're coming together for the betterment of our customers and the ecosystem. All right, let's talk a little bit about innovation. We continue to double down on innovation. The new Falcon Console.
This has been something that we've been working on for a long period of time, and really, what we've taken is this very rich, diverse set of data and modules, and we've really harmonized that into a single user experience to drive even more platform adoption. Customers wanna have all of the data available to them. They wanna look at views in a way that matches their business. It could be an asset view, it could be a user view, it could be a cloud view, and they wanna be able to harness the entire workflow capability of the Falcon platform. They're gonna be able to do that with the Falcon Console.
Next-Gen SIEM, we've heard from some of our customers, it's a game changer, how fast we can actually ingest data, how fast we can process it, how fast we can deliver results, the AI layer that we've actually delivered on top of it. And one of the big things that has, I think, impacted the industry, is the ability to get data in as quickly as you can, based upon a rich, diverse set of data sources. We actually have the ability now, through AI parsing, to take a data source that we've never seen before, and to actually use AI to parse what that data source is, and then make the ingestion process a lot simpler. Cloud Security, really, the industry's first truly integrated CNAPP solution.
This isn't just about cloud workload protection, it's not just about CSPM, it's about putting CSPM, Cloud Workload Protection, Application Security Posture Management, Data Security Posture Management, CIEM, and all the alphabet soup of cloud technologies together in an integrated package. And with the Kestrel UI and that, the project that we talked about, it's gonna create an amazing user experience, to not only understand potential exposure, potential deviations from policy compliance, but actually implementing real prevention for our customers. One of the talks that we heard today was, visibility is the key. If you don't have visibility into your assets, if you don't have visibility into your cloud, how can you protect it? And the visibility we're providing is unprecedented. Identity Protection. Again, I go back to what the customer says, not just what we say. Identity is a game changer.
The latest attacks, 80% of them are all identity-based. Having an integrated, single-agent, Identity Protection solution, that works across diverse environments, is a game changer for our customers, and we continue to extend that out. We talked about our Entra ID integration. You heard the round of applause. We've been waiting on Okta for a while. We've got it. Now we're able to deliver real value to our customer. Network Vulnerability Assessment. Many of the conversations I've had with folks in this group is, "Gosh, we keep hearing how, you know, how good Spotlight is in exposure management, but what are you gonna do on the network side?" Right, and this is, as you probably know, near and dear to my heart, as a guy who helped start Foundstone way back when in the vulnerability management space.
Now actually leveraging the real estate that we have, and the footprint we have across different networks for our customers, to actually use our agents to be able to scan networks in a very performant fashion, I think is gonna be a game changer for our customers. And then broad operating system support. We started in Windows 7 way back when. The capabilities we built, just to give you an idea, there's a lot of capabilities that we built in Windows 7, that we had to extend out all the way to Windows 11. And in Windows 11, there's new capabilities that we take advantage of, but keep in mind, a lot of these capabilities we had to build on our own, as the operating system evolved.
One thing that we've heard over the years is, well, help us support things like Windows XP and some older versions in the IoT environment, and we have capabilities now to be able to unlock some of the older TAM. As much as you would think organizations upgrade, there's plenty of IoT systems or older systems that are out there that still need support, so we're able to cover those as well. So let's talk a little bit about platform adoption and what we're hearing from customers, right? And you guys, I'm sure you're talking to everyone at the conference. Our customers trust CrowdStrike. We've earned that trust for ten years. We've helped them so many times.
I've spoken to customers, they said, "You've got a lot of trust deposited in the trust bank," and we are a foundational element in technology to help prevent breaches. They also tell us they want more of the platform, right? "Make it easier for us to buy." They want to adopt more, they want to consolidate. And here's what I will tell you when we think about, consolidation. This has not changed over time. Customers want to do more, they want to have a greater value, and they want to make it easy, and they want the outcome of stopping breaches. That's not gonna change. So one of the things that we announced last year, at this very conference, was Falcon Flex, right?
Which is a subscription model, and I believe a transformation licensing model, that's gonna help customers drive more platform adoption of CrowdStrike. So how does it all work? It's a flexible subscription, right? It can be anywhere from one to five years, and essentially, it allows customers to actually commit to CrowdStrike, and then be able to leverage all the modules that we have. We'll go into more detail. It also gives them flexibility to swap modules or add new endpoints into their environment. But let's look at the success, right? We've got. We started in Q4 of 2024, $185 million total deal value, and then we've moved to $507 million. Just incredible success and adoption by our customers. What Falcon Flex is not: It's not an ELA. We don't call it an ELA.
It's a consumption and commitment model... I shouldn't say consumption. It's commitment model, that allows organizations to start with a bill of material, and then add new modules to it, or new endpoints, or new workloads, and then be able to basically burn down that commitment, and it's very easy for them to recommit. So number one, it's not an ELA, it's not a consumption-based model, and it's not an enterprise-only model. We can go down to some of the smallest customers. We focus in the enterprise, where there's a lot of need for this level of consolidation, but we are having success even in the mid-market and some of the smaller customers. But the focus as we started, really, and we're in the early innings of adoption, has been with large enterprises.
So let's look at a typical expansion, and how it works. So pre-Falcon Flex, it's transactional, how many modules they have, how do we work on. Obviously, we're working on solving problems for customers, but it's discrete. They may start with two modules, then they might add another module in year two, and then in year three, three modules. And over time, they continue to add more modules, but it basically creates multiple sales cycles, and procurement is engaged with every purchase. And no one likes procurement, except if you're in procurement, I think, but it just adds more friction. Even the customers say, "It's just a lot of work to go back to procurement and deal with it." So what does Flex allow you to do?
Essentially, it allows our customers to commit and then open up the entire product portfolio, so they literally can pull down almost every module that we have. So they start with a bill of materials. That's our starting point, and then over time, if they want to add a new module, give you an example, Identity. They may start with kind of, the base technology, prevention and visibility, maybe OverWatch, and they say, "Hey, I was at Falcon. I heard one of your customers talk about Identity. It's incredible. I want to pull that down." Well, they can pull down Identity. There will actually be a prenegotiated discount based upon their commitment. They know what they're gonna pay, and then that will start, basically a twelve-month subscription, within that, burn down type model, and they can keep adding to it.
If we acquire a new company, and it's added to the rate card, which it should be, they don't have to go through another procurement cycle. So think about as companies do acquisitions, you always have to go back to a customer and say, "Hey, we've got this new thing. Can we show it to you? What do you think? You know, do you want to buy it? Will it solve a need?" Well, they can actually be able to pull it down and use the in-app trial piece of CrowdStrike. Actually, that's an important element. We have in-app trial, so they can actually trial it without buying it. They like it, and then they can actually add it to their Falcon Flex subscription. So it makes it really easy to get what they want, when they want it, and use it how they want.
If they acquire a new company, we have so many of our organizations and customers that are acquiring new companies. They can literally just deploy it the next day and add the license count, and again, that continues to burn down their commitment. So overall, it's been a game changer for a lot of customers. Still early days. We've got a tremendous amount of the customer base to work on moving to this model, right, through the renewal process, through some of the Customer Commitment Packages that we're talking about, and obviously through new deals. So what does it look like when they actually use the pool up? They have their original commitment, and then they can expand the pool and add more Falcon Flex dollars.
Really, what the conversation with the sales reps turns into is: What is your demand plan? What is your roadmap, Mr. and Mrs. Customer, and what do we have? What's our roadmap, right? We'll go through that EBC process and talk about how we can solve their problems over time. Generally, what we found is that customers continue to use their commitment faster than they actually thought. Why is that? We're adding more value. They come back, and they go, "Well, we consolidated these two other products.
Wasn't originally what we were thinking, you know, when we got into it, but we used it, we tried it, we liked it, we pulled it down, and it's solving a real need." So what we're finding is that customers are actually consuming more of the Falcon Flex dollars sooner, and then from the CrowdStrike perspective, we're working with them and the sales team to understand what is the demand plan and how do we accelerate adoption of the Falcon platform. So let me give you a couple representative examples of this. This is a customer. Again, this is a relatively new licensing model that we talked about. This customer, it's a large enterprise software company, had a $15 million total contract value over three years.
We worked with them. They loved the technology. They loved what we were doing, and we moved them to a Falcon Flex deal, $110 million total contract value over five years. So we took a $15 million, and we multiplied it to $110 million over five years, greater than 350% ARR uplift. This is the power of the Falcon Flex model, and it wouldn't be possible if we didn't have amazing technology, and that's what you're gonna hear from our customers, right? You're talking to them. You're here at our event. You know what they say. We've got the best technology. Customers love it, and there's a reason they're buying more. So now we're giving them a vehicle that is allowing the flexibility they need, and the more they commit, the greater value that they're actually bringing.
So procurement likes it, purchasing likes it, and we're very, very strategic to our organizations, particularly the ones that are using Flex. The next one is a before of $2.3 million over three years, Fortune 500 company, that we took to $20 million over five years. LogScale, Data Protection, Falcon for IT, greater than 200% ARR uplift. So you can see the benefits, and you can see the selling motion around this. This one is a new customer, right? We went right to Flex. Let us talk about how we replace and consolidate what you have, replacing multiple technologies in your environment, and why don't we start with a Flex? And that has become the selling motion this year, right? It takes time to get the sales force, you know, and change the selling motion.
We've been able to do that, I think, very successfully, and we're gonna continue to build and build on the Falcon Flex licensing model. Okay, so the licensing model was created late last year at Falcon. We've delivered it over the early part of this year, and then we said, "Okay, how are we gonna add value to our customers post July nineteenth?" We talked about it as an executive team, and we said, "Well, Falcon Flex is the, is the best vehicle to actually deliver back to, back value back to our customers to recognize July nineteenth." And what does that mean? Well, number one is, we wanted to put the customer first, right? We realize the incident had an impact to our customers. We want to recognize that. We've said that from the beginning. We've been very transparent.
We've owned the issue, but we wanted to go back to our customers and say, "What can we do for you? How can we help you? How can we continue to partner, and how can we commit together?" Falcon Flex was the vehicle we used to be able to do that. It was not created for that incident. It was a licensing model that had a lot of success, that we said, "How do we deliver value to our customers?" So what does that look like in the Customer Commitment Package? Now, the Customer Commitment Package has a Flex component, but there's a broader piece to it, and how we go through it. So we've got one-time incentives in terms of Falcon Flex dollars for modules, right? So if a customer basically says, "Hey, we've had an impact," we talk through what it means.
We put some Falcon Flex dollars into a pool, and then they can use it for modules. "Hey, we're already talking to you about Identity," or what have you. They can basically use those dollars for a module. If they say, "Hey, we'd love some professional services," right? "This is not in a Falcon Flex pool, but we want some professional services." We can add professional services. They want flexible payment terms, we now have flexible payment terms. We'll talk. We're gonna talk a little bit about our financial services offering, but we can extend the payment terms, and we can make it easy for them. We can extend the subscription if we needed to, right? We can give them, you know, more time on their subscription, and there's other vehicles that we have.
The Customer Commitment Package, what I want to leave you with, has lots of levers for us to be able to go to a customer and create something bespoke to solve a problem they have and focus on a business solution and a recognition that we are long-term partners. At CrowdStrike, we're playing the long game. I've always done that since I started the company, and I think customers really appreciate that. So again, what's the benefit immediate to the customer? They recognize that we're stepping up to the plate. They can leverage the commitment package, and then ultimately, what does that mean? Well, as we're delivering this, not everyone will be delivered with a Falcon Flex, but as we're delivering this through Falcon Flex, we get the ability to supercharge platform adoption. These are one-time, you know, funding pools, if you will.
So as those are consumed, then the natural conversation is, "You guys already have adopted this model. Let's talk about a larger Falcon Flex commitment." And in many cases, as we go through the Customer Commitment Package, and I've been dealing with a lot of these myself, we would come to a customer, and we would say, "Here's some dollars in a Falcon Flex pool. What other dollars do you want to put in? You can use the dollars that we put in, it's no problem," and that could be the end of it. But as we go bigger together, there's also benefits if we commit together and if we create bigger pools. We can create bigger discounts for you over the long term. We can go through a demand plan.
So what we're seeing is actually customers putting their own dollars back into the Falcon Flex pool, as well as the dollars that we're putting in, because we're having that conversation, we're doing the demand planning with them, and now is a great time to be partnering with CrowdStrike. This, and I know Burt will touch on this, this has the ability to really supercharge the platform. These dollars that we're putting in, you know, they're probably, you know, over a one-year timeframe, they're gonna be consumed, right? Some sooner, some a little bit later. But as we think about, you know, a couple of quarters out, it really does set up a, I think, a very unique and incredible opportunity for additional platform expansion within CrowdStrike.
And we believe that's good for our customer, solving real problems and adding value, and it's good for CrowdStrike, and it's good for our company. All right, so let's move past that, and we'll talk about CrowdStrike Financial Services. This is something that we've been working on for some period of time, and it really came about because customers. As you might imagine, with lots of macro headwinds and coming through the pandemic, customers wanted flexibility in how they paid for platform expansion. And when you have one module, it's pretty easy to get things done.
When you've got 28, and you've got Falcon Flex deals, and you're taking original licenses and those structures, and you're moving it to $100 million-plus deals, you want to be able to create an effective and simple financing vehicle for customers. So they came to us, just like they came to us with Falcon Flex, and said, "We want to do more with CrowdStrike." Let us explain what we want and how we want it. That's how Falcon Flex was born. The same thing with financial services. They basically said, "Give us flexibility. You know, we're working with the business." And not every business is the same, as we all know. Cash flow changes, you know, CapEx changes.
All these things make a difference for companies, and there shouldn't be a reason where just because of the financing piece of it, customers can't be protected by the best technology in the market, which is Falcon. So what do we want to do with that? Sorry, go back. Yep. When we think about the customer benefits, it's gonna be simple terms, right? It is gonna make it easier to do business, easier to go through procurement cycles, and it really is a nice dovetail into Falcon Flex. Doesn't have to be a Falcon Flex deal, but it's a nice dovetail. And the benefits is a larger multi-year deal. It is very channel and go-to-market friendly, and it's gonna accelerate deals. When you think about, you know, budgets fall into different years, and cash falls into different...
Everybody has their own reasons, right? And they're for their own business purposes, but it's gonna unlock immediate customer spend, and we're really excited about it. We spent a lot of time working on this. Setting up a financial services arm is. A, it's not an easy thing. It takes a lot of time and thought that goes into it. Burt and team, I have to give a tremendous amount of credit, put the effort in. We started this late last year, and now we're able to deliver it at Falcon. And the reception has been incredible by customers. So, I know Burt and team will have Q&A. We can talk a little bit more about that later. So let's go into the market opportunity. I always love the TAM slide. When you start with one module, you've got a great TAM.
When you start with and you expand it to 28 modules, and all the rich data that we collect and how we monetize the ingested data and, our cloud capabilities, it just continues, to proliferate, right? Now, in CY 2025, a $116 billion TAM, right? Everything from our endpoint protection, threat intelligence, observability, all the way through security and IT Ops. And I do think, and we called out Falcon for IT, as one of, a game changer opportunities for us. Every customer meeting that I interact with, they're always bringing up Falcon for IT. "Tell us about that. We're already helping the IT teams. What can we do more?" Right? We wanna go back to our CIO. We wanna explain how CrowdStrike can solve some of the problems they actually have.
And then when we look into CY 2029, a $250 billion TAM. And we'll talk about, in a little more granular detail, as we move towards $10 billion, what this all means and how we take advantage of it, but it's an incredible market opportunity. We know that threats are proliferating. We know that data is a critical element to solving security. We've got an amazingly rich source of first-party data, which customers depend on day in and day out, and now we've got third-party data that we're pulling in through our next-gen SIEM. So for me, when you look at security. When you look at technology, there's always amazing TAMs, and when you look at security, I think it's just incredible. And why do I say that?
I wanna go through this, and I've said this before, you may have heard me talk about this: Security parallels the slope of the technology curve. Security parallels the slope of the technology curve. I started in security in the early 1990s. It was, like, barely a firewall. It was a Cisco router, right? And we think about how complex, you know, if you think about the complexity curve, it's all the way up to the right in 2024. It's only gonna get more complex. Well, as that technology curve got more complex and there were more technologies added, cloud computing, Gen AI, all the things that we've seen over the last 30 plus years, you need security to actually parallel the slope of that curve. So you need more and more security to deal with all these unique technology innovations.
And by the way, one security company can't solve all of them, which is why we focus in the areas that, you know, we have our DNA and that we're really good at. But as technology proliferates and as it gets more complex, you're gonna need more and more security for each one of those technology elements. That's why the TAM is so exciting here, and that's why I'm sure next year, we'll come back with an even bigger TAM, just based upon the technology innovation. So our path to 10 billion hasn't changed. Key takeaways, we are focused on our path to 10 billion. Burt's gonna talk a little bit more. Mike actually is gonna go through some slides and show you, you know, in individual categories, what this looks like. But where did we end, right?
Post July nineteenth, $3.9 billion in ARR, $4 billion in cash and cash equivalents on the balance sheet, nine-figure Flex deals, and I can tell you, we're even closer to our customers. Coming out of July nineteenth, we've had more conversations at the highest levels than we've ever had in the history of the company, in the shortest amount of time. Many in this group know I did the 100 by 100, and if you're not familiar with that, I'll refresh your memory. After the IPO, I said, "I'm gonna meet 100 customers in 100 days." I think I met 132 in 100 days. Post July nineteen, it's been, you know, like 102 days. I mean, it was crazy. I mean, there's a lot of customers, right?
I literally met and touched thousands of customers over that period of time, over the following weeks, and at the highest level. So I think this level of customer intimacy has been incredible. Obviously, you know, some tough conversations, but most of my conversations end with, "We love CrowdStrike. You've been a tremendous partner, how you've responded, what you've done for us over the last, you know, two, three, four, five, ten years," however long they've been with us. And that really does set up an incredible opportunity on our path to ten billion. 98% gross retention, we gave some stats out on the last earnings call, and our pipeline generation has returned to pre-incident levels, right? So the machinery got started back up. And we really are cybersecurity's innovator of choice, and a single platform that can really drive consolidation.
You know the categories we're in. We'll touch more on those, but the big areas that continue to get us excited, Next-Gen SIEM, just game-changing technology. And when we bought Humio and renamed it to LogScale, now we've got it integrated with the Raptor release. This was really game-changing technology. And to see customers, you heard it today, they were making decisions on their old technology of what to actually ingest, because A, it was costly, and B, it was slow, and they didn't get the results. And this is one of the things that I've always said, "People shouldn't have to decide what data they actually want to pull into CrowdStrike. Just send it in, we'll deal with it, we'll scale." And what are the results we're seeing?
One, and I've talked about this a few times, we've got some big customers that cut their legacy SIEM bill to a third with our Next-Gen SIEM. So they took two-thirds of the cost out of what they were paying. And queries that were taking two days take return less than a minute. Incredible results. And the beauty of this now is what we're seeing is that the IT teams are leveraging the Falcon platform, right? It's not just the security team. They're basically saying, "Hey, tell us about those assets. Let us figure out what's happening. Let us put more data in." And it's become a grassroots effort within these organizations to put more data into CrowdStrike. What does this mean?
Seven-plus module average adoption, $1 billion ARR in these emerging businesses, Cloud Security, Identity, and Next-Gen SIEM, right? Cloud Security, I couldn't be more excited about what we've done with the UI, how we've put some of these acquisitions together. Customers are really excited about having a holistic technology integrated that can solve their Cloud Security needs. From a Falcon Flex, greater than $700 million in total account value. I can't wait to come back and see what the number is at the next Falcon event, because we've got so much momentum on it. Part of the Customer Commitment Package, again, will be leveraging Falcon Flex to deliver it. Once the licensing mechanism is in place, right, then it sets up the true ups and the ability to add more commitment with our customers.
I wanna thank everyone for the time and attention here. We really appreciate seeing everyone in person. I know you're gonna have a great Falcon. I know you're chatting with our customers. Our customers are our best reference, right? They've been incredible partners to us, and they are our best reference. I know we go through a lot of this detail, and we talk about how excited we are about our technology. I think our customers are even more excited. I do want to reinforce our partner network. You know, we wouldn't be the company we are today without tremendous partners and go-to-market reach, and we've got lots of partners that are out here as well, and they certainly have the pulse of the market. With that, I want to thank everyone.
I'll be back up in a bit, and we'll move on to the next speaker. Thank you so much.
...
We're going to begin our program again in five minutes. We're gonna begin again in five minutes.
I just wanna have fun, clap my hands, turn around now and dance, dance, dance. I just wanna have fun, clap my hands, turn around now and dance, dance, dance. I-I, I just wanna have fun, clap my hands, turn around now and dance, dance, dance. I just wanna have fun, clap my hands, turn around now and dance, dance, dance. I just wanna, I just wanna clap, clap, t-t-turn around, turn around and dance, da-da-dance. I-I, I just wanna, I just wanna clap, clap, t-t-turn around, turn around, dance, dance. I-I, I just wanna, I just wanna clap, clap, t-t-turn around, turn around and dance, da-da-dance. I just wanna, I just wanna clap, clap, t-t-turn around, turn around, dance, dance, da-da-dance...
We are about to start this afternoon's program. Please take your seats as soon as possible. We're going to start shortly.
Please welcome back President Mike Sentonas.
Appreciate everybody getting back on time and, great to see everybody in person and not through the other end of a Zoom. So, love the session from DB. The support from our partners has been absolutely incredible. Big needle mover and one of the key drivers on our path to $10 billion in ending ARR. So, looking forward to spending a little bit of time talking about how we get from where we are today to that $10 billion number. At Falcon last year, this time last year, we talked about our path to $10 billion.
Our ending ARR at the time was $2.9 billion, and over the past year, we've grown 32% at scale, adding over $900 million in ARR, and we've made meaningful progress to that goal of $10 billion. Even I think we can all agree, in a pretty challenging macro, we haven't seen things get worse. We certainly haven't seen things get better. But I hope one of the things that you've heard over the time you've been at the event is how passionate, as you saw from the two people on the stage, our customers are about in our innovation and what we are doing. So we're firmly focused on this path to $10 billion. I want to go into deeper detail on three key solution areas that I think are really interesting to talk about.
Big, major contributors to our overall growth. I'd love to talk about 28 modules. Obviously, we don't have the time to do that, but I want to focus on these three key growth vectors, and they are big markets that we've heavily invested in, and I think these are areas that really solve some complex customer problems that we think we have unique differentiation, and that differentiation is driving significant consolidation. If you look at these areas, our solutions are extremely competitive. We displace other vendors. We win at scale. You see that in our numbers. Each of these solution areas are what I would call hyper-growth businesses in their own right, and I'm going to break into kind of categories of what they are, why we win, and jump into those. I want to start with Identity Protection.
You heard me, for those of you in my keynote this morning, without this, you don't stop breaches. 80% of the tradecraft has an identity element, and 80% of the attacks have an identity component. I want to start with this because this is a category that I think we created. I think I can say that. If we think about credential theft, if we think about lateral movement, the tradecraft that adversaries use, the requirement for Active Directory protection, these are all areas that, when we came out with this technology, were under-addressed in the market. I would challenge that in many ways, they are still under-addressed in the market. Complex solutions that require a lot of different products, agents, management consoles. We stop identity-based attacks in a way that is and remains very highly differentiated today. Fully native platform.
We've been this way for years. We've integrated the agent. People get benefit. They simply just turn on that module and continue their business. It's allowed us to cement our leadership position in this space. It makes it easier for our sellers. It makes it easier for us to demo. If a customer has a requirement, we can simply turn it on, and within minutes they get access to the platform. It's the same as you get from any other module within CrowdStrike, which is very different to other multi-agent products, other competitive solutions. These solutions work on domain controllers. If you have to roll out an agent on a domain controller, it could take months to years to get the ability to do that. We don't have that friction in our selling motion.
And driving all of that demand is the growth and acceleration of identity-based attacks from a variety of different threat actors. This is what the adversary wants. This is what they focus on. So if you look at our business in this particular area, our Identity Protection business was over $200 million last year, and since that time, it's grown more than 70% and now represents more than $350 million in ARR. We are the market's number one in Identity Protection. We are the number one solution provider with more than 4,000 customers just for this capability alone. So let me move to the big one, and talk about cloud. Hopefully, everyone saw the big demo this morning. Very excited. Had a lot of customers come and grab me about that straight afterwards.
Our Cloud Security suite, if you think about what we have done for many years, I've spoken to many of you about the requirement for an agent-based and an agentless solution, but think about what we are now doing, and you've seen the numbers, again, resonating and winning at scale. We've grown from nearly $300 million to now more than $515 million in ARR, growing at more than 80% year on year, and we're the market's number one Cloud Security CSPM, with more than 10,000 customers in this particular space. Why? It's the breadth of the solutions. It's the rapid innovation. It's the strength of our runtime protection. It's something that is very, very hard to replicate. People don't want just reporting and fancy UI. They want to stop breaches.
Now what we're starting to see is market awareness through our evolved messaging, focus on go-to-market, focus on third-party validation, all around what we are doing in this space. You saw the new UI this morning, which I think is radically gonna change the way people use the platform with the agent, with the agentless solution, with ASPM, with DSPM, and so forth. If we think about kinda where this market is going, this market is projected to grow to more than $30 billion. Hyperscaler spend continues to be on the rise. People keep looking at how they evolve and take their journey into the cloud, and all of that technology, all of these workloads, need protection.
I believe it's a market still in its very early innings, and in its first sort of wave, there are a lot of vendors that focused on point feature capability, focusing on just a small piece of it. Bless you. A lot of the vendors have focused on visibility. Why? It's easy. It's an easy problem to solve. The agent base, the security issue, is the hard part. It's something that we've talked to you a lot about before. These products use API-based capabilities. They do API-based side scanning. They're super easy to deploy. They're a point-in-time approach, but the reality is, they're also super easy to displace because of that architecture. So the next wave of this market, I believe, is all about protection, and people are really starting to say, "It's good that I get visibility, but I actually wanna stop something.
I wanna do something about these threats. I wanna deal with the malicious behavior in the cloud." So it's about bringing prevention, detection, and response to cloud-based threats. It's about how you unify that entire environment, and I believe this is where we stand out, and it's something that we've talked about from the very beginning, to have that entire environment end to end. So where to from here? When you think about what we have done and some of the incredible acquisitions that the team has made, if you think about our comprehensive approach to solving this cloud problem, we have technology that's automated and native. We don't have a multi-console environment. We don't have a mixed, excuse me, you know, hodgepodge experience where people are trying to get different things to use.
Somebody said to me before, "Love the, the announcements that you made because we do incident response with Excel." You know, that's the reality of what people do with other products. Our agent-based technologies start with CWP, with our CDR tech, services. We bring in all of the AI-powered protection and response capabilities that we have, and then over the last few years, we've really focused on bringing the rest of the portfolio. It's bringing in the agentless and the API-based visibility and posture needs. It's bringing in CSPM for visibility. CIEM for identity-based risk has been a huge one. And then, with the acquisitions of Flow and Bionic, bringing in ASPM for application risk and DSPM and DLP for cloud data risk. This is an incredible portfolio of technologies that we are starting to bring together. Big announcements today.
AI-SPM for AI-based LLM, chatbot, and GenAI model-based risk visibility, which is a huge one and a growing area. So what makes us different? What makes us different is having all of this under the one roof. What makes us different is having all of this capability with now full visibility, full attack path analysis, where we can bring in the power of the platform and bring in all of this visualization of the platform and tell everybody what's happening from the endpoint to the cloud, from the user to the service that they use, and how all of this is related across their entire environment. But more importantly, we can tell our customers how, when, where, and why to stop a breach and actually do something about it and stop it. I really wanna emphasize that point. Customers demand a solution beyond just visibility.
One that I wanna talk about and that I'm super excited about is one of the fastest-growing parts of the portfolio and a big area that we've focused on through the acquisition of Humio, the evolution of LogScale, what we've done with Project Raptor, and really started to build out our next-gen SIEM business. We went from less than $100 million in ARR to more than $200 million–$220 million in ARR, growing at 140% year on year.
We are replacing legacy SIEMs of all types and scale, whether that is end-to-end replacement, whether that's taking customers on an evolved journey, whether replacing parts at a time. We now have more than two thousand customers using our next-gen SIEM technology, with twenty-nine thousand of those enabled to be able to turn it on and get access from there, so a big part of that is our product innovation. A big part of that has been what we've focused on over the last year or two, which I think has been nothing short of impressive, building so much capability over that time, that has taken incumbents years in the past to even think about, let alone start to build some of the capabilities that we have.
You know, some of the things that we've thought about are concepts like making the experience a lot faster and more economical. What does that mean? Getting data in easier, operating and configuring the solution a lot easier. We've thought a lot about the go-to-market experience, and we've thought about how do we think about this, the dynamic nature of this market, where customers are looking to make changes, so enabling our partners and making sure that they're capable to work with our customers. And I think if you take a step back and you think about SIEM, and there was a comment earlier from one of the guests that, Elwin from Ross Stores, and he talked about the changes in the SIEM market. I do think we're in a cycle again, where this market is in the throes of disruption.
I think a lot of the legacy players have lost their way. I think they're living perpetually in the early days of SIEM. They're not innovating in an area that really needs a lot of innovation. People want the response capability. People want to think about how they bring in cloud environments and requirements into this architecture, and people don't want inflated costs. That's one of the biggest things that we hear with a lot of the legacy technologies. So we know that SIEM has become one of the top three spend items for customers, and we know customers are saying, "We're spending a lot, but we're not seeing the value." Companies are saying, "We're spending a lot and not seeing the value," which is why they come and talk to CrowdStrike.
You know, we've seen an incredible amount of M&A activity in this space, which has created a lot of disruption, and I think what that means with that disruption is people are saying, "I wanna turn on your CrowdStrike Next-Gen SIEM. I wanna do a POV of your Next-Gen SIEM. I wanna put data into your platform to see how you can help me." And because the data starts with CrowdStrike, in many ways, it just stays there, and people just license that capability. So, you know, why are we different? We're bringing a lot of new capabilities to our customers. We're making it easier and more economical to adopt that technology. We're a platform data producer. What does this mean? It means that customers don't need to take their data out of our platform.
They leave it there, and they just take in the final few percentages from other solutions out of there. So, the other big thing is when people do wanna bring data into our platform, we've made it incredibly easy for them. We're leveraging AI to build the parsers, which is something you could not historically do. If you think about a lot of the SIEM technology of the past, they were quite generic. We've taken a very security-first view, which means that for a SOC, it's a dream come true because we're not saying to somebody, "Here's a toolkit. Go and work out what problem you want to solve with the tools." We're giving somebody the entire platform, the entire architecture, so that once data is there, they can actually start to use it. That means it's purpose-built for security, which is absolutely critical.
Speed is important in security. I talked about that in my keynote today. It's important to the adversary, it's important to the attacker, and it differentiates the two. We're faster in the search, which means that we're faster to action that data. And customers are saying, "What took us over a week is now taking minutes in your platform." They tend to not believe it until they see it. It's that different in terms of the experience. We've changed the cost curve in a way that makes the CFO smile. It's a lot cheaper to use this platform versus other solutions, which is why people are gravitating very quickly. And when I think about our Next-Gen SIEM efforts, it is helping accelerate platform consolidation.
It means that people are using CrowdStrike and non-CrowdStrike solutions, but staying within the CrowdStrike environment. It becomes the logical place that people wanna anchor and look to displace other solutions from other vendors. So it's not only displacing legacy SIEM, but it's actually a driver for displacement of other solutions as well. So kind of just a summary of some of the differentiators, because it is a complex area. You know, one of the big things that people tell me about where we are today, people, they're saying, "Geez, what you've done with Falcon and the way that it works, it feels like a security-focused SIEM. It feels like the home for an incident responder." They love the look and feel of it. This is before we've even started with Project Kestrel.
People are basically saying the native data is already there, and it's easy to bring in the last 10%, 15%. The work that we're doing to make it easy to consolidate CrowdStrike and non-CrowdStrike data over the last many years that we've talked about it, people are getting that value today. The Incident Workbench is a huge differentiator. It's a huge value add for threat hunting. It means that people can use the CrowdStrike data and third-party data in a visualized way, and it means that analysts from around the world that work for a company can work on the same dataset and look at it at the same time and solve problems. So what we're finding is analysts of all skill sets love using the platform. And I always say, best kept secret, Fusion SOAR. It's used by thousands of customers.
People are using that day in, day out to automate, to remediate. I talk about our response platform. If you can think it and you can script it, you can execute it, even down to emergency patches. People can use the technology, and then top that off with Foundry, a factory for creating customer apps. We put the power in the hands of our customers so that as this platform approach flourishes, people can create as many use cases as they want. They can anchor everything that they do in security and non-security environments in the platform by creating their own modules, their own workflows, which is absolutely fantastic, so George touched on this. I do wanna sort of go a little bit deeper in a couple of areas. We continue to focus on innovation.
Hopefully, the big thing that everybody took from my keynote this morning, there's just so much that we've been working on, and that is not only looking to go horizontally across the stack, but it's to go deeper vertically in everything that we do. That's super important for us as we continue to innovate inside the Falcon platform. So let's go through some of those. Project Kestrel. I'm super excited about this because this is gonna radically change the experience that people have. Let me get out of the way there. This is gonna radically change the way people use and interact with the platform. Beautiful, modern, customizable reports with executive views, reports that go to the GRC people, which doesn't sound that important, but it's hugely important from a security and compliance perspective.
Driving modules, making it easier, faster, an experience that is unique to an SMB, to a mid-market organization, to the largest government in the world. The platform will operate in the way that they configure their own experience, and you've seen what it looks like from a cloud perspective. I've talked a lot about Next-Gen SIEM, so I'm not gonna go too much more into that area. But one of the biggest problems with SIEM is getting data in. We've solved some of that with the way that we can forward data. We've solved some of that with our partnership with Cribl and some of the work that we're doing there, but then some of the innovation with AI parsers that accelerate the data ingest. You don't have to be an expert in doing ingestion. Let us do it for you with an AI parser.
Firewall data is firewall data. Email is email. We can bring that data dynamically and do it in a very easy and fast way from our for our customers from any source in their environment. One of the big announcements, I've talked about it, so again, I won't go too much, but I'll point out some of the big differences. Really focusing and doubling down on cloud, that continues to be a big driver for us, making sure that it is integrated, making sure that it's comprehensive, native in everything that we do, and that real next evolution is to keep focusing on how we stop breaches and how we build out that cloud capability with the integration of ASPM and DSPM. People obviously loved what we're doing with Identity.
For those of you that were in the keynote, you obviously heard the audience. Expanding our coverage with Microsoft Entra ID, cloud-based AD is huge. We wanna make sure that we keep our lead, and we expand into new identity stores such as Microsoft Entra ID, and you saw that just-in-time capability that we built out with the platform. I had people chase me down the hall saying, "I want to be in the beta for network vulnerability assessment." And this was a big ask, and it's something that we want to do because it just helps that consolidation. We don't want customers to use our FIM capability for agent-based scanning and then something else for third-party. We want to make sure that we bring this all together.
So customers have told us, network vulnerability assessment tools were the ones that they want to be liberated from. They want to have everything under the one platform from us. So, we're super excited about that. There's a lot of work that we're doing there. We want customers to participate in that beta. There's a lot of use cases that we want to prioritize, and this is normal for us. Customers help drive our roadmap, which is really important, and that's why customers love what we do, because they're gonna help us pick which features they want first. George touched on this one, and this is a big one, because the reality is, the world doesn't just naturally upgrade to the latest version. People don't naturally just get the new version of Windows and upgrade, or the new macOS version.
There's a long tail of operating systems. We have a lot of people that still use XP around the world, because there's not an alternative for them to upgrade. We want everybody to have CrowdStrike on their machine, and customers ask us to help them put CrowdStrike on every machine. So legacy OS support, there are millions of machines running XP, running Server 2003 , running, a whole range of different versions. So we continue to focus on that to make sure that we extend CrowdStrike to all of those machines. No endpoint gets left behind. So we want to continue to look at how much of the market is using those versions. We want to provide support for those versions, and a big part of that is IoT.
We've had incredible success in the last twelve months solving IoT problems for some of the world's biggest brand names, and we'll continue to focus on that capability. Okay, so what are some of the opportunity zones on the path to $10 billion? Flex is a massive one. Let me bring all of this tech and all of these new models to life through some of these, illustrative opportunity zones and talk about how we're gonna do it. And the first one starts with Falcon Flex. We see greater than 120% average TCV uplift on customers who adopt Falcon Flex, and greater than 65% average ARR uplift, which is incredibly meaningful to us. So more Flexes, more Flex, engagements, get us to that $10 billion faster. Other opportunity zones on the path to $10 billion.
It starts with what we're doing with Falcon Cloud Security. We see this as a major market for us, and we continue to gain share quickly in this particular market. We believe our cloud business could be $2.5-$3 billion in our path to $10 billion over time. So it's an incredible area that we continue to invest in because of that opportunity that we can see in front of us. We've talked about Next-Gen SIEM. We see this as an incredible growth opportunity on the way to what could be a $1.5-$2 billion market opportunity in our build-up to $10 billion. And this is a market where customers are driving our roadmap.
They are the ones that are asking us to go into certain areas to solve problems that other vendors are not. I've talked a lot about Identity. For those of you that have been coming to these sessions over the last few years, you know that this is a personal favorite for me. Identity Protection, we're well on the way to making Identity a key part of the industry-standard EDR. Customers love this. If you heard Stephen Harrison from MGM earlier, he just talks about it as such a critical part of his security architecture. But there's so many more. We don't have time to go through all of them across the entire conference, but think about Falcon for IT. Think about Charlotte. Think about Data Protection.
As I said, we've gone over the last twelve months horizontally building out the stack, but we really want to go deep into those domains and really build out those capabilities, so emerging growth products that continue to perform really well, they are incredibly interesting for our customers. They've got large, growing TAMs in their own rights, and we're seeing customers really drive and adopt, and do POVs with Falcon for IT. It's an incredible market that you can see there. Data Protection, living in a $9 billion market, we want to continue to innovate in that particular space. I think it's a space that's ripe for disruption, and we can't forget Charlotte. We're living in an AI world, and this technology can help solve some complex problems for our customers.
I think this is an area, very early days, but an incredible amount of promise. One that you also hear me talk a lot about is the new logo runway in global enterprise and SMB. We've had incredible success in the Global 2000 . We went from 30% last year to just shy of 35% from a logo standpoint, which is fantastic growth, but the rest of the logo penetration stats show that our low single-digit penetration means there's huge opportunity ahead of us, which is one of the things that I talk a lot about when we get together. I think when we take a step back and we look at all of the innovations, they map really well across the globe. They map really well across the different customer segments that we have.
We've done an incredible amount of innovation over the last 12 months. We've done an incredible amount of innovation over the last 10 weeks. We have not slowed down, and that's including adding additional control capability for our customers. I always say internally at CrowdStrike, we are an innovation company, period. It starts and ends with solving complex problems for our customers. So these are not sort of trivial features. These are complex areas that we've worked on. We've asked our engineering team to constantly take a step back and think about key problems that our customers face. You've heard me say it all before, I ask our engineers to spend time in our customer SOCs.
I ask our engineers to go and spend a day in the life of our SOC teams, because that's where we learn what our customers need, and that's how we innovate to solve their problems. So as we start to wrap up, we're firmly focused on the path to $10 billion. Thank you for coming with us on this journey. We've talked a lot about cloud, we've talked about Next-Gen SIEM, we've talked about Identity and so much more areas that will give us a very clear path to that $10 billion goal. It starts with the right platform. It starts with the right architecture that George talked about.
It's validated by customers every single day, and many of you have come and grabbed me and said, the feedback that you've heard and what people have told you has been incredible. And that's simply because the technology works. It's the right go-to-market approach, and it's having the right partner ecosystem, which DB spoke about. That hub is phenomenal, just having so many different people here that are building, innovating on the CrowdStrike platform. And it takes the right solutions, winning in their respective markets. So it's really making sure that we focus in on solving those key complex areas for our customers. So I'm gonna pause. There's a lot more that we can talk about, but I wanna make sure that we save time for Q&A. But before then, I'm gonna hand over to Burt to share some financial commentary.
I look forward to coming back and answering your questions. Thank you.
Please welcome Chief Financial Officer, Burt Podbere.
All right. So I know we've thrown a lot at you today. We've had perspectives from George, Mike, some of our customers, our partners. And now I'm going to walk you through kind of the financial perspective, my commentary on how I see things through my lens, and hopefully that gives you some insights to how, you know, all the financials tie into all the things that you've heard today. So without further ado, let's jump right in. Just a table set, just taking a look at some of our financial highlights. Strong starting position. You know, pick one of these, right? ARR, ending ARR, 30% growth at $3.9 billion. $218 million net new ARR, 11% year over year. Strong cash.
One of the metrics that I really like to talk about, which was, you know, 48% of our customers that had 100 million plus in ending ARR had 8 or more modules. That talks to the stickiness, obviously, of the platform. It talks to how customers are willing to adopt more, use more, and it dovetails into a lot of things that you heard today, you know, whether it was from DB, and we'll talk about that in a minute, or others, in terms of consolidating. So when I think about these results, you know, how did we achieve these results?
Right at the end of the day, we achieve these results by listening to our customers, taking care of our customers, and then, of course, you know, Mike and George talk about the right architecture in terms of being able to deliver, you know, our technology in a very quick and efficient manner, and being able to continue to invest in R&D. You know, for me, we've talked about R&D forever, in terms of we are not gonna take our foot off the pedal, right? R&D is the bloodline. Mike's talked about it. It's how we're gonna continue to allow our customers to grow with us. And then, of course, for all of you folks in the room, the financial discipline that you've been accustomed to, right? We were never a company that grew at all costs, right?
We were a company. We took a measured approach. We looked at the metrics that mattered to us. We worked with the go-to-market teams, the engineering teams. We looked at our products. George talked about, you know, COGS and how, you know, you collect data once and reuse many times. It's a very efficient model for gross margin. Really works. Obviously, all the work that we've done, you know, on the back end and on our DevOps, we've talked about that for a long time, and, you know, that talks to the 81% non-GAAP subscription gross margin. So I think at the end of the day, doing all those things matter, but what matters most is still about taking care of our customers. It's our way forward, right? I spent a lot of time talking with customers.
I think a lot of you know that. It helps me in many ways. It helps me understand kind of what they're talking about, so when I talk to Mike, we can have a, you know, an understanding of what customers are telling us, not what, you know, somebody else is just, you know, whispering that this is a good idea. It's about talking to our customers. It's about finding what's important for them and their perspective. And then it all comes back to, you know, how we are able to take care of them by leveraging, you know, our technology. You know, 28 modules, you know, easy to deploy, easy to use. All those things matter when we're talking about how we can take care of our customers and our strong business model to help solve business problems, right?
And for us, it really is all about solving it from a business perspective, regardless of, you know, July nineteenth. It's about, you know, how are we gonna work together and journey together, and how do I put this all together in a financial way that makes sense for our customers, and it makes sense for us? But back to the vein of, you know, July nineteenth. You know, you've heard about the Customer Commitment Package many times. You've seen this slide with George when he brought it out, you know, and it talks to, you know, the variety of things that we have available to us on our platform. This goes back to my previous comment about leveraging the platform.
You know, for me, as I think about these one-time incentives, you know, the Flex Funds for modules, this is the one that I'm excited about, and I want our customers to be the ones that we wanna listen to and, you know, show them, you know, what we can do with respect to our modules. We talked... George talked about, you know, the Flex, and he talked about how that's a great delivery mechanism, but module adoption drives efficiency, value, and protection. The more modules that a customer has, the safer they are. That's it. And for us, we wanna make it easy for them to enjoy all of them. That's why Flex came about. I'll talk a little bit more about that a little later.
So you know, module adoption, giving them dollars to be able to consume more, enjoy more, and build processes around and train their people around. These are all the things that make, you know, our platform sticky and exciting and make it easy for our customers. You know, you go down the list, whether it's professional services, you know, that can help, you know, our customers, as George said, succeed faster with our products. Flexible payment terms, that's my shop, right? I'm listening to customers. I hear their needs. I wanna be there for them. So long as it makes sense, we're gonna work with them in terms of how we're gonna structure payments. You know, some customers are asking for subscription extensions, so for those customers that want that, we're gonna provide that.
You know, I think that, you know, the one of the outcomes for that is, you know, our customers get to use, you know, our platform longer, right? That's an outcome. Others, you know, it could be just a straight discount, and then we can also offer one-time compensation, which has a different treatment in revenue than discounting, but it's available to us. All those things are available to us, and so we're gonna use them. We're here at Falcon with thousands of our customers, to talk through, you know, what their impact was. You know, the first thing we wanna do is take the temperature with all our customers. You know, how are they impacted? Maybe some weren't impacted.
You've heard some that were up in hours, but we wanna be here for our customers, we wanna show that we're backing our product, we're backing our commitment to them, and these are some of the things that we do to enable that. I'm gonna walk you through three examples to kinda highlight how the Customer Commitment Package can vary. The first one, you know, is a straight term elongation. It comes from a healthcare company. Really simply put, the deal started with... And these are real deals, right? This is not illustrative; this is actual real deals. So the customer had TCV and ARR of $460,000 over 12 months.
Then we said, "Okay, we're gonna offer you thirteen months for twelve." So the good news here is that we were able to keep their total spend the same, $460, but ARR did contract down to $425. Contracted in the short term, and you're spreading recognition, you know, over more months. This is a very simple, kind of analysis and simple, you know, in terms of how we handle this customer. But this customer, like many other customers, want, you know, elongated time and duration. That's fine. We're here for them. We move to the second example. So this is a semiconductor company. This is a Flex-led commitment package.
So it started with you know a TCV you know of $1 million over 36 months, and the customer started out with a million in TCV and point six in ARR. Now, this customer, this is a real-life example, there are definitely different products that they have, and you're in midstream in some of them. So when I think about this as a real example, there are some, again, midterm expansion of various contracts built within the million and the ARR of point six. But that's a starting point, to start there. Then we had this conversation with the customer, and we said, "Hey, look, let's talk about Flex. Let's talk about what this means for you." Fast forward, at the end of the day, this Flex customer, they expanded by $2 million.
CrowdStrike threw in an additional $0.6 million of value, and they got more modules. So what did they end up with? At the end of the day, they ended up with a longer commit, a commit of 36 months, of $3 million, and ARR went up to $1.1 million. So what happened, you know, for us? At the end of the day, when some of these incentives start rolling off, you can see that the starting expansion opportunity is now $3.6 million. And so when you walk through the journey with us, you can see that, yes, we were able to do more with our customers.
When customer came to the table, they added some commitment dollars, we added some funding into that package, and lo and behold, the customer was really happy when they walked away with, you know, more of our modules. You know, they were able to get, you know, more from us, and everybody kinda walked away saying, "Yeah, this is the right answer." And this is what George was talking about in terms of how Flex can work and how powerful it can be. The third example I wanna walk you through is, it's not a Flex-led commitment package, it's a healthcare company. And this particular example, and these are real-life examples again, this one included term elongation as well as additional modules.
So on this particular example, the customer had $1.6 million in TCV and ARR over 12 months. We talked to them, we said, "Hey, look, we're gonna add in..." The customer wanted a bunch of different modules. We added in three modules. We added in three months of elongation. So when you move along the path in the negotiations, at the end of the day, you ended up with a customer that now has $6.1 million commitment with us over 39 months, and you have an ARR that went to $1.9 million. So what do you have here? You have a commitment that went up by over three times and ARR that went up almost twice. These are really good things for the customer, and they really are beneficial to us as well.
and so you can see that all three examples were very different. They're bespoke, right? Each one of these things took a different, you know, outcome or a different discussion to get to the outcome they wanted. And we're still early in our journey, and I'd love to be able to share more and more about where customers are going, and I wanna give that data. Trust me, I wanna give that data, but I don't wanna give misleading data. It's a little early to kinda give you, you know, a trend about where some of these are going. but at some point, I wanna be able to do that and say, "Hey, look, this is where it all came from, like, we all feel confident and comfortable that we can give you a trend that makes sense." Okay.
So let's look, let's look back to that first example where you saw some contraction based on time, right? I think case one is, you know, the one that I wanna, you know, focus in on in terms of our discussion, in terms of how to think about modeling and decoupling the modeling of ARR and revenue in the short term. And so we've talked a little bit about, you know, the commitment packages, and on the earnings call, I wanted to talk about, you know, some of the impacts. But one of the most important things is I wanna decouple of the modeling of ARR and revenue in the short term, and how to think about the $60 million, right?
The $60 million hits both revenue and ARR, but the modeling of net new ARR and revenue are different in the back half and the short term, because of how in-quarter revenue is recognized for a SaaS business. You can't take a look at that in-quarter revenue and then back-end it into ARR, because the outcome you're gonna get, the range is gonna be too big. Just too big. When we thought about how to model this thing, we separated and took a look at each one of them separately, ARR and revenue. Let's start with ARR.
We said, "Hey, let's review the short-term impact, and let's review how all the things that are in front of us are gonna impact, you know, ARR for the back half." I gave out a number of $60 million in terms of impact directly from the Customer Commitment Package. I wanted to give a quant, you know. This is how I interpreted it. It goes into the sum of all the different customers from case one, right? Or a variation of case one, where you have contraction, and we have a lot of customers. We said, "Okay, let's just do some math and come up with a number that kinda makes sense." This is what we came up with, ARR from a strictly from the CCP perspective.
But then, on the earnings call as well, I mentioned here, we have a lot of headwinds against... we're up against, right? We talked about delaying our prospecting. So we had prospecting on hold for a few weeks post the incident. That impacts, obviously, ARR. We talked about, you know, these extended sales cycles. Obviously, customers are looking for, you know, different opinions within their own company. Approvals are there. We're seeing more and more approvals that are gonna take place, right? We're more scrutiny on these deals, and we have muted upsell rates. So those two things are additive, right? They're not a subset of each other. We have one that's a CCP, which I tried to give a quant for. The other one is just the specific impacts of the headwinds that we face. And you know what?
I wish I had a crystal ball. Based on the fact that the three examples I gave you, I've lost visibility in terms of how I'm gonna be able to identify where we're, you know, what we're gonna look at in terms of ARR. We've lost some of the visibility. Over time, we're gonna get it back, but in the short term, we've lost visibility. But I wanted to give you kinda how we thought about it, right, in terms of when we were running through our models. So that's ARR, right? It's very specific. These things are additive. You know, at the end of the day, we can do our best in terms of determining, you know, some of the headwinds that we face. If we switch to revenue.
So for revenue, we said, "Hey, look, based on some of the CCP items that we listed before, some are gonna impact revenue, and they are at the same, the same pace, the same rate, some won't. Some are gonna hit revenue." And so I said, "Okay," a $60 million, again, sounded like an appropriate number in terms of what the impact is gonna be from CCP. That's just for our subscription revenue piece. It still starts with the $60, with the $60 million. We talked about, you know, all the different pieces that can impact that. The second thing is the high single digits from pro services. So we talked about, you know, that as well, it was gonna impact, you know, our overall revenue number. Then the remaining, the remaining part of the guidance.
These are things that I talked about just a minute ago in terms of ARR, all those headwinds. They're gonna impact us. These are, again, outside the CCP, and so, as we've always done, you know, we try to get to a place where we're prudent in terms of our guide. We looked at you know how we can get to the midpoint of our guide for the year of you know a decrease of $97 million. That's how we got there, right? There's no elaborate scheme in terms of how to figure it out. This is just what I did. And again, I go back to the fact that, hey, we do have reduced visibility, but I wanted to give enough in terms of quants and quals for everybody out there to kinda get how we're thinking about things.
I think this was a good descriptor. All right, now let's move into just a summary of the impact. I thought it would be wise just to kinda lay it out. This is the Customer Commitment Package, primary impacts. Module adds. We talked about those. This is the one that, you know, we think is best for our customers. We talked about why. There is an impact to total gross margin, right? So as much as, you know, we have this correct, correct that at once, many times George talked about, we still have additional costs. There's processes costs, there's hosting costs, so there is an impact to total gross margin. Professional services. There are costs that are gonna hit total gross margin as well.
These are people costs, and there's gonna be an impact. Flexible payment terms, obviously, that's gonna impact cash. And then finally, term elongation, discounting, it's gonna impact ARR, it's gonna impact revenue, it's gonna impact all of it, right? So clearly, we wanna be working with our customers to get them to a great place with module adds. Again, I think for us, George has talked about it many times, about how we think about, you know, protecting our customers. The more modules they have, the safer they are, right? The seamless, you know, technology that we've built matters. All right. What does this all mean? What's the big takeaway from my section, and I think from George's as well? Well, it's really about seeding now for the future, right?
So if you look at the left-hand side, in the short term, we've got these near-term headwinds. I've got limited visibility. We've got customers who are gonna choose different aspects of the CCP, but a lot of them are gonna pick the modules, the green circle, whether through Flex or not through Flex, a lot of them are gonna go there. And here's a new stat we talked about that I'm showing everybody, which is we have a historical average module renewal rate of greater than 95%.... So starting in the back half of next year, I get comfortable in talking about re-accelerating that because we've got this strong historical renewal rate. As we're letting customers use or enabling them to use more and more of our products, we've got a great renewal rate, which equals future expansion opportunities.
Now we go to the acceleration, and when those renewals are up and some of the incentives roll off, you get ARR re-acceleration. That's the big takeaway. At the end of the day, we're seeding our customers now for the future. There's a cost. I've tried to highlight what that cost is, but I think our historical module adoption rates just give us strong confidence in our future. For me, that's how I think about-- That's that, in conjunction with one that you've already seen, our strong module adoption. Quarter after quarter, customers adopt more of the Falcon platform. You can see it here. Many of the announcements that Mike has given out, well, and George, we've made today, are making it easier for them to adopt the platform faster, quicker, stronger. We covered the Customer Commitment Package.
We covered Flex, but I think it's worth a moment to revisit Flex from my point of view, and here's what that looks like. So for us, for me, I want to be really clear on how I model it, what I have to think about in terms... I'll put on my accounting hat and share with you how I think about it. It's a recurring subscription model. ARR and revenue recognition is the same as non-Flex contracts. Cash payment terms are the same as non-Flex contracts, so there's no mixed models. There's no, you know, kind of confusion as to, Well, how does this work versus that work? Same in terms of how I think about ARR and revenue recognition. George talked about the benefits. DB talked about the benefits on the procurement ease. This matters, right? Not only to us, but you heard DB.
Hey, I want to be able to try stuff. I don't want to have to renegotiate every single module with our procurement folks every time I want to try something." That slows everything down. It's not good for him. It's not good for us. Falcon Flex solves that. George talked about it. Customers get to use what they want when they want to use it, and this is super important when George talked about the budgets. You know, customers are all up against budgets, how it kind of flows in. Well, I have more to spend in the out years. Okay, spend less now and spend more later, right? Mike and George talked about demand planning. This is the most elegant solution I've ever seen for demand planning. And then we throw in the, the idea of no annual minimums.
So some of you are probably familiar with annual minimums from other companies that have commitments, and they have to have annual minimums because they have different needs. We have different needs, and so this is massive. I was on one deal, and we walked through the Flex component of the deal many times with many folks in their organization, from the procurement officers all the way up through the ultimate buyer. And we talked about you know all the different aspects of Flex and all the benefits of Flex, when you can use it, how you can use it, and the no annual minimums. And it actually came down. When we finalized the deal, it actually came down to the business owner calling me up on my cell phone and saying, "Let me get this straight. All the things you've talked about, great.
I want to know one thing from your mouth, and then I want to see it on the paper. "There's no annual minimums." I said, "That's right, there's no annual minimums." He says, "We're done. We're good. Let's go." It was a big deal. So that's why Flex is so important to us. I think it's great for our customers, and that's where it came from. George talked about that, right? For me, I would love all of our customers on Flex at some point, right? And I think that just the elegance, the way that it's been adopted or can be adopted, really meets the customer needs, and that's how I think about it.
So when we think about this in terms of when you think about it, there's no change to rev rec and ARR, and ARR recognition, you know, cash terms compared to non-Flex deals and non-Flex contracts. So there's no confusion in terms of how to account for this. All right. Yay! CrowdStrike Financial Services. Finally, Finance gets to be part of the arsenal in helping Mike in his mission in go-to-market. The big picture accelerates larger deals, multi-year deals, right? We're using our own balance sheet, and it's operationally live. There's a booth out in the hub that you can go and talk to the folks over there. For us, this is a long, long time coming. It's making it easier for customers to transact. At the end of the day, we're solving for customer needs, not solving for a metric.
In terms of that, that's how I think about it. It really is. So two things, you know, expect minimal cash impact in the second half of this fiscal, FY 2025. It's gonna be minimal. It's still getting up and running. It's new, all that kind of stuff. But we are maintaining FY 2029 free cash margin target. I think those are the two bookends you want to take away, right? Small impact now, and I'm not changing, you know, my overall outlook for our free cash margin, right? So big kudos to Mike's team, working with my team, for us to be able to, you know, bring this to market.
You know, as I think about, you know, George and what he wanted to bring to the market, he's been waiting for this and the right moment, and the right moment is now. And so we're happy to be able to announce that and have it all operationalized. And I think that, you know, as we think about all the things we talked about, we're firmly on this path to the ten billion. This is part of it. This is an enabler. You know, Flex can be bigger deals, right? As George talked about, bigger deals. Okay, like, well, how do we help customers get there? This is one answer. I mean, Mike walked through this, walked through all the different pieces of how to get to the ten billion on a product perspective.
George talked about it from a mission perspective. How do I get comfortable? Right? I'm the one who has to kind of put the numbers together to marry to the technology and the vision and the mission. For me, it breaks down into, you know, these five different pieces. And the solutions, obviously, what Mike talked about is how I got started. One build, right? Take a look at all the TAMs, think about what we can grab from each one of those TAMs. I start there, but then I look at, okay, well, who can buy all this, right? It's the segments, right? George launched the company, going after the large enterprise, but we've gone all the way down market. We've got a lot of opportunity to sell all those different 28 modules to the down market, right?
Mid-market, down-market, massive opportunity for us. I get excited about that. Geos. You know, we've done really well in terms of, you know, our distribution to date, basically 70% in the Americas and 30% rest of the world. And I'd love for the rest of the world to, you know, move up, move up the chain and be 50/50 at some point. Tough to get there when the Americas are doing so well. But I'd love to see that, but it's so it's a real opportunity for us, right? We know the playbook that works. Whether you're sitting in country A or country B, you know, the adversary doesn't care.
They wanna go after whatever they're going after, whether it's data, whether it's, you know, data that they can use for turning it into cash, or they can use it for nefarious activities, they don't care, right? So it's the same solution, and then, you know, DB brought up a couple of partners, right, on stage. Accenture, you know, this is, you know, this go-to-market motion is massive for us. There are a lot of partners here. I'm sure that a lot of you are talking not only to our customers, but to our partners. You know, in terms of how we're invigorating our partners, DB led us through that discussion.
I think that the partners are just as excited as we are in terms of whether it's Flex or whether it's just the ability to bring new products to market, the ease of deployment, the UI, you know, this is a biggie. You know, in terms of ease of use, manageability. At the end of the day, it comes down to, you know, three things. It comes down to efficacy. You know, you're asking all of our customers, you know, how effective, how we're able to stop breaches. It comes down to... You can look at also all the analyst reports in terms of where we stack, whether it's vision or whether it's how we've been able to execute. There's manageability, right? The ability for customers to, you know, have one console, one platform, one agent. Simplicity. This matters, right?
Finally, scale, in terms of how we're being able to, you know, bring more to our customers. We've taken all this telemetry, how we put it into our product, that feedback loop, getting better and better and better. Those are the three, you know, main things that I think about in terms of why I get confidence into the 10 billion, among all the other things we talked about today. Finally, the target model by full year FY 2029. Even with all the events that have taken place, I wanna try and pull it all together. You've seen these before, and I've talked about when we're gonna get there. I think you all wanna know: what could get us there faster, right? Part of it is us reinvesting all the margin that we have back.
A lot of our margin back into R&D, right? Accelerating how we can get product updates out quicker, faster, stronger, all those things need to take place, but that's an opportunity for us. More adoption, customers being able to adopt more. We talked about Flex. This is seeding that opportunity for more adoption. And, you know, I think that if you combine all those things together, if we do them well, if we do them really well, we can. We will be able to accelerate the timelines. But those are exciting for me. You know, I'm more committed than ever. I think, you know, a lot of you, I've spoken to you one-on-one about how I feel about becoming stronger from what happened, and I think that's, that's true.
Based on all the conversations that we've had with customers, partners, and even this event, and how we've been able to listen to our customers, you heard a few up here on what they wanna see, and so we're working towards all the things, all the needs that make sense for us and make sense that we can deliver for our customers who are asking for them, so I'm gonna pause there, because I think you guys have been inundated with a lot of information, a lot of, I hope, great factoids, great conversations, a lot of great examples, and I think that from where we sit today, I feel as confident as ever to get to, you know, that 10 billion that we put out there.
Okay, so with that, I'd like to invite George, Mike, and DB back on stage and do Q&A. The great news is we're ahead of schedule, so we can get people to where they're going faster, and so we'll try and answer as many questions as we can. So what'll happen is we're gonna set up the stage, and we're gonna have some chairs. Raise your hand. He's already got his arm. Raise your hand. So as soon as we get the chairs up on stage, raise your hand. I think I can see most of you, so we'll get to as many as we can. Here we go. So with a round of applause, let's welcome DB, Mike, and George back up to the stage. All right, George?
All right.
I see Saket in the front row. He's just itching. So why don't we start with you, Saket?
Awesome. Thanks. Saket Kalia from Barclays. Thanks, guys, for taking the question. Great event, as always. I wanna maybe start with Falcon Flex, right? Because it's such a compelling offering, I think, for both CrowdStrike, but more importantly, customers. And so George, maybe the question for you is, as you sort of think about next year, right? I mean, it's still early, right? But as you think about next year and going forward, are there any changes that you sort of wanna think about from a go-to-market perspective, to encourage customers to adopt Falcon Flex? And then, Burt, from your perspective, it's very helpful just sort of understanding the mechanics around, you know, no sort of mixed model. But how would you sort of have us think about the ARR impact as Falcon Flex adoption grows? Open-ended.
Sure. So again, great to see you, and thanks for coming out here. As always, you're in the front row. I know how this works. When we think about Falcon Flex and go-to-market, this was something that we set up again over a year ago, and we were actually going through the process, getting the sales teams enabled and changing a bit of the selling motion, 'cause you go from sort of BOM and modules to demand planning. And it takes... You know, that's a little bit of a change, right? So we're going through that and educating the sales force and educating our partners and enabling them, and that takes time and a ramp, and you've seen the success there.
I think if you look at where we are today in the Customer Commitment Package, it's actually an accelerant to Falcon Flex adoption, which is where we're going anyway. So we have the ability now, through delivering Customer Commitment Packages, to actually accelerate the adoption, right? Accelerate the learnings and the trainings, that we have to do with the sales team and the partners. We, we're all talking about it, 'cause it happens to be a delivery mechanism for solving a problem, but it sets up the broader consumption of CrowdStrike. And then you move from simple module sales to this demand planning, and you become a lot more strategic. We talked about it, you know, in the opening comments.
You know, we're having conversations, many more with the CIOs now and CEOs and boards, and you know, we've talked to more people in a shorter period of time than we've ever had at the highest levels. And what they wanna know is: How can we solve problems? How can we help them drive their operational costs down? And how can we give them better outcomes? It's the perfect opportunity for us. So I see it as an accelerant, and it really is a big part of our selling motion. It was in motion already, but now we get to accelerate that. And then, as we talked about, as we look at the back half, and I'll turn it over to Burt, you know, it really then drives more consumption and topping of these Falcon Flex pools as they begin to use them up.
Hey, maybe they use them up in their scheduled demand plan, but typically, what we find is people will use more quicker, and that drives greater protection for our customers and greater opportunity for CrowdStrike.
Yeah, exactly. I think it, I think... Thanks, George. I think, you know, ultimately, it's gonna drive ARR up, right? For all the reasons. I think we gotta get through the, you know, to the back half of next year for it all to come together to start that reacceleration. But, bigger commit from the customers, they're gonna be using it faster, using our stuff faster, so we're able to do, you know, more upsells during the program. So I think it's just an enabler for more ARR. That's how I think about it. All right, we'll go to Gabriela.
Hi. Great. Thank you. Gabriela Borges, Goldman Sachs. Question for George and Mike. One of your customers was talking about how closely intertwined your communications is on your future R&D roadmap. So my question for you is: How are you thinking about allocating the incremental R&D dollars that Burt was talking about reinvesting? What are some of the product cycles that you're most excited about that maybe are not on the slide today, but could be three years from now? So a little bit of a future R&D question. And as part of that, if you could talk about how AI maybe accelerates that roadmap, that would be really interesting as well. Thanks.
Let me take the first macro part of it, and then I'll turn it over to Mike. When we think about where we are today, we've got a very broad platform, 28 modules. We're covering a lot of different areas, and again, what we found is that because we're so good at being able to get this telemetry and data at scale and then be able to monetize and create these different workflows, we solve many more use cases than ever anticipated for customers, and that's not gonna change, but I think where we are, we've got a great platform. We'll continue to add some modules, but really, the focus now is not continuing to go out in the short term with a whole bunch more new modules, right? Yeah, we'll add new ones, but we wanna go deep in the modules we have.
We've got a great platform, and let's go deep. And a big part of the strategy has been, we wanna make sure all of our modules are full replacements for other technologies that are out there. You look at, you know, Spotlight and Exposure Management as an example, right? For years, we focused on the agent piece of it, which is great. We took care of all the agents, but now with the network piece, that then sets up the ability to fully replace some of the other technologies that are out there. So we wanna go deep now in these categories, and we wanna continue to build those out and work with our customers on the roadmap, 'cause we're delivering a lot of value, and we wanna make sure that we've got broad capabilities. Data Protection is another area. We've launched that initially with some use cases.
We worked with customers. Now they want more, and now we're adding to it. So we wanna continue to go to a spot where we know that we can fully replace some of the other technologies, legacy technologies in the marketplace. That's where we're gonna spend a lot of time. We're still gonna continue to innovate. We've got Falcon Fusion to add new modules. We've got new module to add. Obviously, acquisitions are on the table, but filling it out and going deep vertically is a big part of the strategy.
You covered it well, you know.
Imagine that.
There's other things that we wanna focus on. I mean, look, the core of why we're here is to stop breaches. So we're constantly doing R&D to see how we can continually automate threat hunting. How do we change the way that we do detection and prevention? There's gonna be a pretty cool announcement tomorrow about some innovation that we've been working on for about four years. It's really matured really well, that's using just a different approach to solving the problem. You know, we're looking to George's point, in terms of going deep in some of those areas. You think of Next-Gen SIEM, there's user behavior use cases that we can consider. You think about Identity, there's privileged access management use cases we can consider, and we can go, you know, deep in a number of those different areas.
You know, you look at Data Protection, I mean, there's a lot that we can do in those particular areas. So while we're constantly talking to customers about where they want us to go horizontally across the stack, they're asking us to look at solving more problems, in the existing areas that we have as well. You know, you think of SIEM and what we have with LogScale. You know, we solve observability use cases, but we solve a fraction of those observability use cases. You know, that's an area that we could choose to go down the path of going wider as well. So there's a lot there that we're interested in.
And I think, you know, one of the big things that everybody has said to me as I was walking from downstairs keynote to here was, "Oh, my God, there's so much that you guys are doing." That's not gonna stop, and that's the takeaway for everybody.
What about the AI piece? 'Cause that's with Charlotte and what we're doing there, I think is incredible.
Yeah, I mean, look, Charlotte, for when we announced this to everybody, we kinda talked about some of the problems that we can solve with Charlotte, that we've been training Charlotte to be a malware reverse engineer. We've been training Charlotte to translate threat hunting queries. We've been training Charlotte to help automate reporting. You know, we've been training Charlotte to do some incident response use cases. That's gonna keep building out. So you look at Charlotte, for example, inside Next-Gen SIEM today, writing a report, and that may sound trivial, but if you're dealing with a security incident, writing a report, it's a laborious process, and when you have humans doing it, they miss pieces. They may have bias in their reporting. Having Charlotte do the end-to-end reporting is a huge time benefit.
GRC people don't want security people writing reports because of bias, because they can, you know, change reports. Having Charlotte send it off to various people in the organization, super useful. So we continue to build out what we're doing with Charlotte to solve more and more use cases, and to add more and more automation to the platform, to give data to the user so they can make faster decisions. You know, we're not taking anything away from the user. Humans still make the decision, but making better, educated decisions faster. So that, that's a big one that we keep, you know, focusing in on what we wanna do there.
I just wanna follow on that while we get to the questions. I think it's really relevant. So I had dinner last night with a whole bunch of customers, but there was a customer talking about how much they love Charlotte. And I said, "Well, tell me how it works and how you're using it." And they said, "Well, look, you know, you guys have gotten to the point where this thing just writes the report." And obviously, we've... You know, since last year we launched it, we keep adding new capabilities, keeps getting smarter and trained, and they're to a point now where their multi-day reports, the timeframe is compressed.
So he basically had his guys write a report for an issue and, you know, came back, like, 24 hours later, and he knew it was only gonna take him, like, an hour. So he literally asked them, he said, "Well, what were you doing for the last 23 hours?" They actually held back sending the report because it was done in an hour. And they wanted to keep it on a one-day increment because they didn't want it to be too compressed for him. So their multi-day reports take less than an hour, and he was so excited about where we progressed to, that it is in a spot where it can actually replace a human from writing the report. Really cool story. John, gotta go to this side of the room, and then we'll go back and forth.
Excuse me. John DiFucci from Guggenheim. I think Burt said on the conference call, it's hottest as you're close - when you're closest to the sun, and now we're two months later, and you guys look pretty good for not sleeping for two months, so that's a good thing. I have a question on the Customer Commitment Package. So all of those things that you listed, they're all beneficial to your customers, but they're also beneficial to you at some point over time. That's a really good thing, except for probably the one thing that's in the other category, and that's discounts on renewals. And I'm just curious, like, how often is that happening?
Because I'm just trying to figure out how this flows through the financial model, because it's one thing not to be recognizing some ARR that's gonna come in the future because you gave some customers some product and, and they're gonna... When they renew, they're gonna start paying for it. But versus, "I've been paying for it, and then... I want a discount on my renewal.
Mm-hmm.
And please help me on this, because I'm going to get fired if you don't give it to me. I don't know.
Yeah. Let me try, and I'll turn it over to Burt. So when we look at this in the Customer Commitment Package, let's start with, and I've always said this, you know, if we take care of the customer, the rest takes care of itself. And I can never promise absolute perfection. I aspire to it, but I can promise our response. So I think going to a customer and saying, "Hey, look, we want to partner with you. We want to do something for you," is a huge step for them. And when we think about the opportunity in front of us and, you know, do you discount or do you create a flex pool?
You know, in a million-dollar example, right, you could discount a couple of hundred grand, and then you've got, you know, a discount, a contraction, that kind of would roll forward. Or you can put that into a flex pool, hold the renewal, right, where it should be at $1 million, but effectively, it's a one-time discount to them. But then it gives us the opportunity to still stay, you know, with the customer at the right price levels. And what I would say, as a company, we've been very disciplined in discounting. We've got the premium product, but it's the normal course of business. It happens, you know, you're in a competitive situation. It happens even before the nineteenth. Like, you've got a discount, you got to figure out how do you structure a deal. You want to win it.
And we know if we can get in or, you know, we have the ability to keep a customer happy, we know we're going to grow the total lifetime value of that customer. So we're trying to minimize that. Doesn't mean we can't or won't do it, but normal course of business, there's always a discount involved. But with flex, it makes it even better because you know what the discount is going to be. If they want a bigger discount, you just commit more dollars. We're happy, they're happy, procurement's happy, and that's really where we want to steer. Rather than locking a discount, you know, if you took a pool and your flat renewal, effectively, you're getting a discount, and then we can, you know, roll that forward, and that becomes, again, a good opportunity for us a year from now.
Yeah. So, I mean, think about it in the short term, right? If it's just a customer, I'm adamant on just getting a specific discount. Okay, we're gonna. We want to do what's right for them. Having said that, you saw examples two and three that I went through and what happened to ARR. So those happen, but in the short term, let's, you know, let's call it what it is. We're, you know, up against these headwinds, right? And if somebody is just adamant on a discount, okay, we're going to work with them. George is right, though. Like, many of our customers, they want to do more with us. They want to, you know, stay with us. You've heard the customers on stage, and then they're going to go, "Okay, well, how do we bake in the discount?
Bake in the discount." And it could come in the form of the more modules.
Yeah, but here's what I would tell you. If a customer really insists on a discount, we can do that. But the reality is, we can give them much more if it's in a Falcon Flex pool.
Right.
So it's sort of like, are you in with CrowdStrike? Do you want to commit? And you will get a much better longer-term deal from us if it's in the form of a Falcon Flex pool. You're putting some money in as well, and that's the conversation we're having. So you can have some, or you can have a much bigger opportunity with us. And, you know, when it gets down to procurement, and lots of companies are like, "We're all in on CrowdStrike," they look at it and go, "Okay, this is a great opportunity for us," and they're in the boat with us.
John, it goes back to... And I'll take it on. It just goes back to what I said earlier, leveraging the platform and leveraging the business model. Both those things come together to kind of work with our customers, to show them, like, the better path, we think.
We all appreciate the transparency today. We know there's still uncertainty out there, but you gave us a lot of information, so thank you.
Thanks, John. All right, Itai.
Thank you. Itai Kidron from Oppenheimer, and, also, I would like to echo other comments here. Great event. A lot of information and transparency. Thank you so much for the detail. Maybe I'll try to piggyback a little bit on John's question. I'm trying to think about the long-term tail impact of the event on you, not next two quarters, but to the middle period, the two to four years out. Burt, you talked about the free cash flow, neutral impact of the financing program at the beginning-
Yep.
And at the end. But would it be fair to say that 2026, 2027 are probably headwind years for, on free cash flow margin in those years, as customers start adopting this, and then perhaps 2027, 2028, more neutral as you, you know, you start getting into some balanced level of usage of the program, and year over year comps get kind of normalized on that front. And the second question, which also kind of related that on the ARR impact, you gave two examples here on the CCP program that illustrate how you can turn this situation into an ARR expansion opportunity for you. That's fantastic.
But I would say one would think that if the event didn't happen, the ARR would have been even bigger, if you didn't have to engage in, in that kind of a way with a customer. And so I guess the question is, and given the duration of those deals, is it fair to say that ARR will be impacted by this event for as long as three years, perhaps? Clearly, in a declining manner, but could the long-tail impact of this be that long?
So lots to unpack there, right? So we'll start with the cash, right? The thing I said about the financial services, so there's going to be minimal impact, and then I kept the target, right, in terms of SCF. I think that when I... You know, in cash, there's a lot of different forces that are taking place, right? So, you know, when you talk about, you know, the Flex program and some of the larger deals, I mean, you're going to bring in more cash at that point, right? When you have- when you sign up the deal. So for free cash flow, I still really feel, you know, there's a lot of forces that are going like this, that at the end, get me back to the target model.
In terms of ARR, you know, and I'll give more color, obviously, at the end of Q4. I mean, there's gonna... Again, there's a lot of dynamics that are taking place, right? We want the customers to adopt more now. It could go, you know, depend- It's really bespoke, what I talked about. It could be, you know, duration could be, you know, different for everybody. It could be... You know, for the most part, we have one-year deals, so it's going to be in that timeframe, but there could be some that are impacted for longer, and there could be some that could be impacted even shorter, right? There could be a midterm kind of or a pull-in in terms of customer wants to renew now.
... for a variety of reasons, and their renewal date isn't up yet, so we can have, you know, a six-month type of impact. So there's just a lot of things that are, you know, taking place that give that give it less visibility for me to be able to answer that question more fully. The idea, as I've said to many of you in the room, is that when I have that visibility, hopefully some of it by the end of Q4, then I'll be able to share it with you and have a better perspective for everybody. But right now, we're all in the same boat, right? We want to see how customers are going to adopt not only Flex, but how they're going to adopt and what piece of the commitment package they're going to choose.
You know, we're doing our best to show them a path towards more modules. We think it's the right answer for them. More modules, more safety, more security, and works for us, right? Simple, easy to use, it's just so elegant, but stay tuned.
I do think, though, just one piece of your question was, what, what does it look like? What was the impact, ARR, et cetera. I, I really think you have to look at the, the acceleration of Flex adoption. I mean, you know, it was moving, right? But, but all of a sudden, now you have everything's catalyzed around Flex, and you got people moving over to it very quickly. I, I think that, you know, that's a, that's a positive thing for the company, and that's, you know, something you got to think about in, in, you know, the, the mid to longer term period. The more people on Flex sooner, I believe, is a net positive benefit to us.
Just to follow up on that. What would you have been as aggressive on pushing Flex if July nineteenth would have happened right here, right now?
It would have been a normal course of Flex, of new deals and renewals coming up, right? But now we have the ability to go back to everybody. I mean, you have the ability to quickly accelerate Flex adoption, which is why, again, it's good for the customer, but it's also good for us.
Joe.
Hi, Joe Gallo from Jefferies. Thanks for the question. I'm just curious if there's been any change to the competitive win rates or pricing environment. Are competitors trying to do any unnatural things in the environment to take advantage of the IT incident? And then tangentially, you've talked a lot about, you know, resiliency by design. Is that a competitive differentiator now, or will that play out over the next year?
Yeah, it's a couple of good questions. I'll let Mike, and I tagged him the first question, and I'll take the resiliency by design here in a minute. So when you look at what's going on in the marketplace, sure, you're going to hear a lot of noise that's out there. I mean, you know, that's kind of a natural evolution. And you know, I was having a conversation with somebody, and they said, "You know, you can be an ambulance driver or an ambulance chaser. You need to figure out what's going on." I think customers appreciate people, you know, driving the ambulance and taking a thoughtful approach about it, and there are many in the industry that have done that, and there's certainly a handful of companies that haven't. And I think that actually, customers see that.
Let me start there, then when you get into the dynamics, again, what does that mean? People have been doing crazy, stupid things for a long time. It doesn't mean it's going to change, and while there's noise in the system, again, our customers are our best example of how they feel about the product and the technology. They feel it's the best by any count, in any you know, a number of analyst reports or what have you. It's the best technology, the most innovative company, and I think that's going to carry the day, and what people realize is how we've handled this, transparent, open, you know, accountability, made the changes very quickly and still drive innovation. I think that's going to bode well for us, so when we get into a situation...
Look, if we need to be creative, and we need to win a deal, we've got lots of tools. We went through lots of them, and we'll see where it all shakes out. But I think ultimately, you know, if we do the right thing by customers and prospects and, you know, take the high road approach, I think that's going to serve us well. Anything to add to that?
Yeah, technical win rates, we haven't seen a big change, and early where you'd see that anyway. What I would say is, you know, we're having more conversations with people where they're asking questions, as you would imagine. And you know, you've all seen, you know, the various things that some vendors are saying. Some are, some have been really good, really professional, you know, and, you know, credit to them. Some have been pretty noisy, you know, talking about architectures and other bits and pieces. But here's the reality: if a customer does a POV with one of those platforms, they get access to their platform, they get access to their point product, they get access to their release notes.
So they see these claims of, "We don't have blue screens." Suddenly they read the release note that says, "Oh, don't upgrade to this version, because we had a problem with NVIDIA drivers. We blue screened everybody." They have access to the release note that says, "If you have HVCI turned on, we blue screened everybody." They have access to August thirtieth, where some of them blue screened other machines. So you know, take some of the noise that you see out of it. It's very easy to sit down with somebody, to George's point, and have a pretty open conversation. "Here's what happened. Here's how it went wrong." Today, we talked about one of the things that I said on stage. We've got this third-party review from Accenture. They've gone and looked at everything.
They've looked at the RCA, they've looked at the findings, and you've all talked to people here today that have said, you know, we're, you know, kind of getting on with the next evaluation, Identity, everything else. So, customers get that. You know, take the billboards and the signage that you've seen aside-
Mm-hmm.
-which are quite silly, to be honest. So we haven't seen change there. It's not to say it won't, somebody won't just make a emotional decision, but I think people are loving just being open about it. It happens. You know, we don't want it to happen again, and we're demonstrating why it won't. And they're the big conversations that we're having with people. The controls that we've added are well beyond what they get from other vendors. And again, people talk about architecture. This concept of, we call them content files, other vendors have live updates. They do the same thing. We're adding more control, we're adding more granularity, so people like that.
I think what you're actually finding, just to put a finish on it, people aren't asking us what we're doing for content controls. People are asking everybody, "What are you doing for these controls?" This quick response that we've put in to add more granularity and visibility and reporting is actually helping the conversation.
Yeah. And that's the last piece of the question, and then we'll move on from that. We will be world-class in this area. And to Mike's point, everybody's asking about it. You know, we wanna hand over the proverbial binder to somebody and go, "This is how it works. Here's how it happens. Here's the controls, and you have everything, and we check the box in every regulatory environment." You know, we are the best in leading by example, resilient by design in everything we do, and allowing our customers to be able to take that resilient by design and leverage that in their own environments.
All right, we'll ping pong back over. I see Joel's hand shot up really fast, so go ahead, Joel.
Joel Fishbein, Truist Securities. Thanks for the question, Burt. DB, for you, since you haven't had a chance to talk, I,
You're doing a good job.
And part of Burt's plan was to, you know, part of the path to 10 billion was channel partners and partnerships. Haven't heard much about it. Obviously, Accenture was here talking about it. Tell us what the plan is to build out partnerships, not only go to market, you know, in the lower end of the market, but some of these big system integrators and.
Sure
... partners that you're building out. Thanks.
Sure. Over the last year and a half, we're really on the radar and building practices around the GSIs. We talked about that in our last earnings call, the growth of that business, triple-digit growth over there. So the breadth of the platform really brings that to light, and we become a very actionable and interesting business for these GSIs to build. We have a very strong go-to-market worldwide with what I would call national partners, whether they're pan-Europe, country-specific, pan-Asia, and then, of course, pan-US. We really do a great job in that category. We're doing more with some of the regional players. That's an area where we're doubling down. And then our MSP business, it's one of the fastest growing businesses within CrowdStrike. So it's a full stack approach. You can see new partnerships that we do.
We announced about a week ago, 1Password. They're bringing us to market for a bunch of SMBs. So it's filling out the entirety of really that the triangle there. There's actionable opportunities across the board, but really, the GSI opportunity becomes very big and transformational as we talk about these large Flex transactions that we're working on.
Ping pong back. Hamza, go ahead.
Hey. Hamza Fodderwala, Morgan Stanley. Thank you for taking my question. I also had a question for, Daniel Bernard. Daniel, you've done a great job, helping run the partner program at CrowdStrike, as well as other companies. I'm curious, how is Falcon Flex helping to increase partner engagement, particularly with those partners who, you know, may have more incentive to sell other vendors, right?
Sure.
So just curious how that's working out.
I think it really tips the scales in our favor because it keeps the partner engaged throughout the subscription term. If you think about a module sale, a module sale happens, and then the customer uses the product, and some. And it's immediate time to value. Some partners will develop their own bespoke services. Great. What's beautiful about Falcon Flex is there's an earning opportunity upon commencement of the deal. Go do a big deal, land large, do a multi-year deal, and then as the customer utilizes the commitment, and we want the partner to really be that catalyst to turn it on, that creates more monetization opportunities for that partner in terms of how we compensate them. And ultimately, we want them to be doing that new Flex that George showed, doing that new Flex and leading that discussion.
This really puts the partner from the passenger seat into the driver's seat of growth and acceleration and all the conversations that we have. If you look at kind of a silver lining of how we're engaging with our customers, Flex is really a protagonist, a main part of the discussion that we have with our partners now. Whereas before, a year ago, you know, it was new. We're working with some of our larger partners on it. Now we're really taking it... It's prime time. We're taking it mainstream, and every conversation that we have about it, people are excited about it 'cause it keeps them engaged, and it gives them an opportunity to really help a customer, to be relevant to the customer, and to not have to necessarily worry about another partner coming in for another module.
So there's a nice incumbency piece of this as well that makes it very attractive.
I'll jump in as well. I mean, one of the things that I talked about at the partner event yesterday, that DB had me talk, there's a huge services opportunity for the partner because if you look at the number of modules, you heard from the guy at Deloitte, that's a huge opportunity for the partner to go in there, to look at design services, to look at configuration services, to look at deployment services. They're building managed services on top of that portfolio as well.
SOC transformation.
SOC transformation. So if you go back to the early days of CrowdStrike, when there's one module, the services conversation was this: hit enter, five seconds later, the product is installed. It's still that quick, but now you have other modules, you have other workflows, you have the opportunity to use Foundry to build different apps, maybe. So partners actually love it because for them, their time with CrowdStrike is now.
Bingo.
Maybe we have time for a couple more. Keith?
It's Keith Bachman from Bank of Montreal. Thanks very much. And Burt, you mentioned SOC. It was interesting, when he walked in at 11, his hand was already up, so
That's funny.
That is funny.
The first question I wanted to ask is, how do you pull it back? And what I mean by that is, post the July incident, you're offering some incremental discounts that you probably wouldn't otherwise do it, and there's some sense of a time duration associated with that. But customers are getting conditioned to that. Your partners are. Palo Alto's doing, frankly, some similar things, where they're offering discounts for a certain length of time. But how do you pull that off the table, and how does that not become a recurring part associated with your ongoing revenues or ARR, as the case may be?
Yeah. Maybe I'll take that one. When we think about, you know, these one-time discounts, and again, I want to reinforce this, these are normal course of doing business. Happens all the time, and in competitive, you got to, you know, deal with what's in front of you, but Falcon Flex, I think, helps take a lot of it off the table because the next time that renewal is up or what have you, or the funding, it's, "I'd be happy to give you a greater discount. How much more can you commit?" That's the conversation, and by the way, they're conditioned to that because that's how it works in the hyperscalers. The more you commit, the greater the discount, so we're happy to give them a greater discount, the more they commit.
It moves from like, "Hey, I just have a standard BOM and a discount," to, "We can give you a greater discount. Let's just talk about the dollars, you know, that you can commit and over the term you want to commit." That's really where we're moving it. Rather than get just, you know, locked into something, you know, that's a one-time, and then having them try to roll that forward. I mean, customers, they're all smart. They got procurement teams. They know how it all works. They know licensing. Everybody's going to have a conversation, but if we move them towards the benefit and the value, right, it's not just about how much you're paying. Like, we know if you're buying CrowdStrike, there's not a whole bunch of extra additional heads.
In fact, you probably, you know, can remain flat, those sort of things. That is where we're going to sell the value and, you know, not get trapped into, you know, just rolling all these discounts forward.
Yeah, I agree. Maybe one more from this side. Yeah, Gregg.
Thank you. It's Gregg Moskowitz from Mizuho. Thanks for a great day and a really successful conference. So, you know, if I look at your three high-growth areas that you've called out, metrics for, right? Cloud Security, Identity, Next- Gen SIEM. So based on the $10 billion ARR guide, you're effectively expecting, in the aggregate, these three high-growth areas to make up about 50% of your total ARR, you know, by that point, that's up from roughly 25% today. Now, when I look on the positive side of the ledger, I see three products that have momentum. Clearly, by my estimates, the penetration rates, especially for Identity, Next-G en SIEM are quite low. Even Cloud Security, in many cases, customers haven't deployed all or even most of the modules, right?
So there's a lot of runway here, and then you have Falcon Flex as an additional tool to really sort of drive the adoption. What I'm wondering about is the converse. If you're looking out again between now and, you know, that $10 billion number by, you know, fiscal 2031 or so, what worries you? What could be an impediment to seeing the kind of success that you're currently seeing in these three areas? Thank you.
You want me to jump in or you want-
Yeah.
Yeah, look, I think, you know, touching on the first half of your question there, Gregg, I mean, the big thing for me is the point that you made around very low adoption today. We have such a long runway to go with those modules. You know, as successful as we've been with the basic EPP capabilities or with Identity or with cloud or with Next- Gen SIEM, you know, great success very quickly in many of our different modules. We're still at a very early innings, which is the opportunity statement that to focus on. If you look at where we are in Next-G en SIEM, we are at the very start of that particular journey. I'd even argue with cloud, we're at the very start of what we want to do there.
So, the focus for us right now is to continue to innovate, to continue to sit with customers and understand the problems that they're having, that has them spending money on other solutions, that has them thinking about, you know, niche startup features that they want, and to keep building out that capability and to continue to grow out that market share. So at the moment, for me, it's more about thinking about investment, thinking about how quickly we can build out those features, how quickly we can mature that capability. You know, what do I worry about? We have twenty-eight modules. We have core platform features like Fusion SOAR. We have real-time response in the platform. We have Foundry.
When you have 28 modules, trying to get people to understand the features of all of those modules becomes harder, as you build that out. So, you know, I want to make sure that every customer knows every product for its own merits, and that's one of the things that we have to work, you know, a lot harder at, so people know, I need a cloud requirement, CrowdStrike. I need Data Protection, CrowdStrike. They go to our website. Every website, every microsite for every product stands alone as its own category, and that's something that, you know, as the portfolio grows, you get all the benefits, but you also need to think about your go-to-market messaging. I have to think a lot about the sales team.
I have to think about partner enablement with DB, to make sure that people can make sure that when they go to talk to somebody that's asking a Palo question, somebody that's asking a Wiz question, somebody that's getting something that they can answer the question, so investing in specialists, in enablement. But that to me is just normal course of doing business. You know, we have to keep getting better at it. It's sales training, it's enabling our people, it's enabling our channel, and you know, I think we've shown quickly we can do that, and a good use case example is July nineteenth. Our sales team and our partners mobilized in minutes, and they were out working, solving, helping, and it's just, you know, you plan for these things, and then you hope you never use them.
But when they do, I mean, I was pretty happy with the way people just grabbed hold of the breadth of the tools that they had and went with them, so we'll keep focusing on them.
I know we're out of time, but, we probably have time for one more. I see Fatima still keep her hand up, so we'll end with you. Yay!
Fatima Boolani from Citi. Thank you so much. So much pressure, I better ask a good one. Mike, just on the thread of what Gregg asked you, so if I allude back to your slides around, hey, about 50%-65% of the entire business is going to be derived from these core emerging kind of escape velocity areas, right? So, you know, conversely, do you have any thoughts around how we should be thinking about what the core franchise or the traditional EPP, EDR business is going to look like? Just from an estate evolution standpoint over the arc of the next couple of years.
You know, this question, the genesis of the question really is: How do you expect your volume and penetration share of the estate to change over the course of the next, I guess, five, six years? Because you do have that beachfront estate. I'm going to get greedy and kind of ask you a related tangential question. The collaboration that you have with Microsoft around, you know, what the post-kernel security architecture is going to look like, how much of that is going to influence what the core franchise is going to do outside of the emerging product areas? Thank you.
Yeah. Let me try to answer them together because I think they are, you know, they can be answered together. I mean, firstly, there is no post-kernel architecture. Let's just kind of be clear on that. We talked a lot about that on the earnings call. George touched on it. The kernel today has two thousand-plus drivers that run there, gaming, consumer security, enterprise security, VPN software, backup software, virtualization software. It's not a trivial thing to say we're all going to get locked out of the kernel, including Defender.
Now, if Microsoft does decide to go down the path of slowly tightening up what's in the kernel and using kernel extensions, and those kernel extensions allow us to provide the security efficacy that we do as an industry, they give us the ability to have tamper protection, they give us the ability to have performance and visibility, great, we'll use it. And if you look at, and I think George says it really well, if you look at when CrowdStrike started, a lot of the capability that exists in Windows 11 , it wasn't in Windows 7, so we did things at our own way. And as you started to see features come into Windows 10 and more features come into Windows 11, we leveraged those features same way that we do in macOS, the same way that we do in Linux, as an example.
So we don't have an issue with that. And if it's something that, you know, as an industry, we can come together and talk about how we evolve that. Many people have asked me about eBPF for Windows. Maybe that's an answer as well. Great, we'll, we'll work on that. But we're talking a multi, multi-year effort because it's going to require a lot of people to change their architectures outside of just security. And that's everyone. Pick your favorite vendor, everyone's in that same boat. So that's kind of that second part of, of your question, I hope. And you can check to see which drivers are in the kernel. Like, you just go on Google, Windows kernel drivers and use the word Altitude, and you can see... You've got to register your products.
You can see all the names of all the vendors, and you can see there's a lot of vendors that have a lot more drivers running in the kernel than we do. Then the first part of your question, again, we've been incredibly successful with the core part of our platform, but we still have an insanely huge opportunity ahead of us, where the market is still using legacy AV. The amount of organizations that call us week in, week out, because they've had a breach and their existing legacy products failed, you know, pick which vendor you want, bucket them all in there.
The amount of people that have contacted us and said, "Hey, we went and tried the so-called next-gen AV that gave us an insane price opportunity, and it failed." Or, "We went and we leveraged the operating system security, and we realized good enough wasn't good enough." That is still a big part of that opportunity. So that's the first part of that answer. And the second part of the answer is, remember, the core is the delivery vehicle for everything else. You get Identity through the deployment of the agent. You also then have the opportunity to say, "I'll pick device control, I'll pick DLP, I'll do the agent runtime for cloud. I'll add some of the additional functionality." So the agent is core to everything that we do to continually build out that capability.
For us, having the ability to have a friction-free evaluation process, you want to solve Identity today, great. Somebody calls up and says, "Hey, we have a problem where, you know, we need to have visibility. We think we may be losing some data. Tell us about your DLP product." That's the demo, and then it's working. And then you can continually build out those pieces. Trial to pay. You know, people come to trial to pay, and I know I'm giving you a long answer, but it's important to understand. People come to trial to pay 'cause they wanna do Next- Gen AV. That Next- Gen AV becomes a six-figure deal because they've gone and added additional components along the way, because once they have the agent, they can go a number of different ways.
So I look at our core APP opportunity as hugely important to our growth, because we've been successful, but there's so much more to go.
I just wanna follow one point on the kernel piece, 'cause I think you fully addressed that. But there are incredible benefits of being able to run in the kernel, and that's not gonna go away anytime soon. As Mike said, if there's extensions, great, we use them. But keep in mind, there is a performance advantage of being able to run in the kernel, period. Why is it that CrowdStrike has the best performance in the market? Well, we've got the best architecture in the market. Why is it that we're the only technology that you can install without a reboot? Because we've thought about it for many, many hard years.
So I just wanna make sure that we, we sort of ground everybody on that fact, that there are many, many advantages to, not just us, to others that run in the kernel. It's not gonna change anytime soon, and as Mike said, as new capabilities come out, A, we're gonna be part of the definition of it, right? Which you saw yesterday. And we're also gonna be one of the adopters, because we're gonna help define it with Microsoft and others. So we have no issue with that, but I just wanna level set, 'cause there's a lot of misinformation that's out there. There's a reason in Windows why people run in the kernel, and there's a difference, 'cause you hear this argument: "Well, Mac does it one way, Linux does it another way." Windows is a different animal.
In Windows, you literally can take an old binary from almost like XP and run it in Windows 11. There's a reason for that because of all the backward compatibility. You can't do that in other operating systems, right? When you look at the Windows kernel, it's supported on every flavor of Windows. There's a reason for that. Mac and Linux have a different model, different kernel extensions, different, you know, builds. You can't just make a change very quickly and say one size fits all. So I just wanted to make sure that we level set on that piece. It's there for a reason. It's been an architectural open ecosystem since the thing started, which was, you know, Bill Gates' model. The thing is open. We're part of it, and there's some real advantages. And I always...
In my personal opinion, I think it's always gonna be a bit of a hybrid model of what's in user mode and what's in the kernel. We have a hybrid model today, and again, as more things come out that we can use, we'll use them. That's kind of the simple version of it.
That was a great question to end on, Fatima, thank you for that. Great answers. So first, on behalf of George, Mike, and DB, Maria, Will, my extended IR team and everybody at CrowdStrike, big thank you for coming. Big thank you for your questions, and we look forward to seeing you and talking to you in the near future. Thank you, everybody.