CrowdStrike CEO George Kurtz: Identity Can Be as Big as XDRKurtz Says Close to 80% of Cyberattacks Leverage Identity
CrowdStrike CEO George Kurtz says the size of the untapped opportunity around identity protection mirrors where the endpoint detection and response market was many years ago.
The Austin, Texas-based security company entered the identity market through its 2020 acquisition of Preempt Security and saw over the last quarter a doubling of the number of customers subscribing to its identity protection module, Kurtz says. CrowdStrike's ability to derive context from the endpoint, identity and workload in real-time helps the company detect and stop identity-based attacks (see: CrowdStrike's Michael Sentonas on Identity, Cloud and XDR).
"With close to 80% of cyberattacks leveraging identity-based tactics to compromise legitimate credentials and using techniques like lateral movement to quickly evade detection, identity protection is core to stopping breaches," Kurtz told investors during an earnings conference call Tuesday.
Customers have told Kurtz that CrowdStrike's new identity module provides a high level of visibility into their Active Directory and Azure Active Directory infrastructure, allowing weaknesses to be identified earlier. CrowdStrike's identity practice focuses on endpoints, servers and directory structures and doesn't compete against pure play identity vendors that focus on access or brokering, such as Okta or Ping.
The single, lightweight agent architecture of CrowdStrike's identity protection module means it can be easily activated at scale during trials by prospects, which Kurtz says helps in quickly converting them into paying customers. The identity module appeals both to existing customers who are open to spending more money with CrowdStrike and to clients who haven't worked with CrowdStrike before, for whom it often serves as an entry point (see: Israeli Security Companies CrowdStrike Could Buy for $2B).
"Our identity module has been a real game-changer for customers," Kurtz says. "I think it can be as big as XDR, and it's going to be a core module going forward."
Capitalizing on the Cloud
CrowdStrike's public cloud business now delivers $174 million of annual recurring revenue following a record quarter and is focused on the company's recently launched cloud-native application protection platform. Kurtz says the company stands apart from the pack by offering both agent-based and agentless protection in a single user interface while providing a shared data back end and threat graph.
"The combination of agent-based and agentless capabilities in the cloud enables complete runtime protection while agentless-only solutions can only offer partial visibility," Kurtz says.
CrowdStrike is a small but growing player when it comes to cloud workload protection, notching 4.6% market share in 2021, up from just 3.1% a year earlier, according to IDC. CrowdStrike's cloud workload protection business has surpassed Broadcom and Cisco's in size but lags incumbents Trend Micro, Trellix, Sophos, Palo Alto Networks and Check Point as well as startup Lacework, IDC found.
Kurtz says many of the pure play cloud security vendors take the easy way out by providing just agentless protection since that doesn't require much more than building workflows and plugging into APIs. But only the combination of agent-based and agentless protection provides complete visibility across the cloud and hybrid data center, according to Kurtz.
Many competing cloud security offerings focus only on policy misconfigurations and can't actually detect if a customer is under attack, Kurtz says. In contrast, CrowdStrike has applied its threat intelligence expertise and indicator of attack knowledge from the endpoint to determine where in a customer's cloud environment a cyberattack might be possible, according to Kurtz.
"Everyone's in the early innings in the cloud journey, which is exciting because it's a greenfield opportunity," Kurtz says. "We feel like we've got great products and the right go-to-market motion around it."
Sales Surge, Profitability Improves
|Professional Services Revenue
|Loss Per Share
|Non-GAAP Net Income
|Non-GAAP Earnings Per Share
CrowdStrike's revenue of $535.2 million in the quarter ended July 31 bested Seeking Alpha's sales estimate of $516.4 million. Meanwhile, the company's non-GAAP earnings of $0.36 per share was higher than Seeking Alpha's non-GAAP estimate of $0.27 per share.
The company's stock is down $1.10 - 0.57% - to $192.20 per share in after-hours trading. Earnings were announced after the market closed Tuesday. CrowdStrike's sales in the Americas grew by 53%, while the company's international sales increased by 73%, says Chief Financial Officer Burt Podbere.
For the quarter ending Oct. 31, CrowdStrike expects non-GAAP net income of $73 million to $78 million, or $0.30 to $0.32 per share, on revenue of between $569.1 million and $575.9 million. Analysts had been expecting non-GAAP net income of $0.28 per share on sales of $569.8 million, according to Seeking Alpha.