CrowdStrike Holdings, Inc. (CRWD)
NASDAQ: CRWD · Real-Time Price · USD
468.84
-7.69 (-1.61%)
May 6, 2026, 12:59 PM EDT - Market open
← View all transcripts
Investor Briefing
Apr 8, 2021
Welcome, everyone, and thank you for joining CrowdStrike's Investor Briefing today. I am Maria Riley, Senior Director of Investor Relations. We have a great lineup, and we hope you find this session informative. Today, you will hear presentations from George Kurtz, our Founder and CEO and Bert Podbear, our CFO. Then we will open up the session for Q and A.
And use the raise your hand feature on the bottom of the meeting window. When you are selected for a question, please be prepared to turn on your video and unmute There might be a slight delay as you are prompted into the live queue. Before we get started, let me remind you of our Safe Harbor and the risks associated with forward looking statements. For additional information, please see the risk factors in our SEC filings regarding any forward statements. Additionally, unless otherwise stated, excluding revenue, all financial measures discussed in this presentation will be non GAAP.
Please refer to our disclosures on why we use non GAAP financial measures, and the reconciliation table is showing GAAP versus non GAAP measures referenced today in the appendix of the presentation, which will be posted on our Investor Relations website shortly following the conclusion of the webcast. Without further ado, I'd like to hand it over to George.
Thank you, Maria, and thank you all for joining us today. It's still early days for CrowdStrike and we believe the best is yet to come. We're going to take you through our story of where we are today and where we're going. And as you've probably heard me say, CrowdStrike is much more than an endpoint company. And we will take you through exactly why That is and why we believe there's a large untapped opportunity for sustained high growth at scale while also delivering strong unit economics.
So when we think about the category defining cloud platforms, when I started the company, I looked around and saw Salesforce and ServiceNow and Workday and Each respective cloud they created, whether it's a CRM cloud or the service management cloud or the HR cloud. And there really was no Security cloud, it wasn't built by any of the companies that were out there. There was no fundamental platform company built from scratch to deal with security, Creating the Security Cloud. So this is something that was really important to me, something that we focused on and something I think we've achieved. I certainly want to highlight one of our major achievements that talked about in Q4, which is achieving $1,000,000,000 in annual recurring revenue as one of the fastest growing SaaS companies behind the likes of Salesforce and Zoom.
We don't see it as the finish line. It's really our jumping off point, focused on building a much larger company. And Today, I'm here to share our vision of getting the $3,000,000,000 plus in ARR and beyond. And we're going to focus on how we're going to do that with our technology, our people, Our market opportunity as we continue to grow our total addressable market. There's a couple of key areas that we continue to focus on.
One of the core elements of CrowdStrike since the beginning is really driving innovation. We pioneered cloud, Endpoint, security, now workload protection. We built things that people said were impossible. We created categories before they add names And we will continue to drive innovation throughout our product offering. We're also going to capture the secular trends.
We know the threat environment continues to change. And we also understand as people migrate to the cloud, the secular trends that go with that, the ability to actually secure these cloud workloads. With that, we've expanded our TAM, we've gained market share and certainly increased wallet with our customers. If you look at our rapid and efficient growth at scale, it's thing that I like to talk a lot about is that not only have we built a very scalable technology platform, but we also built a very Scalable and efficient sales machine. And when we look at whether it's a rule of 40, only eclipsed by Zoom, when we look at the payback period, 15.9 months Subscription revenue growth rate and run rate year over year.
So we're extremely proud of not only what we've built, but the efficiency in the model that we've created And we continue to see that pay dividends going forward. So when we IPO ed the company, we started with 10 modules And we rapidly innovated the platform because we spent the time and effort to build a platform that had the scalability of the single lightweight agent, The Threat Graph and the ability to modularize new workflows on top of that. And since that time, we've made considerable progress, Adding more modules to take the total to 19 modules as it stands today. We've entered different markets. We've acquired several companies.
And we believe that this platform approach has served us very well and it shows up in the ability to cross sell into other customers in our module attach rates, Which we'll talk more about. So for FY 2021, there's some key technology achievements I want to take you through. First is identity security. We thought this was a very important element to Crouch Wright, which is one of the reasons we acquired Preempt. We've seen Sunburst and some of the related And we realized how important identity is to actually securing endpoints and workloads.
We dramatically expanded our cloud security offerings, Run time, visibility, cloud security posture management and we continue to be a leader in that space. 0 Trust, The ability to actually enforce policies and provide scoring of the health of the system and the users. We've added forensic capabilities Within our platform, which is a widely requested feature and has been very well received, we continue to support many different operating systems, continue to build out our workflow And we're really pioneer in endpoint security delivering store partners and infrastructure that they can actually gather data, Obviously, opt in by customers and create their own unique workflows while leveraging the very valuable real estate that we've built at CrowdStrike. So what are the strong secular themes driving demand? Well, 1st and foremost is digital transformation.
With the pandemic, there aren't many companies that haven't Focused on accelerating their digital transformation and their movement to the cloud, we see emerging cloud workloads as a critical Growth area for CrowdStrike. We have the ability to not only protect those workloads, but also provide visibility into what's happening and also the configuration of those workloads. And you combine that with an elevated threat environment and it's where the perfect storm for strong secular growth for many years to come. And we believe, As I've said before, that security isn't the nice to have, it's a must have. It's equivalent to shelter in the hierarchy of corporate needs.
So let's talk about our TAM evolution. At IPO in 2019, we had a $25,000,000,000 TAM. With our current portfolio in 2021, We believe that TAM is $36,000,000,000 And in 2023, we see it growing to $44,000,000,000 What's really exciting for me As we believe, we have a path to increasing our TAM to $106,000,000,000 in 2025. And the ability to get there is really focused in a couple of areas. 1st is organic TAM growth from the existing modules we have.
2nd one is a very innovative product roadmap. 3rd is future initiatives that we're working on. And lastly, our cloud security opportunity, which we're really excited about and we'll talk more about here in a minute. So let's talk a bit about FY 2025 Estimated global unit opportunities. If we just take PCs as an example, almost 1,000,000,000 PCs available to protect 900,000,000, 6,000,000,000 global mobile devices, which we also protect, 70,000,000 global servers.
These are physical servers. We believe there's a lot more virtual servers to protect. We'll talk a little bit about our cloud opportunity in a minute. And over 10,000,000,000 global IoT devices. So when we think about CrowdStrike, we are the perfect company to protect these devices as a threat environment continues to evolve As the proliferation of workloads and servers and devices continue to grow, CrowdStrike will be there to capture this market opportunity.
And just to put this in perspective, if you look at Cloud Pioneers and where CrowdStrike is in our early days of customer acquisition, You can see ServiceNow with a total of 7,000 customers, Workday 8,000, CrowdStrike 10,000 as the youngest company on this list And Salesforce at 150,000. So we're really early into our customer acquisition journey. We're really proud of what we've achieved so far. But In the grand scheme of customer acquisition, there's still a long way to go and that's an exciting opportunity for us. If you layer in other companies like Trend and VMware, you can see the opportunity when you look at the total customers they have.
And these are all companies that have security needs, Small and large companies and it just gives you a representative example of how many companies are out there. So we believe we're certainly in the early innings of Tapping our market opportunity and early in the customer acquisition journey. So let's talk a little bit about the cloud, one of my favorite topics. And one of our last webinars, we talked about the 10x opportunity in securing cloud workloads. There's just too much complexity and it really It's a greenfield opportunity when we think about cloud workloads.
There's not a lot of protection in these cloud workloads today. Many of them have no protection. And CrowdStrike has built an incredible portfolio where we protect 1,200,000,000 plus containers every day, Focused on runtime protection, workload protection, posture management, threat hunting, Identity, security, all focused on the cloud. And in 2023, we think the cloud security opportunity is $12,000,000,000 plus. And I would refer you back to our webinar that we did last year in 2020 that really goes through the math behind this.
But we believe that the market is under secured And underrepresented in terms of the ability to actually penetrate this market. So it's a big opportunity for us. We've got multiple avenues to attack and we continue to build out our portfolio. All right. We'll move to 0 Trust.
This is an exciting area for us. ZTX And our framework, when we think about 0 trust, it's about people, workloads, networks and devices and tying those together with data. You trust nothing, you verify everything and you anticipate the breach. We've been working very closely with other security partners to provide scoring and a framework Because we have visibility of what's happening on those endpoints and what the user is doing and the hygiene of those workloads and endpoints. And not only can we provide visibility, but we can also enforce Policies and drive conditional access requests and prevent users from being able to get to places they shouldn't or do things that they shouldn't be doing.
One of the big areas around this certainly is lateral movement. And with our preamp technology as well as what we've built before the acquisition, We've got a very compelling architecture to be able to identify and prevent these sort of attacks. And this really is highlighted by the Sunburst activity and just How important it was for companies to be able to identify unused accounts, accounts that have been abused or administrator accounts as part of an overall campaign by nation state actors. So the 0 Trust ecosystem, one of the things that I do like to talk about is where we sit versus So obviously, we've got a very unique view of the endpoints and workloads, whether that's in a standard corporate environment for desktop PCs or whether that's in a cloud, in a Kubernetes container environment. And we have the ability to basically score and understand the health of that system.
Again, what users are doing and then be able to provide that information to other identity providers like Okta, Ping, Azure and others. So we're focused on the endpoints and workloads. We work with and partner with many of the other identity players in the marketplace and provide our scoring. This one of the things we just announced very recently with Zscaler where they're taking advantage of our 0 Trust architecture and our scoring mechanisms. So very excited about this, more to come.
And obviously, we're really excited about Preempt and what that provides to Crouch Wright and its customers. So I'll move on to Humio, our latest acquisition, one of the most exciting acquisitions that I've been involved with. And when we think about data growth and certainly security data growth and the complexity that we see in most organizations and the budget pressures that companies are under And dealing with legacy vendors, we think that there's just a exponential amount of unstructured data sets that are out there They're growing so fast that it's hard for organizations to actually get a handle on it. And that's where Humio comes into play. The ability to actually log everything and answer anything in real time.
And Humia works with any data format, whether it's structured or unstructured, You don't have to define all these fields upfront. You can ask questions of the data, whether it's live or archived. And one of the really interesting and compelling Pieces of Humio is that it can ingest the state in real time without any lag. So you can create live searches as soon as you start ingesting the data. And when we looked across the environment, various competing technologies, we just didn't see anything as compelling or innovative as Humio.
So Humio Provides a few things for us and a few advantages over other technologies. 1st, index free. So we don't actually have to have an index, Which takes time and effort and simplifies the ability to ask questions and log everything. It's real time. So you're getting immediate value as soon as you start ingesting data.
It's cloud native, it's multi tenant. And what a lot of customers love, it's unlimited ingest, right. So the ability to ingest data and log everything, Which provides amazing speed. When we did our tests before we did the acquisition, we were blown away at the amount of data that can be adjusted, the efficiency of it. The fact that it actually compresses all this data 15x any competitive technology and still allows you to search into that data.
So It provides a much lower TCO over the life of the technology. So what is Humio going to do for us? 1st is to redefine XDR. There's really two areas of Humio. First is on the security use case.
The second one I'll get to in a minute with log management. But redefining legacy XDR is really important. And I would say that XDR is one of the most overused overhyped words in the industry. And it's not just about creating bigger needle stacks, right. It's about taking the right information at the right time, combining it together, leveraging our threat graph And being able to create insights that existing products just can't solve.
Some of the issues with traditional SIM and other technologies of the past, They just take so much effort and care and maintenance to get you to the outcome that you're actually looking for. So stay tuned for more on our XDR. Obviously, we're going through the roadmaps. We'll come back and hopefully have an update as we continue to evolve the technology. But we're really excited about that.
So that's one piece of Humio. The other piece is log management and observability. And that's the full Humio product as it stands today and we will continue to support that and also integrate that into our platform. So it's really 2 use cases. It's security and then it's log, any other technologies that you're looking at as well as the observability mark.
So Again, still early innings for us, more to come on that, but very exciting, very positive feedback from our customers. And I think it's a perfect complement to our threat graph And what we've already built. The other area that Qumio provides is support for other modules, Right. The ability to integrate with Overwatch and complete in our intel offerings to support data ingest from our Threat Graph and our services team And obviously support our CrowdStrike store partners. So it really is a fundamental technology that the Falcon platform will continue to leverage.
It will support security use cases and non security use cases like log ingestion and observability. So really exciting and more to come on that. So in summary, I really wanted to tell you how excited I am about this opportunity. To get to $1,000,000,000 in annual recurring revenue, The likes of Zoom and Salesforce in terms of speed and efficiency. To have a line of sight to $3,000,000,000 in annual recurring revenue growing to 10,000,000,000 And to be that fundamental cloud platform that really changes security the way we know it.
If there's one takeaway from my presentation here is that CrowdStrike is much more than an endpoint security company. We're a platform company With the ability to go into adjacencies like log management as well as identity and we'll continue to expand our module offering starting with 1 module, Tenant IPO 2019 today and our fundamental core principle of data. Once we've got that data, the ability To reuse that, create new modules and more importantly solve some really compelling use cases for our customers. This is just the beginning and it's been a pleasure to chat with you today and I look forward to your questions later. With that, I'll turn it over to Bert.
Thank you, George, and hello, everyone. Let's get right into it. Last year was a year of milestones. We delivered a phenomenal year, setting new records in multiple areas. The really big milestone for us, as George mentioned, was ending ARR which surpassed $1,000,000,000 up 75% over last year.
We also added a record $450,000,000 in net new ARR, up 56% over last year. Additionally, we added a record number of net new logos, which increased 53% over last year. What makes these growth milestones even more impressive Is that we achieved them while at the same time improving our margins and delivering strong unit economics. We hit 79% non GAAP subscription gross margin, a new record. We achieved non GAAP profitability for the first time and we delivered an operating margin of 7% for the year.
We also delivered a free cash flow margin of 33%, also a record. These milestones demonstrate the power of our model. As George mentioned, we delivered rapid and efficient growth at scale, comparable to best in class SaaS companies that you can count on one hand. Let's now take a deeper dive into our growth to date. With strong secular tailwinds and the combination of our cloud native architecture With both a highly scalable threat graph and a single lightweight intelligent agent, we were able to achieve a rapid ARR and revenue growth at scale with Subscription revenue being the primary driver of growth.
The good news is that we are seeing strong growth in both domestic and international markets With a long runway to continue gaining share. We are also very pleased with our services business, where we saw strong growth, which was higher than our expectations. Service revenue made up 8% of our total FY 'twenty one revenue and although small, it is very strategic to us. For every $1 spent on services since February 2019, we garnered $5.51 in subscription ARR, And you can see how this has grown significantly over the last year. And it's a symbiotic relationship.
Our tech helps drive our services engagements. While our team members have great experience and expertise and are a critical element to our success, the Falcon platform And our remote forensic capabilities differentiates CrowdStrike from others in the market. We have set the gold standard for services engagements. Once we are called in to help a company clean up an incident or a breach, which another vendor's inadequate software was unable to prevent, we quickly do the forensics work, The investigation work and generate the required reporting the company needs. At this point, the company sees our value and we then leverage our professional services team to So in a nutshell, our professional services team comes in, executes quickly, Helps to sell our platform and then leads.
This is a very different approach than what the other professional services leader in the space does, Where they come in and want to stay at the company for an extended period of time, which is both expensive and inefficient. Now let's move on to how we'll achieve the $3,000,000,000 plus in ARR that George talked about earlier. George ran through the TAM And the market opportunities available to us to achieve the $3,000,000,000 in ARR and beyond. Now let's take a deeper look Into the mechanics and dynamics of our business that we believe will help us reach the next level. The path to $3,000,000,000 plus in ARR.
As I'm sure many of you can appreciate, as a CFO, I love math and the dynamics of a recurring subscription model. I also love simplicity. So let's look from a mathematical perspective at the net new ARR generation required to reach $3,000,000,000 and beyond By FY 'twenty five. If we just repeat FY 'twenty one and generate approximately $450,000,000 in net new ARR for each of the next 4 years, That gets us to approximately $3,000,000,000 in ending ARR for FY 'twenty five. And to repeat, that is without any net new ARR growth.
That is not to say that we will not generate net new ARR growth between now and then. It is merely an illustration of the math required to reach approximately $3,000,000,000 in ARR by FY 25. Looking at this another way, every 10% CAGR you layer on to FY 2021 net new ARR growth Equates to at least an additional $500,000,000 in ending ARR in FY 'twenty five. And importantly, As we think about our opportunity to get to $3,000,000,000 and beyond, we see a path to this next milestone by leveraging the business we have today With minimal contribution from Humio and Fient and without a reliance on the future initiatives we discussed. As George mentioned, we see many opportunities available in the market today.
I will focus on our ability to execute on these four opportunities at hand. 1st, continuing to take market share by landing customers at a rapid pace across all facets of the business market. 2nd, capitalize on our increased momentum with partners. 3rd, expand our wallet share by driving module adoption with new and customers alike and 4th, maintain our strong retention base. Let's explore each of these in more detail.
We are winning customers at a rapid pace. We've seen an acceleration in the number of new logos we win each year and in Q4 FY 2021, even off a tough comp, Our net new customer growth rate accelerated. Our win rates remain high, and we believe that we are clearly gaining share. And as George pointed out, with about 10,000 customers to date, we are still in the early innings of our journey, many more logos to win. For added context, some of the legacy vendors in the space had hundreds of thousands of enterprise customers.
The key to our rapidly expanding customer base Is that we are winning customers of all sizes, from a 1 person shop all the way to the largest companies in the world. We can sell into any vertical, geography Or any level of technical sophistication, essentially, we can sell to almost anyone. To give you some insight into how far we've come, The number of customers with more than 1,000,000 in ARR stands at 176 compared to just 10 in FY 2017. This is a 105% 4 year CAGR. The number of customers with ARR between 1,000,001 100,000 stands at 15.60 Compared to just 151 in FY 2017, this is an 80% 4 year CAGR.
Smaller accounts with ARR below 100 ks Stated at 8,151 compared to just 286 in FY2017. This is a 131% 4 year CAGR. You can see how these smaller accounts really contribute to our overall logo velocity. And putting this into perspective of ARR contribution, It's approximately 40% from accounts greater than $1,000,000 in ARR, 40% from the mid range accounts and 20% from customers less than $100,000 in ARR. Adding customers at this rate and among companies of all sizes is not an easy task.
It boils down to incredibly easy to deploy tech, The strength of our low friction sales motion, including our trial to pay and our ability to scale our operations and G and A functions to onboard customers At a rapid pace. Another opportunity before us to drive growth is to continue to increase our partner momentum. We are a partner first company with a direct sales force Whereby our sales reps own their own book of business, which includes partnerships. Our partner first strategy has enabled us to expand the breadth of our customer coverage In a highly efficient manner. You can see our success last year where we achieved an 85% increase in the absolute number of partners.
This increase came from our U. S. And international partners as well as our global strategic partners such as We've also been investing to increase partner sourced deals and are seeing the results. Partner sourced transactions more than doubled in FY 2021, And this has translated into an 86% increase in partner sourced ARR. Our unwavering focus on our partnerships Has led to consolidation in the market where CrowdStrike is broadly becoming the partner of choice.
AWS is an example of a standout partnership, A partnership which we have invested in and have experienced rapid growth in ARR transacted. Last year, we saw 6 50% growth in ARR transacted Through the AWS Marketplace, bringing the total ARR generated through the marketplace to well over $50,000,000 The good news about the AWS Marketplace Is that we are able to transact with both large and small companies. An additional advantage of transacting through the AWS marketplace Is the availability to leverage the enterprise contract. When a buyer and a seller both agree to use the enterprise contract, It materially reduces the number of terms and conditions that need to be negotiated between the parties and hence dramatically reduces the sales cycle in many cases from months 2 weeks. In addition to winning customers at a fast pace, we are also seeing strong success with our top accounts and growing the minimum spend required to be a top Customer.
The minimum ARR to make it to our top 25 is now 3,600,000 compared with under 500,000 in FY 'seventeen, 1,600,000 to be a top 100 compared with just 167,000 in FY 'seventeen. And to be a top 400 customer, a minimum of $478,000 compared with $10,000 in FY 'seventeen. Another way to look at this, the minimum spend required to be a top 25 customer in FY 'seventeen is now the minimum required to be a top 400 customer today. We are landing bigger deals and that we are expanding with both modules and workloads, covering more of a customer state, Leading to strong net retention rates. Let's now look at a customer journey of 1 of our top 100 customers That demonstrates how small initial wins can lead to significant ARR expansion over time.
This large retailer began their journey with CrowdStrike FY 'fifteen with an Intel purchase, which was fairly common back then and was not sold for endpoint. In FY 'seventeen, it expanded by purchasing our Insight Overwatch modules, which marked our first sensor land with them. This led to a large increase in ARR, granted it was off a small base. In FY 2018, we once again increased the deal size with PreVent. This brought them to a total of 4 modules.
In FY 2019, their ARR more than doubled with sensor growth and 2 additional modules. In FY 2020, we once again saw sensor growth. In FY 2021, they added Spotlight and brought Falcon into a portion of their cloud estate. This led to another 70% increase in deal size. Today, this customer's ending ARR spend with CrowdStrike was 3,000,000 A 3,500 percent increase from the initial end and encompasses 7 modules.
This customer is a great example of we grow an account both by adding more workloads and by increasing modules. This customer also demonstrates that as we launch more modules Or cover more of their cloud workload estate, we grow the account, providing us headroom for growth even within accounts we may already fully cover on an endpoint basis. When you have customers like this and many more like it, it is not difficult to see why we have such strong retention rates. Our net dollar based retention rates have consistently remained above our 120% benchmark, which is excellent. And then when you look at our gross dollar based retention rate that has been a best in class 98% for 9 consecutive quarters, well, that's just exception.
Now here is something fairly unique to us. Just as we are experiencing impressive expansion of our existing customer base as evidenced by the previous slide, We are landing new deals with more modules. We have seen a steady progression over the past several years, And now our average module count of a new customer is a little over 4 modules, up from 2 modules in FY 2017. And we see even more modules than that on the initial lands of big accounts like Pfizer, which we showcased on our earnings call. So the question is, why are we seeing bigger lands?
The answer is that 1, we are experiencing growing brand recognition And with that, a more prominent leadership position in our space 2, we are winning with agent consolidation 3, Our platform is easy to deploy and easy to manage with a stunning user interface. And 4, we are providing compelling value to customers. Looking across our entire customer base, module adoption continues to increase. We believe this shows strong customers' buy in for our platform approach. As we expand our lineup of modules, we expand the use cases we addressed, we expand our TAM and we expand the virtuous circle of our collect once, Ryu's many model.
Underpinning all of this is our platform that enables rapid innovation. And as George spoke about earlier, With this innovation, we have grown from 10 modules at IPO to 19 modules today, as well as a robust product roadmap for future When we look at the year over year growth rate of customers subscribing to each module, we are seeing tremendous success with these modules in the markets they serve. Customer accounts for our big four modules, Prevent, Discover, Overwatch and Insight, are all growing at a similar rate to our overall customer base, Which was 82% year over year at the end of Q4. Even more exciting are the hypergrowth modules That are growing at RAGE significantly faster than our overall customer base. These hyper growth modules include Falcon Complete, which is our turnkey security offering, device control, FalconX for threat intel and of course, Spotlight, Our highly differentiated vulnerability management solution.
Again, these are all modules where customer accounts are growing far in excess Of the 82% growth we are seeing in our overall customer base. The 3rd category I will call specialty modules, Where we find SandBox and Search. Though these modules are growing at a slower rate, I would point out that many of the capabilities of SandBox and Search Can be acquired through our FalconX offering, which is one of our hyper growth modules. So there is definitely a strong demand for these capabilities. Finally, I'd like to note the new modules, which year over year growth rates are not yet available because they are new to the market within the past year.
Of course, we look forward to additional high growth and hyper growth modules coming from this group of rising stars. Just like we are winning new logos from companies of all sizes, we are also driving module adoption. Regardless of the size of the company, their problems remain the same. They all need security and are looking for a true partner. They all want a solution that works and is easy to use.
They all want to reduce complexity and the number of agents and they all have limited security resources. The great news is That the Falcon platform addresses all of these needs. The bottom line is increased module adoption regardless of the customer size Demonstrates the applicability of the platform across the market. To summarize today's presentation thus far, we believe we are in the early innings of CrowdStrike's journey And that reaching $1,000,000,000 in ARR is just the first of many milestones we envision obtaining. We see multiple avenues To drive sustained long term growth, leveraging our existing business and solutions, fueled by strong secular tailwinds and our true cloud native platform An efficient go to market engine that is winning customers of all sizes.
Our ability to rapidly innovate and bring new modules to market Enable us to naturally expand into adjacencies, grow our TAM and drive module adoption with both new and existing customers. Our extensible platform also enables us to relatively quickly integrate new or acquired technologies and enter markets that are poised for disruption. It is important that we continue investing to capture and execute on the opportunities we see in the market, especially during this unique time in the industry, Which has experienced great consolidation over the past couple of years, clearing the way for a new market leader. While growth and seizing the opportunities in the market are top priorities, we are also focused on building a long term business with sustainable growth and compelling margins. And we've made significant strides, take gross margin.
This is an area that I'm extremely proud of where we have shown significant improvement. Coming from the mid-30s in FY 2017 to almost 80% in FY 2021 is almost unheard of To drive that kind of improvement, let alone in such a short time. The better news is that I see a path to continue this upward trend, and I will get to that in a moment. Then take operating margin. We've seen a steady progression in margin expansion with 9 consecutive quarters of improving non GAAP operating performance On both a dollar and margin basis, and we delivered a non GAAP operating margin of 7% in FY 2021.
On a personal note, I am just as pleased with our margin performance as I am with our phenomenal ARR performance. As I have often mentioned, scaling our business efficiently is a priority for us. 2 of several metrics we look at to assess our efficiency, Our magic number and the rule of 40. We perform very well on both measures. We are highly efficient, an indication we need to invest more, And we are doing just that.
Let's pull all of what we have shared with you today into perspective of our target model. On subscription gross margin, we have sustainably reached our range of 75% to 80% in FY 2020 and reached the high end of the range in FY 2020 As alluded to earlier, I see a path to continuing this upward trend and I'm raising our target model to 77% to 82% plus. The two main drivers in increasing this target are 1st, continued module creation and adoption. Every new module after they purchased the first module is essentially pure margin for us. 2nd, continued operational Let's now look to S and M, G and A and R and D.
As I mentioned, continuing to invest in all aspects of the business will be key for us, but especially in R and D and S and M. The current target model for these measures is at an appropriate level as we mature as a company. Even though we hit our R and D range in FY 'twenty one, We are increasing investments in this area, so we expect R and D as a percentage of revenue to tick up in the near term, but then trend back into our target model range over time. We reached our G and A target model in FY 'twenty one and believe that is an appropriate level to continue supporting our growth and believe we can Let's now look at how this translates into free cash flow margin. This is a new metric for our target model.
We had phenomenal FY 'twenty one performance of 33%, but we don't expect to repeat it at this level in FY 'twenty two As we will continue investing in the business. When we do reach our target model, we expect to generate 30% or more on a consistent basis. We expect to achieve each of these targets in various quarters over the next few years. And assuming $3,000,000,000 or more in ending ARR in FY 'twenty five, We'd expect to be within the range on all measures in FY 'twenty five on a sustainable basis. I would like to also note that you will find a slide with a few modeling notes in the appendix of the presentation, which will be posted on our IR website shortly.
In summary, I've never been more excited about the opportunities before us, And I look forward to continue to rapidly expand at scale. Thank you very much. I will now turn it over to Maria to open up Q and A.
Great. Thank you, When you are selected for a question, please be prepared to turn on your video and unmute your microphone. There might be a slight delay as you are promoted in And our first question is from Saket Kalia of Barclays, And he will be followed by a question from Matt Hedberg of RBC. Saket, you may begin.
Okay, great. Can you hear me? Can you see me okay?
Yes.
Okay. Excellent. Well, 1st and foremost, guys, thanks very much for hosting this session. A lot of great content George, maybe my first question for you. I think we all took away from your presentation that CrowdStrike Strike is not only an Endpoint Security Company, but something broader.
But maybe just to zoom into Endpoint for a second because It's been a space that you've just disrupted so much. Can you just talk about what inning you feel like we're in when it comes to converting legacy market share Does something more modern like CrowdStrike?
Sure. So thanks, Zach. Always good to see you. I think it's what we've said certainly for some time now. It's still in the early innings.
If you look at Our overall opportunity and we provided some customer counts of where we are versus some other companies and we look at where we've been able to penetrate. Certainly, we've done well. We're proud of our performance, but there's such a broader opportunity that's in front of us. If you look at The workloads that are out there on the cloud side, the containers, obviously, we put some physical hardware out there, which is pure endpoint as opposed to Just workloads, overall, we're just scratching the surface and the opportunity of what I would call endpoints and workloads, right. We always make that distinction and we look at So for us, still very early innings, great performance so far.
But in the grand scheme of the total market opportunity, it's just Fraction of what's available to us.
Got it. That's very helpful. Bert, maybe for my follow-up for you. First of all, thanks for all the detail and for the FY 'twenty five framework. Maybe from a high level, if you think about the AROR growth equation As part logo growth, part endpoints per logo and part modules per endpoint, if you will, Or workload maybe is a better point, right, to George's point.
Understand that you don't disclose this data. The question is, how do you think about the path from here to $3,000,000,000 qualitatively within those three metrics? It seems like all three of these drivers have contributed equally in the last few years. But over the next few years, how do you think about that equation changing, if at all?
Good to see you, Saket, and great question. So the great news is for each one of those, I think we have lots of avenue to I think if you just take the new logo velocity, I talked about certainly on the less than 100 ks customers, You can see how fast and how many were grown there. And I think that that is going to we still got tremendous opportunity with respect to the new logos. Just as George showed on his slides, we're still in that really early innings. With respect to, I think, the number of endpoints Per Logo, look the world proliferation of the endpoints workloads, just as you had mentioned, is just growing really, really fast.
And so we have this opportunity to be able to protect that proliferation of all those endpoints even within a logo. And then modules per logo. Mean, I think the great news there is you've seen what happened when we went from IPO to today from 10 modules coming out from market to 19 today. You've seen what's happened to each one of the different groups that we showed you with respect to the amount of logos and they doubled or just over or more than doubled with respect to each group In terms of logo sorry, module per logo. So all three of them, I think, still have robustness to them in terms of where we see coming from today going into
Great. Thank you, Saket. Our next question is from Matt Hedberg of RBC and he will be followed by Greg Moskowitz of Mizuho. Matt, you may begin.
Hi. Thanks, Maria. Hey, guys. This was really fantastic. We got a lot of details here to unpack.
But maybe, George, I think we could talk about a lot of the things you highlighted, but the move in your TAM to $106,000,000,000 by 2025, I mean, I think that certainly Caught my attention. I'm wondering when you look at that, how much of that is growth in your current markets today Versus new adjacencies. You had some components at the bottom of that chart. And for those new adjacencies, what are the things that excites you the most That perhaps you don't even touch today?
Well, we're excited about the TAM opportunity. And I think when you look at where we are today, it really is underrepresented with all the With all the things that we do and how customers actually use our technology. So we have where we are today, we have where we're going In a couple of years with our current platform, obviously, we talked about some things that are in R and D that we haven't announced, which are actively being built and then future opportunities That fall within those adjacencies. You saw things like Humio and our identity acquisition of Preempt. So these are all logical adjacencies and we have a very robust strategic plan over the next coming years.
And we didn't break out the specific numbers. So I'm not going to go into all the details. But as Bert mentioned, to get to the overall $3,000,000,000 plus, we can do that with our current Opportunity that we have in front of us and this is additive. So as things unfold, obviously, we'll update our TAM and be a little bit more specific. But Things like our cloud opportunity, where what we're covering today is still only a small segment of what we can do in the cloud.
We've added new capabilities with And it's DSPM and workload protection and it goes on and on. So we see that as a massive opportunity that I called out. And I think in general, when you look at Humayo and data and our ability to move into adjacencies that are relevant to security, But not outside of our core competency. I mean, that's where we get this broader TAM. So I would say stay tuned.
We try to do our best to provide A broader picture, but obviously there's some specifics that will come down as we begin to release products and execute on the roadmap.
That's great. And then maybe that dovetails into a question on Humio. Obviously, it looks like logs is the logical starting spot, but you talked somewhat about observability. And maybe talk a little bit more about that move from logs to a broader observability play. I mean, is that something that your customers are currently asking you for?
Is that a logical thing that you think is within the purview of the next year or 2?
Sure. Well, if you go back The presentation, there were 2 key areas for Humeo. 1 was the extension of XDR in our platform and connecting that into our Threat Graph to pull in data that's outside of just our core endpoint work That's one piece. Then if you look at what Humio does today, it's log and observability. And what we believe and there's some nuances to this Is that not all agents are created equal.
So when we think about our agent, it actually has the it has visibility to just call information into Deep into the kernel, so we understand performance of what's happening on those systems and it's not just a long shipper. So we think by combining our single agent, which of course was built with a security use case, but because of the way it was built, it can be extended into other areas. It can provide, I think, some great visibility into the observability market, if you will, and supply that to Humio. So they are doing that today And we will continue to expand on their current roadmap. Thanks, guys.
Great stuff. Thank you.
Thank you, Matt. So our next question is from Greg Moskowitz of Mizuho, and he will be followed by Ittai Kidron of Oppenheimer. Greg, you may begin.
All right, great. Thanks, Maria. I'll echo the thanks for all the great So I guess first question for George, you mentioned that you're now protecting 1,200,000,000 plus containers every day. It's just a phenomenal number and You've seen obviously what that trajectory has looked like. I guess the question is, there is a lot of noise in this space, a of vendors that are starting to go after this market and talking about Cloudworkload protection, CSPM more and more frequently.
How much Understanding when you say there is from a customer vantage point as it relates to not just the need to protect these workloads, Also to go with Crouch Rec in terms of their decision.
Well, given the model and how we built it and how we sell it, I certainly think our customers have a good view of what we've built and how they can actually try it and deploy it in the cloud. Bert talked about the retailer where we started with something very small and massively grew the opportunity there, including protecting some of their So it is a big focus for us. We have some specialization in the sales force actually to focus on that because you need to understand those Cycles and dev ops and things of that nature. And it's still a noisy space out there, but I think given our partnership with the likes of AWS, you saw the performance there. It puts us in a great spot to be able to extend out our capabilities above and beyond what might run On traditional desktops and servers into those cloud workloads and customers are looking for Of multi cloud architecture where it doesn't matter where our agent runs, it can be across any of the big cloud providers.
They're still going to get a single view it's going to be agnostic as opposed to locked in with one particular vendor.
All right. That's helpful. Thanks, George. And then for Bert, so I wanted to go back to your statement that Discover, Insight, Overwatch, Prevent, your 4 big modules, they're growing at a similar rate to your Customer growth rate of kind of in the low 80s. So given that dynamic coupled with the fact that you're landing with 4 plus modules on average, You have all these exciting new modules.
It would seem that you really have a line of sight to continued strong growth for quite some time. And specifically, when you talk about $3,000,000,000 plus in ARR by fiscal 2025, I mean, again, it just does not seem remotely heroic. So I
guess when you look at
all these drivers, would that be a fair statement? Is there anything that you would add to that?
Look, we're it's great to see you by the way, Greg. I think that when you look at those modules, I've talked about them before, the big four, and then you can throw in a 5th that's climbing up there, which is device control. We're getting really excited about talking about 4, 5, 6 and getting more excited. We'll soon talk about 5, 6, 7 modules that are going to be adopted. But when I think about the $3,000,000,000 it's more of a path that I wanted to show in terms of just great math.
I think the path of $3,000,000,000 $3,000,000,000 plus I really wanted to keep it simple and just give an indication of what something could look like. I think that it would be a fairly reasonably reasonable objective for us $3,000,000,000 plus in that timeframe, again to have our sights on. So that's how we think about that.
Great. That's great. Thanks, Bert.
You're welcome.
Our next question is from Ittai Kedron of Oppenheimer And that team will be followed by Tal Liani of BofA. Ittai, you may begin.
Thanks, Maria. Hi, George and Bert. Thank you very much for the presentation. Very informative. I guess, George, I have a couple of questions and I'm kind of more focused on the go to market and the packaging of all of this.
It sounds like that in the not too distant future, you'll have 40 different modules or 50 different modules out there to sell. And I guess the risk that you're creating there is that you overwhelm people with such a long list and menu and they really get confused and Perhaps even confused the sales force, what's the best way to approach to kind of start all of this? Help me think about the balance Of this, I mean modules adoption has clearly been a very big driver for you. But perhaps is there a point in time where to shift focus away from number of modules and Perhaps consolidate number of modules to smaller number, raise price. How do you create that balance between overwhelming versus making sure you get value for your products?
Well, it's a good question. And I think we've done a good job with the bundling and packaging as we sell today. Yes, we have 90 modules, but we tend to package So it's up in the sort of good, better, best, ultimate, if you will. Those are not the names, but you get the point. We actually pull them together, I think into effect of bundles, I think they can be logically bundled into cloud or servers or data or identity, things of that nature.
And the other thing that I really want to point out is, the risk that you run, and I'll tell you how we ameliorate that is that salespeople, they've got too much Sell, right. So a big part of our strategy has been the platform needs to sell itself. So we do a lot of in app, serving up of what customers may want, Right. So if you're a customer that's using our AV product and our ER product, well, a logical extension would be our vulnerability management. And you can basically try that for 15 days without any interaction from us.
I mean, you click on it and it's all your data. What better way to actually try the technology than with your own data. And that serves as a self selection mechanism so that the sales team don't that they don't get overwhelmed and not worried about 40 products. The customers are putting up their hands saying, hey, I'm really interested in these couple of things. And then we continue to educate them through our platform.
So It's really, I think an underappreciated feature of our platform and how much selling it actually does behind the scenes And how we've instrumented that into our field team as well as our inside sales team to be able to keep that motion. And the result of that is magic numbers that are 1.3%, the sales efficiency, the net retention rate. So that's the way we look to do it is to leverage the platform.
Got it. Maybe as a follow-up for that, again, it sounds like the scope of what you're going to do, is it going to expand tremendously over the next 2, 3 years? How do you think about the constituencies within the general IT department that you're talking to today? How does that need to change going forward? Are there Constituency within the overall IT department would be more network, would be more developers, people that you're going to have to build a rapport with, a brand with an In order to drive those new avenues of growth.
Sure. And we've been doing this for some period of time. When you look at the dollars that are being spent on CrowdStrike as what I would call a platform of record, these are not small dollars. You saw the $1,000,000 ARR type deal. So we've moved certainly we sell at the Chief Information Security Officer level, but we sell a lot at the CIO level, Right.
We're involved at CIO. We're doing a lot of Board work. And at the CIO level, you're going to capture a lot of the pieces that are there. For us, the network piece, we don't have anything that's really network related, but
those folks
are out there. I think the more important This would be the DevOps side and we're already selling there. We've got some specialization in the sales force. Technologies like Humio naturally pull us into that world. So it's building those capabilities, building the muscle memory, building the sales motions And continuing to sell high into the account, which is really at the CIO level.
Got it. Excellent. Good stuff, guys. Congrats.
Thank you, Ittai. Our next question is from Tal Liani of Bank of America, and he will be followed by Brian Essex at Goldman Sachs. Tal, you may begin.
Now you can see me and you can hear me also. Two questions. Bert, First with you. Great. Thank you.
I have a question that you were asked probably a 1000000 times, but I think this is the time of the year to ask it. We're heading now into April. April, You started to see great demand from related to COVID. How much before that, I mean, when we asked you the same question before, you said you don't anticipate much of Much of a impact related to COVID, meaning tough comps didn't worry you just because you thought you can Upsell and corporates expedite their migration to digital world. And I'm asking you the same question again.
As You started the year, we're 3rd into the year or a quarter into the year. What's the risk of slowdown in the next Quarter of 2, just because of tough comps. How much of the contribution of new modules, how much of it can offset The great demand you've seen last year.
I'll take a shot at that one. So great to see you, Tal. So yes, what we talked about or what I talked about when we were talking about COVID is yes, it acts as an accelerant to I think something that was already there, Right, which is this movement to digital transformation and obviously underpinned by security transformation. And we've seen that consistently through the year. The good news is, as I talked on our last earnings call, our momentum going into the year is the strongest it's ever been, right?
So clearly, we're seeing upticks Other than COVID in and of itself that are driving this momentum and the bright future that we think we have. So I think it's the things like the modules. I think it's the things like the fact that folks are expanding their footprint. And I think a big one obviously is The proliferation of the adversaries and the attack surface. I think all those things together combined to create There's a record amount of momentum that we have going into the year.
So I think the COVID The result of all that was the acceleration to get to where I think we're moving into this state where all those other things are going to play into our growth And to be able to get to those numbers that we that I talked about earlier. Got it.
And George, So far, all your acquisitions are extremely synergistic to your platform. You're basically adding more and more modules to your platform. General question is, you have a great currency. Is there any thinking in the company to grow outside of your platform Or to make bigger acquisitions and become a bigger security company and create a bigger security company?
Well, I think what Bert laid out is we're working on becoming a bigger security company, but we need to do that in a way that meets our model and meets The high bar that we have, there's not a week that goes by that we probably don't get too inbound from somebody acquisition opportunities. And As you've seen, we've been able to execute on 2 of those and the vast, vast majority, they just don't meet the bar that we have. As you Pointed out the integration with the platform has to happen at the adjacencies, the areas that we're focused on. It all has to make sense to us and We want to stay within our focus. I think there's a lot of companies over the years who have strayed away from what they're really good at And got into different areas and lost their way.
And everything that we've done so far and what we continue to focus on is to be part of the platform and be very logical It's something that we can sell very efficiently within the platform. So we're not going to change our approach at this point. We will certainly continue to look at Marketplace as it evolves, but we feel really good about the 2 big acquisitions that we did over the last year.
Great. Thank you.
Thank you, Tal. Our next question is from Brian Essex of Goldman Sachs, He will be followed by Brent Thill of Jefferies. Brian, you may begin.
There we go. Thanks, Maria. I appreciate it. Yes, maybe Bert, first a question for you and thank you again for all this information. This is fantastic.
If we think about the operating margin profile that you've kind of outlined the pieces within that,
One of
the things that impressed me is you're going to keep sales and marketing relatively robust over the next few years as you go towards that $3,000,000,000 target, but Your model has some of the best unit economics of any of the companies that we cover. And I think of last quarter, I think one of the interesting things for me anyway was How you went down market a bit and the tax rates increased. So you went down very effectively, still with great unit economics. How should we think about with that in mind, where you're going to be spending from a sales and marketing perspective? How we're going to track Progress towards reaching that goal and anything meaningful pop up like increased channel presence, international presence or how should we think about Where are you going to be spending the incremental dollars given that most companies when they scale will become more efficient on that metric?
Yes. Great question, Brian. So first and foremost, my message of we're going to continue to aggressively invest exists. That's something that I've been talking about for quite some time. The fact that we've had such strong unit economics goes back to what George was talking about earlier.
Taking friction out of the system, having this trial to pay in app trials. So as we think about where I'm going to deploy dollars, obviously, we're going to continue to try and deploy dollars you make that even more frictionless. But then obviously international, we had a strong international quarter, 29% of our business was outside the United States. And we think that that we have room to grow. We think we have room to eventually And it gets to fifty-fifty.
We have a long way to go to do that because we're still growing so fast in North America. But certainly, international is a space that We're going to continue to deploy dollars. The way that we look like at headcount, it's been working. It's a trialed it's a tried and true formula that we use And we don't want to bust the model. It just so happens to turn out a really strong unit economics measure, but we know it works Because if you're trying to play too many heads all at once, they're not going to be able to be they're not going to be able to do what they need to do.
And same with marketing dollars. You throw a whole bunch of marketing dollars at something and if you don't have the people to be able to and the systems to go after and capture it and make use of it, The marginal dollars that you can get into that is going to start declining. So we've got a tried and true formula right now. We're going to continue with it. We're going to continue to aggressively invest internationally and so far that's been working.
Great. That's super helpful. And then maybe for George, I just want to ask, maybe it's Picking at a small point, but would love to get your thoughts on how you see the right store for this. I think you're asking to see your footprint, your customer base and others can build on your platform To penetrate markets as well. How meaningful do you think that's going to be when you're working towards your $3,000,000,000 goal?
Yes. So you broke up a little bit, but I think it was related to the store. And I think we've made tremendous progress In the store since we launched where we are today, the number of participants, Humio adds additional capabilities to be able to pull more data and create new workflows. Bert can comment on any related financial pieces of that or not comment as he probably Will do. But for us, it's very sticky to our customers.
It's what they want. And over time, I think long term, it can be a Meaningful piece. But for us, as we've looked around and talked to these cloud pioneers, there's some early investment that you And then ultimately it pays off with the platform approach and it shows up in the tax rates and win rates and things of that nature. So I don't know Bert if you have any other Comments or non comments on that, but we are excited about the future opportunity, longer term opportunity of the store.
Yes, no, absolutely. So I still think we're in early innings by the way with the store. But I think at some point, Brian, the net new air that we generate From the store could be the same or greater than what we do from a platform on a quarter basis, but we still have a long way to go. But what now what's happening now is just the additional stickiness, Right. Building out that ecosystem, as George talked about, for customers to kind of enjoy not only what we have, but what others have and do it in a way that is already integrated I mean, that's it goes back to the ease of use of our platform.
Perfect. Thank you. You're welcome.
Thank you, Brian. Our next question is from Brent Thill of Jefferies, and he will be followed by a question from Eric Stupiger of JMP. Frank, you may begin.
Thank you, Bert. You're very bullish on the cloud workload protection segment of the business. I'm curious if you could give us any sense or size of that business on trajectory. And a quick follow-up George, just as it relates to AWS, you mentioned the $50,000,000 threshold that you passed. Is anything different this year with AWS and the go to market Motion, what's the next chapter for the AWS relationship from your perspective?
Thank you.
So with respect to cloud workloads, we are very excited about that. I think it's greenfield, George talked about that There are so many unprotected workloads in the cloud and we're the 1st mover, right? So we're the 1st mover to be there. The example that we gave today with the customer journey, we're protecting some of their cloud environment. And so when we think about the opportunity for everybody else out there, we think it's massive, Right.
We tried to put some math behind what that size looks like. And we think we're even with that, I think we're conservative in terms of the overall TAM For that opportunity and I think it's being as George mentioned that even at the onset of this presentation, it's being completely underserved. And that's why I think that Both George and I and the rest of the team are really excited about the opportunity with respect to cloud. It's still small today, Right. It's not a big piece of our business, but we think it's greenfield and we have a lot of room to go in.
With that, I'll pass it over to George to talk about
Sure. With respect to AWS, I think it's the natural maturation of a great partnership. Obviously, we've added And their APIs and just how you interact with their store and their marketplace. We've added some specialization in the sales force Specific to those cloud workloads, and I think just in general, there's a broader awareness of The massive investments that we've made over the last number of years to capture that market. And again, it's getting people educated on the fact that, yes, it's not just an endpoint company.
We protect Billions of containers over 1,000,000,000 containers per day. And we've got the technology to be able to do that, which is Top of the food chain. So we're excited about where we are. I mean, I think the progress is amazing. I'm glad we're able to talk a bit about it.
And I think there's another fantastic path forward with AWS and what we've built today and what we're working on in the future.
Great. Thank you.
Thank you, Brent. Our next question is from Eric Stupiger of JMP, and he will be followed by Question from Gray Powell of BTIG. Eric?
Thank you for taking the question. George, I think I saw in the modules that you were discussing a firewall module. Can you talk a little bit about what the competitive dynamics are And how you anticipate approaching that market?
Well, so we need to be super clear. So that's a firewall module on our endpoint of workload, that's not a firewall. And again, it's a natural extension to what we do being on the endpoint. It allows policy configuration and enforcement of Traffic flows in and out of the system and it's really not that much more complicated than that. Obviously, Customers want to be have that protection as they move about and the corporate network disappears and we just make it easy for them to
So that's not something that would replace a traditional enterprise firewall, it would be more of a complement?
Yes, it has nothing to do with a network firewall. It's the firewalling within an endpoint We're a workflow. So basically, the system itself has its own capabilities to control network flows. And when you're outside of a corporate environment, you may be at home, you may have a router or something, but people want to be able to lock down Those systems as you travel, go to a hotel, go to Starbucks. So, yes, it's great that we clarify that because that is not anything related to a traditional Firewall market other than leveraging the ability to protect the endpoint itself using firewall type rules.
Okay. Bert, when you did the IPO, you talked a lot about how The opportunity once you displace a incumbent expands fairly significantly because you're able to follow on with a number of additional features and functions. I'm curious, have you done any more work in terms of what kind of expansion you get as you displace incumbents with what kind of What effect you get on that opportunity?
Yes. We tried to give you a highlight on one of the customers in the retail space, where we Expanded it to $3,000,000 in ARR over a period of years. It was very small at the beginning and then moved along with the journey. And To be fair, it can be quite large, right, the journey from where a company starts to where it ends up. The good news, Eric, that we're seeing today is we're actually landing with bigger lands in terms of more modules and more dollars across the board, across all the different areas.
And so the opportunity there is obviously as George and team come up with more modules each time that we come out with something there's an opportunity for that Customer. And we've had great traction with that. And obviously, we've had great traction with customers out there that have Used us as the cornerstone of their security profile and beyond and have said whatever module you come out with, Almost whatever it is, we're going to buy it. It's sort of this, hey, look, Salesforce did a great job. Hey, if it doesn't connect to Salesforce, we don't want But if Salesforce does come out with something, we're going to want it.
And we're kind of seeing that as well in our early days, right? We're seeing customers that have been so enamored with the efficiency and Efficacy and total cost of ownership that we're able to offer that they're just going to come in and do more with us. And That's something the trend line is going up into the right with respect to that.
Very good. Thank you very much. You're welcome.
Great. Thank you, Eric. Our next question is from Gray Powell of BTIG, and he will be followed by a question from Andrew Nowinski of D. A. Davidson.
Greg, you may begin.
Okay, great. Can you guys hear me okay?
Yes.
All right. Thanks for taking the question. Just a couple on my side. So as we think about the path of $3,000,000,000 in ARR, How much do you think comes from your core endpoints in the EDR target markets? And then how much should come from some of the newer products Or tangential markets.
Yes. So as I stated, obviously, it was an illustrative view of how to get to the $3,000,000,000 $3,000,000,000 But as we think about it, we talked about the fact that it's really from just overall, it's from the modules and everything that we have today. We're not anticipating very much at all from the acquisitions that we just did in Humio and PREVENT. And then when you break it down with respect to what modules are going to get to get us there, right, it's what we've always talked about. We've got the big 3 and big 4, Right.
So we've got prevent, detection, overwatch, discover, right. But then we've got the device control that I mentioned earlier on in my remarks. But then you're also seeing those hyper growth modules that we talked about, right? You've got Complete, which is our turnkey solution, Which is really popular with our under $100,000 customers, because they're just it solves a resource issue As well as you're getting the best protection on the planet and someone's managing it for you all in one To things like FalconX and Spotlight, which is our vulnerability management module. I think all of those things are going to contribute to getting us there and You saw how I built the path.
Again, we think it's a reasonable objective, given what we have today.
Okay. That's helpful. Thanks. And then just one other question, if I can. On the earnings call, you highlighted an increase in the opportunity to win customers from Microsoft, particularly after some of their Recent security headlines.
I'm just curious, how do you see that playing out over the next year or 2? And how does that Opportunity compare with, I guess, what you've seen in the last couple of years with legacy guys like Symantec and McAfee?
Well, yes, I mean, I would bucket Microsoft in the legacy boat because that's they have legacy AV signatory, things of that nature. And the reality is Customers are concerned in a couple of areas. 1, creating a monoculture of all in on Microsoft, particularly given The serious challenges they've had on the security side that we've talked about and it's been in the news. Customers, as I mentioned, Have had a concern, a crisis in trust and want to de risk their security spend. And I think in general, you got to look at the platform efficacy.
We don't have 20 different consoles and Things that are band aided together to try to make it all work. And we work seamlessly across Windows and Mac and Linux, Which is just not the case for someone like Microsoft. So for us, obviously, they're going to there's always going to be a big competitor and It's a big market opportunity, but we certainly believe we have the best technology and customers, I think, would I'd probably echo that and we'll continue to build out the platform and add value where we can. Again, we wake up every day and think about how do we protect our customers and how do we How do we focus on security and not about office applications and other things. So I think that singular focus is really important.
And then the last piece is Things like Overwatch and Complete, we pioneered managed detection response and these capabilities. We were doing this before they even had names From Gartner, and that's extremely valuable to customers.
Okay, got it. Thanks for hosting this. Good event.
Thank you.
Thanks, Gray. Our next question is from Andy Nowinski of D. A. Davidson, And he will be followed by a question from Alex Henderson of Needham. Andy?
Great. Thank you. Maybe just a few questions on the modules. So thanks a lot for all the color on the adoption. I'm wondering, Are you seeing any specific modules out of the 19 that you
now have that are getting or
are seeing any increase in adoption as a result of the SolarWinds and now Microsoft Exchange Tax?
I think in general, the 0 Trust Element, the preamp technology that we bought has been, I think pretty well received, right? So I know we've gotten some really nice deals post SolarWinds, specifically around Identity. We're still completing the integration Process, so you'll hear more about that. And I think that one has a lot of long term legs. And I've gone through the demos recently of I mean, it looks fantastic.
So I think we've taken a very specific to that technology, we've taken a very measured approach, Which is let's get the integration in before we really hit the gas. We really haven't hit the gas on it. And I think that we've got the flexibility to be able to do that. And that's going to serve us well in the long term to have a seamless integrated product rather than something that's Not quite as integrated as people would like. So but I think that's a big one coming out of what we call sunburst attack.
Thanks, George. Maybe just one more as it relates to AWS, you had a 50,000,000 that was transacted through that channel. I'm curious what our customers deploying when they deploy or which modules are customers deploying when they deploy CrowdStrike and AWS? Are they typically the same as what a customer would deploy if a deal is transacted outside of AWS? I'm just kind of curious how they would compare.
Yes, and they're similar. I mean, people want protection, right? So you want runtime protection. You want visibility, which are core elements of the product. You want to understand whether there's any policies that are misconfigured because you don't own the infrastructure, right?
So you have to look
at the policy piece You're not setting it up yourself and that's relatively new. But I think core workload protection visibility is what people will buy and They attach it to Overwatch, which is a fantastic service. And again, we've got the ability to extend out into many of the other areas Outside of those core capabilities. Great. Thank you,
Randy.
Thank you, Andy. Our next question is from Alex Henderson of Needham and he will be followed by a question from Roger Boyd of UBS. Alex?
Thank you very much. And I look forward to Roger's question from UBS, good guy. So I wanted to talk a little bit about the defensibility that you guys have built in your positioning. I recall When you first started the business, the gross margins were very low because of the extremely high uplift associated with bringing the data to the cloud And that there was a very long learning process once you brought that data up to understand exactly how you get the high level of efficacy That has been the hallmark of the company. I also think to the extent that you've got an agent that's designed specifically for carrying The threat graph down to the local level to be able to bring that in and now with the Humio acquisition, even more of an advantage.
Can you tell a little bit about how much of an advantage that is versus anybody trying to replicate what you're doing? And similarly, when you look over to the Cloud world and you start talking about workload runtime protection. I mean, we've clearly got an agent bloat problem on Endpoints, but I would think in the cloud server environment, AWS is not going to let more than 1 or 2 Agents on to their server and therefore, I would think that that's even rare more rarefied. So
How much
of an advantage does that represent in terms of your the inability of other people to get their agent on and protect those workloads Because obviously you have to be on the server and not inside the workload to be able to see multiple iterations of that workload. So those dynamics Strike me as enormous defense advantages that create a moat that's insurmountable.
Well, always a pleasure to see Alex and some great questions in there. Let me try to unpack it. You really point out something that's Important and will often get lost in the noise of the marketplace and that is the very specialized agent that we built and how we built the platform. So if you look at a lot of our competitors, the vast majority of them set out to be just another AV product and then they bolted Some EDR capabilities and that is really problematic. I mean, it takes hours for some of our competitors to actually get data to the cloud and that's a very All subset instead of real time, just as one example, right?
It also may sound the same, but it's vastly different. When you look at what we built, because we started with the agent, the Brett Graff and Visibility, and we said like, let's just send a whole bunch of data up there and then we'll figure it out. When we did that over time and we built things like Our smart filtering technology, which dynamically controls what goes up, we've built a platform that's scaled over time.
We've added modules and all of that
accrued to a much And all of that accrued to a much better margin profile. And as I like to say, there's no compression algorithm for So a lot of our competitors will simply just take an agent and it's called a shipper and they'll just take data and try to ship it. But there's no smarts involved in it and there's no ability to actually retain the context of the data. And as you pointed out, there's a mini graph on our endpoints and workloads And that context is never lost as the data is smartly shipped to the threat graph. So that's an important element and it does create a huge barrier to entry because The fact that it's easy to install, easy to run, doesn't overwhelm the system or the network and gets the right data there with the right Margin profile, now customer may not care about the margin profile, but they care about what data goes up and if it impacts anything.
But as you said, it takes a long time to actually get that right and that does create a barrier to entry. The other thing that you pointed out was specific to AWS And a customer can kind of run what they want on their endpoints, but I think it's the relationship to that we have with AWS in the marketplace and the fact that It works. Like everything else, it's easy, it works. It doesn't impact performance. And a lot of our competitors, you have to install like their own management console In AWS instance, you don't have to do any of that with ours.
And more importantly, we don't impact the performance of these critical workloads like our competitors. So That's the second piece. And the piece that you didn't bring up, but I'll mention is with things like Humio, the more data we collect, we have now the ability to collect even more data An additional data moat, if you will, and basically even harder to kind of get that data moat, Others to reiterate that I should say. So we think it's the right approach and there are many moats in our business.
If I could just one for Bert, just to be absolutely crisp and clear. The commentary about taking the growth that you achieved last Here and just cloning it for a number of years is not a forecast, that's a baseline framing and That you would not you're not saying that $3,000,000,000 is your target. Obviously, there's considerable growth. And I think that 10% Increment is every is $500,000,000 incremental growth is the right way to mechanically think about how much above that you could get. Is that A fair characterization, I don't want to go out and say they're guiding to $3,000,000,000 because it's not doesn't seem like that's what you're doing.
Correct. That is not what we do. We were just giving an illustration of what it would take to go from $3,000,000,000 or $3,000,000,000 plus. We think the $3,000,000,000 plus Number that we talked about in the second illustration, again, is a reasonable objective and target for us as we look out into the future. George, when he started the company, by the way, when George when he was thinking about where he wanted to go, he was thinking very big, right?
He said, I want to be able to Sell to all customers everywhere in the world and he's been able to achieve that. So it goes back to that, hey, we're putting a lot of resources to kind To be able to achieve his goal, I think that for us, Damon, you're pointing out that that's not our guide. It's not. It's just here's what A case looks like or 2, and we think they're reasonable in terms of how we think about the future.
So since that was just a clarification, just one last piece I wanted to ask, which was You didn't mention deal cycle time. Is your deal time to close shortening? Thanks.
Yes. Well, I'll touch on it and then George, you can take it. So the good news is when we talk about the AWS part of it and it's Becoming more and more of a meaningful number. The good news with AWS, they have an enterprise contract. And what that is, is when again, when a buyer and seller both agree to that Enterprise contract.
And you've knocked out 80% of the terms and conditions or more, and you're able to really reduce that timeline. So the more we do there, Obviously, the lower the cycle time. But in general, what we're seeing is that the cycle times, whether it's the large or small, they're kind of still in that Same box as they were. Although this time, we're landing with more modules, right? So that's the good news and bigger deals.
Yes. Just to add to that, it's an interesting business in security because when you look at The delta of times to get a deal closed, it could be 6 months for a big company or 2 days for the same size company. And it really depends on their overall buying pattern, but it also depends on the threat environment. If there's an incident, they had an issue, they've got a deficiency that the compliance matter, the Board has come down on them. And we've done deals in 2 days.
We've done deals in literally $1,000,000 plus ARR deals in 4 hours, like through the AWS marketplace because somebody had to have it. So You don't always see that in different industries. But I think in general, we've seen the ability through some of Channels, as Bert called out, like AWS to really help accelerate getting deals done, cuts out the legal cycle time. But overall, it's been, I think, pretty robust.
Well, I appreciate the answer and I'll cede the floor to my good friend, Roger.
Great. Thanks, Alex. So we only have Time for two more questions. So we're going to take a question from Roger Boyd followed by Matt Roger Boyd of UPS, followed by Matt Perron of JPMorgan. And we ask that you limit your question to 1.
Roger?
Hi, a little bait and switch for you there, George and Bert. So hopefully a little bit of a spicy upside surprise. Thanks for doing the session. George, I'll start with you. On the unit based opportunity, you mentioned some very staggering numbers around the number of PC units, the mobile devices and servers.
I'm curious, can you shed some light on what your estate based market share coverage looks like And how do you at very high level think about pricing dynamics and price elasticity as it relates to some of these very, very large numbers? And then I have a follow-up
Sure. We don't go into all the specifics, but we're still in single digit market shares In many of these areas. So again, that's why we look at I'm a simple math guy. It's like you look at the number of The devices that are out there, you look at how many potential customers are out there, you look at it 5 different ways and you go, okay, yes, we're doing great, but We're still very small and very early in the customer acquisition journey. So and then obviously the pricing is going to be different.
Pricing is different on mobile devices versus IoT Versus IMT versus workloads and servers and that's all accounted for in how we go to market
and how we package.
Very helpful. And Bert, maybe for you, you gave us the tiering of customers in terms of what they're spending, what their module penetration looks like. I'm wondering if you can help us bridge the gap between the net retention rate by customer tiers. And more specifically, I want to understand if the 8,000 customers you have that are transacting with you at less than 100 of ARR, what their retention and churn behavior looks like, because that to me is perhaps your biggest opportunity to really sell A significant amount more in terms of modules and endpoints covered for that base. So just any thoughts around the net retention rate By customer tiers, just to reconcile that with your global net retention rate number.
Thank you.
Fatima, great to see you. No offense to Roger, but always great to see you. So on the retention rates, we don't necessarily break them out, Right. It's kind of like the big bucket. And but what I can tell you is that obviously the more modules that somebody has, Whether they're big or small, the harder it is to rip it out, right?
The good news is with the retention rates and the net retention number is always very noisy, Especially early days because as I said, we're lining these bigger deals upfront, so that could have an impact on the net retention rate, so you can see some fluctuation. We've done a pretty good job overall. Good news is there is also that we've got just about just under 10,000 customers, so that base is growing and growing. And I think about when I think about retention rates and when I think about the 8,000 coming from that less than 1,000 and ARR Group, for me, one of the strongest things that we have for that group Is our complete offer. That's the turnkey solution.
And once a customer of that size or any size for that matter gets a Taste of that, they're like, I don't really want to go anywhere else, right? It's so compelling. It's the best in the world in terms of efficacy and you've got somebody managing it for you, So you're getting the best in the world in terms of people who understand our tech and how it works. So it's pretty compelling.
So suffice it to say there is some price elasticity baked into your anticipation and expectation of Providing more coverage footprint, whether it's a PC or a mobile device or a IoT device. Is that a fair inference?
The thing about elasticity, I mean, let's assume you have one type of product and nothing happens. For us, we've got 19 modules today, right? So At the end of the day, remember, and I think this is for you and the full audience, it's about selling value, right? So we're coming in and we're replacing Other technologies and the total cost of ownership for all the different things that customers looking for is less with us, even though the dollars to us is more. So that's how we think about it.
Fair enough. I appreciate it. I'll cede the floor. Thanks for the details.
Thank you.
Thank you, Fatima. So our last question is from Matt Perron of JPMorgan. Matt?
Hey, guys. It's Matt on for Sterling. Thanks for taking the question and nice to Bert, I just had a question for you. You talked about how the number of modules that customers are landing, that's Basically doubled over the last few years, but you still maintain that net expansion rate above 120%. So how should we think about That metric going forward and specifically relating to that $3,000,000,000 number that you mentioned, How should we think about the net retention rate playing into that metric?
Thanks.
Good question, Matt. It goes back to what First, it's a noisy metric because again, there's a lot of dynamics at play. Here's the great news. George talked earlier about how much headroom we have with respect to new logos, Right. We're in the early innings.
You saw some of the other companies that are out there, many, many multiples of where we are today. So we think we have a lot of headroom there. The great news also is that we're bringing in new modules. Since IPO, we added 9, right? So we're being able to offer that customer base, which is now just under 10,000, 9 more modules, Right.
And so we have this opportunity to cross sell and upsell. With respect to the number itself, we chose that 120% Benchmark because it seems like a that's a best in class company. And we've been able to show the strength of our upsell and cross sell. In any given quarter, it could fluctuate. And so for us though that the continued pace to increase the more modules we can offer our customers, The better it is for both across all upsell and net retention rates as well just as our initial plan.
So it's I wouldn't get hung up on it too much. We're extremely proud of where we are today with respect to both retention and new logos, but we have a long way to go for both. And I think that's the message that I'd love to be able to indicate to everybody.
Great. Thanks, guys.
You're welcome.
Thank you, Matt. And with that, I'll turn it back to George for closing remarks. George?
All right. Thanks, Maria, and thanks to everyone who spent some time with us.
Certainly,
Bert and I and the company are excited to go through any additional details. I'm sure everyone will be busy digesting those. But As always, we try to be as transparent as we can. And I think we've got some good stuff out there that really demonstrates the value of the Form Proofpoint and the partnerships that we built gives you size and shape of where we're going in some of these long term models. And for me, I think, again, just to reiterate what I talked about earlier is to leave you with, yes, we are a great endpoint company and a great workload company.
And We talk about that market, which we're never, never going to stray away from. But I think we've demonstrated the power of the platform in the modular format and the adjacencies that we've been pulled into and entered that make logical sense given the platform. And We're not going to stay away from our knitting and we're going to continue to focus and build out this platform and continue our journey of customer acquisition. As we said, So we do look forward to catching up with everyone soon. I hope everyone stays safe and healthy.
And I know all this, Maria will be posted on our investor website at some point. So you'll be able to download this and go through it in more detail. So thank you. Have a wonderful day and we'll see you