CrowdStrike Holdings Inc
NASDAQ:CRWD
Utilize notes to systematically review your investment decisions. By reflecting on past outcomes, you can discern effective strategies and identify those that underperformed. This continuous feedback loop enables you to adapt and refine your approach, optimizing for future success.
Each note serves as a learning point, offering insights into your decision-making processes. Over time, you'll accumulate a personalized database of knowledge, enhancing your ability to make informed decisions quickly and effectively.
With a comprehensive record of your investment history at your fingertips, you can compare current opportunities against past experiences. This not only bolsters your confidence but also ensures that each decision is grounded in a well-documented rationale.
Do you really want to delete this note?
This action cannot be undone.
52 Week Range |
210.07
392.15
|
Price Target |
|
We'll email you a reminder when the closing price reaches USD.
Choose the stock you wish to monitor with a price alert.
This alert will be permanently deleted.
Ladies and gentlemen, thank you for standing by, and welcome to the CrowdStrike Holdings Q2 Fiscal Year 2021 Financial Results Conference Call. At this time, all participants are in a listen-only mode. After the speaker presentation, there will be a question-and-answer session. [Operator Instructions] Please be advised that today’s conference may be recorded. [Operator Instructions]
I would now like to hand the conference over to your host, Investor Relations for CrowdStrike, Maria Riley. Ma’am, please go ahead.
Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, President and Chief Executive Officer and Co-Founder of CrowdStrike; and Burt Podbere, Chief Financial Officer.
Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives and expected performance, including our outlook for the third quarter and fiscal year 2021 are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call.
While we believe any forward-looking statements we have made are reasonable, actual results could differ materially, because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements whether as a result of new information, future events or otherwise.
Further information on these and other factors that could affect the company’s financial results is included in filings we make with the SEC from time-to-time, including the section titled Risk Factors in the company’s quarterly and annual reports that we file with the SEC.
Additionally, unless otherwise stated, excluding revenue, all financial measures discussed on this call will be non-GAAP. A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our press release, which may be found on our Investor Relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today.
Please also note that in light of these unprecedented times as a result of the COVID-19 pandemic, management will provide additional information into our second quarter results and guidance assumptions. We do not intend to provide this additional information on an ongoing basis.
Lastly, Fal.Con, our Annual User Conference, will be held virtually on October 15. We invite you all to attend our keynote presentations, as well as the one hour session we will hold specifically for investors. Registration details to both events for investors and financial analysts will be available next week.
Now, I will turn the call over to George to begin.
Thank you, Maria, and thank you all for joining us today. CrowdStrike delivered another exceptional quarter. We could not be more pleased with the team’s continued execution, and every CrowdStriker’s commitment and drive to take our company to new heights, even in light of the current macro uncertainty.
A few of our accomplishments in the second quarter include setting a record for net new ARR with over $100 million added in the quarter and ending the quarter with a record pipeline; sustaining our strong subscription revenue growth rate of 89%; adding record net new subscription customers of 969; closing the second largest deal in the company history, which was sourced, trialed and closed remotely; and for the second consecutive quarter, we generated non-GAAP operating income.
Now, let’s discuss our results and the trends we’re seeing in the market in more detail. With strength in multiple areas of the business, we added $104 million in net new ARR in the second quarter, which was up 77% year-over-year and ahead of our pre-COVID expectations.
Additionally, year-over-year, we grew our subscription customer base by 91%, delivered 89% subscription revenue growth and 84% total revenue growth. We once again saw a strong partner engagement and deal flow throughout the quarter among both large and SMB customers that span multiple industries.
Additionally, our gross retention rate remained consistently high and our dollar base net retention rate once again exceeded 120%. We also continue to see rapid module adoption by new and existing customers, which is a key tenet of our growth strategy. This quarter, the percentage of all subscription customers with four more modules increased to 57%, and those with five or more modules increased to 39%.
Strong secular trends and a favorable competitive environment are fueling our growth. Organizations around the world are shedding outdated systems and accelerating their move to modern cloud-native technologies to meet the demands of today’s threat landscape and future-proof their security architecture.
Additionally, as organizations rapidly adapt to the new distributed workforce paradigm and move more workloads to the cloud, it has become clear that the endpoint is the new security perimeter, and the inadequacies of the complex brittle patchwork of legacy solutions continues to be exposed.
From the many conversations, Mike Carpenter, CrowdStrike’s President of Global Sales and Field Operations, and I have had with CIOs during our 100-by-100 international virtual customer tour, we consistently heard a few themes from both customers and prospects.
First, even in this challenging macroeconomic backdrop, cybersecurity is mission-critical and more important now than ever, as the threat environment escalates and the attack surface continues to grow. This is also consistent with our OverWatch team’s findings.
So far, in the first-half of 2020, we have seen a 154% increase in distinct and sophisticated intrusions; stopped 41,000 potential breaches, which is more than all of last year; and we have seen a sharp increase in eCrime with 27 different industry verticals falling victim to criminally motivated intrusions, which is more than double in the same period last year.
Additionally, many of the security leaders we spoke with believe that experiencing a breach now, while their business is under extreme stress due to the impact of COVID, would be far more detrimental to their business versus last year.
Second, to secure the hybrid workforce in today’s threat landscape, the two most important aspects of security are providing visibility and protection to workloads and implementing a zero trust architecture, which endpoint security is an important foundational element.
And third, to protect their businesses, CIOs are looking forward, not backwards. They want cloud platforms that are agile, easy to deploy, easy to manage, even if their security teams are working remotely. As such, today’s refresh is all about digital transformation and eliminating their reliance on complex and fragile legacy technologies.
We believe CrowdStrike is a winning combination to continue gaining new customers at a rapid pace, displacing both legacy and next-generation players. Many of the attributes in Falcon that are resonating most with customers, as they address today’s security challenges were purpose-built into the platform from inception. Because the Falcon platform is cloud-native and our lightweight agent does not require reboot unlike most of our competitors, customers can easily and remotely deploy, manage and protect our workloads at scale.
Security effectiveness is directly related to the quantity and quality of data collected and the ability to analyze it in real-time. All the data we collect is stored in one place, the Threat Graph, where it’s analyzed almost instantaneously across our entire customer base, providing real-time protection and community immunity.
By streaming the telemetry to the cloud with our proprietary smart filtering technology, we believe we have a fundamental time and performance advantage over most vendors, because they store their data locally on the endpoint.
Threat Graph is also foundational to our ability to dynamically scale and expand our product lineup, as we collect the data once and have the ability to reuse it many times. This is not only a technology advantage, but also a business model advantage that drives strong gross margin performance.
As more business is conducted virtually and more workloads move to the public clouds, protecting those workloads is now a priority for CIOs. CrowdStrike Falcon was built in the cloud for the cloud, and a core differentiator of the Falcon architecture is that we offer one platform for all workloads.
The CrowdStrike Falcon platform protects workloads across all environments, including workloads and containers running in both public and private clouds with a single agent and unified user interface.
Today, we protect over 1 billion unique container instances and are continuing to build strong momentum with DevOps and security teams. We hope you join our virtual investor session of Falcon on October 15 to learn more about our cloud capabilities.
Our technology superiority in protecting cloud workloads led to one of our marquee customer wins this quarter. With a rapid transition to working and socializing from home, Zoom experienced a surge in popularity and became a target for bad actors looking to exploit its success.
Their Linux environments in AWS and Oracle Cloud were growing very rapidly to accommodate the increased demand for their SaaS offering. Seeking a strategic partner with a mature product and proven track record in protecting large-scale Linux deployments for other cloud leaders, Zoom called on CrowdStrike to help protect their critical cloud and Linux workloads.
Let me share a few additional stories that demonstrate how the power of the Falcon platform translated into customer wins. The next customer win I will highlight is with a multinational financial services company and showcases the velocity of our sales motion, as well as the strategic value of our platform.
While this organization had been a professional services client in the past and a threat Intel customer for sometime, they were averse to cloud technologies and entrenched with legacy on-premise vendors.
However, in order to adapt to the new realities of a work from anywhere model, they embrace cloud, accelerated their digital transformation plans, and in the process realized they also needed to transform the security architecture and gain visibility into their endpoints.
This company was also looking to free themselves from their hodgepodge of legacy solutions and move on to a single platform that could be easily and rapidly deployed globally. The speed of deployment and time to value were critical factors in their purchasing decision, as the mere thought of having to reboot its complex network of systems have kept this organization from moving to a modern architecture sooner.
CrowdStrike’s single lightweight agent that can be deployed in seconds and does not require reboot significantly set us apart from the competition and was a large contributor in accelerating this customer’s time to value.
The customer recognized CrowdStrike’s superior technology and business value and we closed this deal in eight weeks from proof of value to purchase order, all virtually. We ultimately displaced three incumbent vendors with Falcon Prevent for next-gen AV, Insight for visibility, Discover for IT hygiene and OverWatch for threat hunting.
The next customer win I will share is with the leading airline and shows how even companies and severely impacted industries are willing to change course during this critical time and under immense budget constraints in order to have security that just works.
This organization was frequently being attacked by adversaries, and the security team was frustrated and fed up with the inability of their patchwork of legacy and next-gen vendors to keep up.
As a result, they were spending a lot of money on services to supplement their fragile security tools. By demonstrating the superior capabilities and quick ROI of the Falcon platform, we won this new customer beating and displacing next-gen vendors that had ineffective and cheaper solutions.
The last customer win I will share with you is with a leading U.S. hospital based in the Pacific Northwest that was looking to replace four incumbent legacy vendors in support of their initiative to move to the cloud and use of virtual desktops.
This organization was looking for a suite of solutions on an extensible platform, including an open ecosystem like the CrowdStrike Store. It was also interested in managed security services, so they can free up constrained internal resources, while at the same time fortifying their security posture.
While the competition was trying to leverage their bundled license structure, along with their cloud hosting relationship, they could not produce one single reference that could speak to the quality of their managed services. CrowdStrike, on the other hand, offered multiple references in their own industry and won the deal on the spot.
In addition to Falcon Complete, our fully managed endpoint protection offering, this new customer is using six Falcon modules. These are just a few of our 7,230 subscription customers as of the end of the quarter that have turned to CrowdStrike to help them stop breaches, transform their security posture and streamline their IT operations.
As you can see from the exceptional results we reported today, we are building strong momentum in the market, as companies fast-forward their businesses to an all digital world and embrace the future. In this new normal, companies recognize that security transformation is fundamental to digital transformation.
With our cloud-native platform, purpose-built to solve modern security challenges, CrowdStrike is in a unique position to capitalize on this long-term sustainable trend and expand our leadership in the security cloud category.
With that, I’ll turn the call over to Burt.
Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP.
We delivered another outstanding quarter with strength in multiple areas of the business and could not be more pleased with the team’s exceptional performance, especially in light of these challenging times.
In the second quarter, we delivered 87% ARR growth year-over-year to reach $790.6 million. We added $104.5 million in net new ARR, representing 77% year-over-year growth, which was above our pre-COVID expectations.
The growth in ARR was broad–based and driven by another strong quarter for new logo additions and strong expansion business with low contraction and churn consistent with prior quarters.
As George mentioned, we signed the second largest deal in the company’s history, and this contributed low eight figures to ARR. Excluding this deal, we still delivered quarter-over-quarter growth in net new ARR.
Moving to the P&L. Total revenue grew 84% over Q2 of last year to reach $199.0 million. Subscription revenue grew 89% over Q2 of last year to reach $184.3 million. Professional services revenue was $14.7 million, up 40% year-over-year.
Professional services are a strategic part of our business as these engagements lead to new subscription business. And this quarter, we saw record demand for our services business and a record number of seven-figure subscription ARR deals, resulted from our services engagements.
Additionally, we continue to grow the average subscription ARR derived for every $1 spent on an initial incident response or proactive service engagement from the $3.73 level reported as of January 31, 2020.
In terms of our geographic performance, we continue to see strong growth in the U.S., as well as our international markets. Approximately 71% of second quarter revenue was derived from customers in the U.S.; 14% from Europe, Middle East and Africa markets; 9% from Asia Pacific; and 6% from other markets.
We remain focused on building a long-term business with sustainable growth and compelling margins. In Q2, we recognized significant operating leverage in our SaaS model and the benefits of scale, even as we increase investments in our global reach and cloud platform.
Second quarter non-GAAP gross margin improved to 75% from 73% a year ago. Our non-GAAP subscription gross margin increased to 78% compared with 76% in Q2 of last year and 78% last quarter.
We are very pleased with our strong subscription gross margin performance again this quarter. But as a reminder, we expect gross margin to fluctuate quarter-to-quarter, but within our target range as we ramp new data centers.
Total non-GAAP operating expenses in the second quarter were $140.9 million, or 71% of revenue versus $99.1 million last year, or 92% of revenue. We continue to invest in aggressively in our business during the quarter, including shipping more of our sales and marketing spend from in-person activities to digital and ramping new hires in key areas.
Scaling our business efficiently remains a top priority, which is why we focus on our unit economics, including Magic Number. In Q2, we ended with a Magic Number of 1.3, which is a new record, and an indication that we can continue investing aggressively in the business.
I’m also pleased to highlight that we reported non-GAAP operating income for the second consecutive quarter. Non-GAAP operating income was $7.8 million. As a result of our rapid top line growth, expanding gross margin profile and continued disciplined approach to investing in our business, we drove strong operating leverage in the quarter.
Our non-GAAP operating margin improved 23 percentage points year-over-year. Q2 represents our seventh consecutive quarter of improving non-GAAP operating performance on both the dollar and margin basis.
Given the incredible opportunities and dynamics we see in the market today, along with our strong unit economics, we intend to increase our investments and our go-to-market engine and hire aggressively in key areas in order to create even more distance between CrowdStrike and the competition. At the same time, we have increased our operating performance expectations for the year and now expect to deliver operating income for the full-year.
Non-GAAP net income in Q2 was $7.9 million, or $0.03 on a diluted per share basis. Given the reported non-GAAP income in the quarter, the weighted average common shares used to calculate second quarter non-GAAP EPS was on a diluted basis and totaled 233.2 million shares.
Turning now to the balance sheet. Cash and cash equivalents increased to approximately $1.1 billion. Cash flow from operations was approximately positive $55.0 million and free cash flow was positive $32.4 million, both measures ahead of our expectations.
Moving to our guidance. We continue to remain optimistic about the demand for our offerings and the powerful secular trends fueling our growth. Given the growth drivers of our business, as well as our strong second quarter performance and momentum into the third quarter, we are raising our guidance for the fiscal year 2021.
While we do not specifically guide to ending or net new ARR, given the exceptional strength of Q2, which included the second largest deal in our history, we expect to see atypical seasonality in net new ARR as we move from Q2 into Q3.
Additionally, as we discussed last quarter, we are maintaining our pragmatic outlook regarding the uncertain global macroeconomic backdrop and have prudently maintained our higher assumption for contraction and churn for the remainder of the year, even though we have not seen significant increase in this metric to date.
For the third quarter, we expect total revenue to be in the range of $210.6 million to $215 million, reflecting a year-over-year growth rate of 68% to 72%, with subscription revenue being the dominant driver of growth.
We’re guiding to be approximately break-even at the midpoint of our operating income guidance, which is a quarter ahead of our previous goal. We expect non-GAAP operating income to be in the range of a loss of $1.4 million to income of $1.6 million and non-GAAP net income to be in the range of a loss of $2.2 million to income of $900,000.
We expect diluted non-GAAP net income per share in the range of a loss of $0.01 to break-even. For modeling purposes, please note that if we report positive net income in Q3, we expect our share count to be $235 million fully diluted shares versus $219 million basic shares if we report a net loss.
For the full fiscal year 2021, we currently expect total revenue to be in the range of $809.1 million to $826.7 million, reflecting a growth rate of 68% to 72% over the 2020 fiscal year.
Non-GAAP income from operations is expected to be between $3.6 million and $16.4 million. We expect fiscal 2021 non-GAAP net income to be between $5.6 million and $18.4 million. Utilizing weighted average shares used in computing diluted non-GAAP net income per share of $234 million, we expect non-GAAP net income per share to be in the range of $0.02 to $0.08.
And lastly, we saw strong free cash flow in the first-half of the year and expect to be operating cash and free cash flow positive for the back-half of the year.
George and I will now take your questions.
Thank you. [Operator Instructions] Our first question comes from the line of Sterling Auty of JPMorgan. Your line is open.
Yes, thanks. Hi, guys. Just in your commentary around all the benefits that you’re seeing in the current environment. I guess, one of the questions we hear from investors is, how much is the business directly benefiting from COVID? And what would you expect as the economy opens back up than we move past COVID to happen to the growth rates of the business?
Hey, Sterling, George here. So, when we think about COVID, there has certainly been some puts and takes, but on balance, we believe it’s been a tailwind for us. And really, what it’s done is to accelerate the deterioration of the perimeter. And as more companies move to a distributed work from anywhere paradigm, we believe it helps accelerate this movement. And from a security perspective, it really enables this digital transformation.
So companies can’t really keep their systems behind the perimeter anymore. And overall, from my perspective, it’s something that’s a sustainable trend, whether it’s work from anywhere or whether it’s actually moving these systems to the cloud.
So, if you look at just the airline, as an example, I mean, even in the COVID environment, we’re still getting big deals done in stressed industries. And I think, we’re doing that, because people are saying, how can they run their business more efficiently in the current environment and being able to consolidate all those agents and reduce costs and come out with a better outcome is ultimately what they’re looking for.
Make sense. Thank you.
Thank you. Our next question comes from Saket Kalia of Barclays. Your line is open.
Okay. Hey, guys, thanks for taking my questions here. How are you doing?
Great. Thanks.
Great. Thanks.
Hey, first, maybe – hey, Burt, hey, George. Hey, George, maybe first for you. Can you talk about the market size and endpoint long-term? And I don’t necessarily mean just growth of units. But I’m also curious how you think about what other TAM is being created as, to your point, end point is sort of becoming that new perimeter? And what other markets are potentially being consolidated into that endpoint security TAM? Does that question make sense?
It does, yes. And if you look at where we are today with our modules and typically when we add a new module, we add new TAM opportunities. We’re probably above $30 billion with all the TAM opportunities we have today and growing, right? So that’s today and into the future.
I think it’s bigger than that, because when you look at the opportunity in cloud and cloud workloads, and we talked about Zoom as an example as an opportunity for us to protect those workloads, I think, that’s really underrepresented in the TAM market today. And there’s a lot of adjacencies related to cloud and cloud protection and just – it’s just a different model.
So between understanding what the hygiene of those systems are, understanding what the vulnerabilities are having the ability to interact with them using some of our Discover for IT modules, it’s a growing TAM. And I think, as I said, in some areas, it’s probably underrepresented. Because while we’re – we get lumped in the endpoint security category, which is a category, we view it more as workload protection, right? And endpoint is just a subset of that workload.
And you have everything from mobile devices to IoT devices to cloud workloads, ephemeral workloads. And that’s a massive opportunity for us, particularly as you think about like 5G and its proliferation. So hopefully, that gives you kind of a quick snapshot of the TAM that we have today. But as we add new more – as we add more modules, we continue to add more TAM to our opportunity.
Yes, sure, that makes a ton of sense, George. Maybe for my follow-up for you, Burt. Hey, nice to see the shift to profitability in the guide. You touched on this a little bit in the prepared remarks around overall investing. But could you just maybe double-click a little bit on how you feel about your pace of hiring, particularly in sales, just as we start preparing for next year?
Sure, Saket. So first, of course, we, as mentioned, we are continuing to aggressively invest in our business. That’s number one. Given the overperformance in Q2, we have an eye to ensure that we have the requisite coverage. We have increased – we’ve definitely increased our hiring plan in key areas and we will continue to do so.
Having said that, as you’ve been following us for a while. unit economics remains important to us. So we talked about the Magic Number being 1.3, the highest it’s ever been in company history. We don’t plan to take our eye off of it, but it does tell us that we have room to invest.
And so I think that so far today, we’ve had an excellent return on our S&M investments. It’s interesting, there’s a – we have a strong position today in the market for talent. I think that we have the ability to attract the best that’s out there and we’re acting upon.
I mean, it’s a unique time, as you know. I think we have the right solution. It’s the right market. We have an excellent competitive backdrop. I think we’re going to take advantage of all those things. So in summary, we’re not going to take our foot off of the gas pedal and we’re going to continue to invest.
Very helpful. Thanks, guys.
You’re welcome.
Thank you. Our next question comes from Gur Talpaz of Stifel. Your line is open.
Okay, great. Thanks for taking my questions. I’ve got one for you, George, and one for you, Burt. George, you alluded to this in the prepared remarks. But can you talk about the appetite for workload security transformation? And I think, ultimately, displacement of legacy and next-gen systems. And I think, more importantly, have you seen a shift here over the past quarter, and if so why?
Well, we have seen, I think, an acceleration in that area and a shift, because as people are trying to execute on their digital transformation plans, they actually figured out they need a security transformation first. And in order to get all these legacy systems up into the cloud from a compliance perspective, you have to have security. And typically, what we’ve seen in cloud workloads is they’re under protected. They’re just – there’s not – there’s really nothing there protecting them.
So we see it as a Greenfield opportunity for us. I mentioned that, on a daily basis, we protect over 1 billion cloud containers, 1 billion and those are ephemeral containers that come and go. So, we’ve really built, I think, a great reputation and tremendous capabilities from a technology perspective in that area and we continue to double down in cloud workload protection.
So if we think digital transformation is here to stay, which I do security transformation as part of it, moving to the cloud, cloud workloads are going to need to be protected. And right now, they’re under protected. There’s not much there. So we feel really good about it.
That’s helpful. And then, Burt, the continued ramp here in module adoption, I think, remains really impressive. Maybe you can walk us through what continued growth there means to the model, particularly from a margin standpoint? Thank you.
Sure, Gur. Great. So first of all, we’re very pleased with our module adoption, let’s just start there. We have seen an increase in the number of customers using both Discover and Spotlight in the quarter and they have been two critical modules for us outside the core three, the big three that we talked about constantly.
Overall, we – obviously, we’ve seen this in the past, overall, we continue to see strong adoption for our modules with customers without paying four more modules increasing to 57% and those with five or more modules increasing to 39%. And I think that, that in and of itself should give you an idea as to how well we think we’re doing with respect to module adoptions.
With respect to profitability and what this means for us, every new module, of course, after the first adds to our bottom line. It’s virtually all of the new modules that, that come on board become virtually all profitable. So as we think about the opportunity in front of us, both in new logos and the new expansion and an up-sell, we feel that there’s a unique opportunity for us to continue to go after both.
And so because we can go after both and because we think that we’ve got this great platform, where we can add new modules, bring them in seamlessly into our platform, we’re able to drive more profitability into our business as we continue to expand our module adoption, as well as adding new modules to the platform.
Okay, great. Thank you.
You’re welcome.
Thank you. Our next question comes from Alex Henderson of Needham. Your line is open.
Thank you very much. Last quarter, you guys talked about the rapid rate of adoption of your endpoint technology through AWS uptake. I think you said it was 75% to 85% type quarter-to-quarter growth. I was hoping you could give us some sense of what that update looks like, at this point, whether that’s continuing at those very high rates of growth, or whether it’s starting to level off a little bit?
Sure. Hey, this is George. So we didn’t give any specific guidance around the actual numbers. But we’re seeing similar adoption when we think again about some of these big wins in the cloud. We’ve talked again about Zoom and their AWS environment and, in particular, Falcon for AWS.
We’re seeing great adoption there. And we don’t – we only seeing it. We only see it continuing to do really well. As I said before, there’s not a lot of solutions – competitive solutions that really operate so seamlessly in the cloud. And customers like it, we integrate with their marketplace in store. We have metered billing, so it makes it super easy for customers to be able to implement and use it and get billed appropriately.
If I could follow-up. Clearly, there is a big opportunity for you in one-time deployments around Kubernetes. But have you started to work on pushing back to predeploy environments into the Jenkins process and the like to tie in both the front end and the back end of that process?
Well, the beauty of our technology is that, it doesn’t necessarily have to be in the flow of that process, because we run underneath all of the containers. It’s seamless for developers to just deploy and not have to worry about putting another agent in a container unlike our competitors.
So we certainly have a lot of interaction with the DevOps teams. But the reality is, they don’t have to change much in terms of deployment, because it’s so seamless behind the scenes.
Great. Thank you very much.
Thank you. Our next question comes from Tal Liani of Bank of America. Your line is open.
Hi, guys. This quarter, you expected to be the low point for net new ARR, and it was actually a very strong quarter. I’m just wondering, Burt, if you can take us through what changed in the quarter versus your previous expectations? That’s my first question.
Yes. Hey, Tal. So first, let’s be clear, what I said was that Q1 may not be the low quarter in the year. So I didn’t necessarily comment on Q2. We’re obviously excited for the phenomenal quarter that we just put up on the Board. Even without the oversized deal that George had talked about on the call, I think, that a lot of things that George had talked about kind of led to the great quarter with the – I think that the acceleration of deterioration of the perimeter. That’s number one.
Clearly, the acceleration towards digital transformation, I think, that, that has also helped in the quarter. But overall, it goes back to what George has built, right? I mean, he built a company where we’ve – it’s a single agent, single platform, it’s data-driven. You get data once, you reuse it many times. And, of course, it goes to the ease of deployment and ease of management, all those things are working well today and really lending itself to today’s environment and for years to come.
That said, you combine that with the competitive environment, which has been very good for us. And I think that, given all of those things coming together, we saw the over performance in Q2.
Got it. So when you look at the net new ARR and the performance, can you give us a flavor of – I don’t know if exact numbers, but at least talk about it. What’s the split about between new customers, additional endpoints within existing customers and also new module additions?
Sure. So as I mentioned, right now, we are winning both net new logos and we’re winning up-sells and cross-sells at very robust level. So for us, in net new logos you saw the number, it’s a record for us. So we’re really excited there.
And, of course, on the cross-sell and expansion, we had a great quarter as well. And we feel that we still have tremendous amount of headroom on both. I think, what was really special about Q2 was that it was strong in both of those areas. And we’re going to continue to go after both in a meaningful way and we back it up with our comp plans.
Today, we paid for net new ARR, whether it comes from a new logo, or whether it comes from an up-sell expansion. We’re paying the sales team equally for both. So today, because we feel we have a lot of headroom with respect to the new logos, that’s going to play well in that area. And also because of our unique customer base, we have this huge opportunity to continue to up-sell and cross-sell the 2,000 unique customer base. And, of course, as we add a new module that just gives us an opportunity to sell that new module to our ever-growing customer base.
Got it. Excellent. Thank you.
You’re welcome.
Thank you. Our next question comes from the line of Sarah Hindlian-Bowler from Macquarie Capital. Your line is open.
All right. Great. Thank you so much. Thanks for taking my questions, George and Burt. Good to hear from you, and congrats on another stellar quarter. So I know you’ve been asked about this a little bit. But I wanted to follow-up on Saket’s question on what’s driving really the better unit economics you’ve outlined on the call for us, Burt.
Is there some better-than-expected success in some of your new go-to-market initiatives with maybe some of the self-serve is adoption of new cloud products just scaling really quickly, so that your gross margins are improving a little bit faster and there’s some flow-through there? Is there just a little bit of additional color you can give up on what’s driving this really strong unit economics and this better march towards profitability than I was expecting?
Hey, Sarah, great to hear your voice as well. So thanks for the question. So first, since day one, we’ve been – we’ve had an eye to unit economics. We – the way that process works, sales team works with finance team to develop capacity planning, then we look at the capacity planning and then we take it and we put it into our financial models, and we come out with a range of unit economics that we get comfortable with.
And so when it starts there and when we see this opportunity in front of us with respect to many of our competitors, not being able to keep up with our tech and our go-to-market, what’s been happening is we’ve seen success across all of our different swim lanes and success along – across our geos. So when you have all of that, it’s going to lead to strong unit economics.
And for us, we continue to measure that. We continue to look at how we think about each of the reps and each of their different categories, each of the different territories. And then we triangulate that with respect to the product adoption, as well as the geo adoption. And so far, we’ve seen great success across the Board on all of those different elements.
With respect to our marketing plans and with respect to where we live in today with respect to the increased importance on digital, we – we’ve funded those accordingly. We’ve looked at the returns that we get on those particular initiatives and they’ve been successful for us. Maybe for a little color on that, I’ll pass it over to George with respect to our programs.
Yes. Thanks, Burt. So, you touched on the digital piece, and we spent a lot of time having the platform sell itself with in-app trials and the ability to instrument what customers are doing, and really be able to take that information and convert that into sales.
So, one of the things that we really focused on in building the company is not only building a scalable technology to prevent breaches, but also build a very scalable sales model, which uses technology behind the scenes that people never see. So I think that’s part of it. And we continue to refine how we go-to-market and how we get the customers. And Burt and I are always looking at the cost of sales and trying to make it as efficient as possible.
Well, thank you, both. That was very helpful. I appreciate it and congratulations.
Thank you.
Thanks, Sarah.
Thank you. [Operator Instructions] Our next question comes from the line of Walter Pritchard of Citi. Your line is open.
Okay, thanks. Two product questions, or I guess one product, one go-to-market. On the – I know you’ve been doing a program with home systems and some employees are working at home off of different systems. I’m curious what – how hard you’ve pushed on monetizing that, and just an update there? And then had a follow-up on the SMB segment.
We’re still in the cycle of helping companies get through this. So we haven’t pushed that hard and monetizing it. There has been a tremendous amount of interest. And, again, that was a program that we put together, specifically for COVID. But it’s something that we can continue – we can continue if we’d like going forward and we see a lot of demand for it.
So, no real updates on that other than lots of people taken advantage of it. And at this point, we really haven’t pushed on monetizing as people just try to get their sea legs and get through this pandemic.
Great. And then on SMB. How would you articulate the mix of the business or success you’re seeing incrementally in that market? A little hard to tell on the customer counts been great and it doesn’t look like you’re getting that much smaller, but wanted to see where you feel like your progress is there?
Well, I’ll let Burt jump in here, too, as well. But I think just that the broad strokes level, we’ve had a lot of success in the SMB market. I can tell you, we’ve got a very well refined inside selling motion combined with a trial. We’ve been able to help customers through time and needs, where they’ve been using legacy technologies and have been hit really hard by ransomware. So we’ve done really well in that environment. And again, we continue to, I’d say, make great strides in how we market to those SMB customers.
And Burt, is there anything else that you want to…?
Yes. No, thanks, George. Yes, sure. The one thing I’ll add is, of course, is that SMB in terms of our overall business is still the small portion of our business. We’re growing across the Board so well that, it will remain there for a little bit. I think, the strength and that talks to more on the strength of our strong enterprise growth and some of these deals we’re able to land.
In this quarter, obviously, we had an outsize deal. But we’re seeing the velocity of our SMB space get picked up. And I think it talks to the fact of the frictionless go-to-market that we’ve created and really favorable competitive environment, which is driving that growth both on the enterprise level and on the SMB level.
Thank you.
You’re welcome.
Thank you. [Operator Instructions] Our next question comes from Brad Zelnick of Credit Suisse. Your line is open.
Great. Thanks so much for taking the question and congrats once again to all of you. George, I wanted to ask about how customers are deploying Falcon in conjunction with legacy and even newer SIM and observability platforms. For example, elastic acquired an endpoint capability and I totally get your value prop extends well beyond endpoints. But how do you think about these worlds aligning or even converging?
Well, we’ve got customers that have different technologies in their environments. And they may have something where we’re running side-by-side. We may replace a lot of technologies that are in their environment. We may run side-by-side and then replace a bunch of technologies, it really depends on the customer and their cycle and when their subscriptions run out things of that nature.
The beauty of the technology is that, it’s really all API-driven. So if a customer needs to plug things together, get data out of our system, we believe in best a platform approach, so that can be plugged into other technologies out there and we’re open right. So we realized this other security tools that are out there and we’ll work with others.
But at the end of the day, once we get in even with one module, we know we have a very high conversion rate in many other modules because of how easy it works, easy to deploy efficacy, et cetera. So, it depends customer-by-customer, but overall, it’s just a matter of getting into a customer with either one or more module and then being able to expand that out.
I appreciate the answer. Thank you so much, guys. Be well.
Thank you.
All right Thank you.
Thanks, Brad.
Thank you. Our next question comes from Fatima Boolani of UBS. Your line is open.
Good afternoon. Thank you for taking the questions. George, maybe one for you just on the theme and topic of go-to-market and go-to-market efficiency. I did want to drill in on the Okta, Proofpoint and Netskope partnership, the depth of technical integration there is pretty clear. But I’m wondering if you have a formalized or joint go-to-market motion in place where there are shared economics? And just to kind of extend that out, any tangible go-to-market successes you’ve seen in the field kind of going to market together or certainly anything that you’re seeing in the pipeline that kind of gives you confidence that this is the right combination of partners?
Sure. Well, I would say, we’re still in the crawl, walk, run stage and there’s no shared economics at this point. But what we’re really focused on is getting the best outcome for customers and putting best of breed platforms together. And I think what we’ve seen over time is that customers aren’t interested in building things. They’re interested in assembling, if you will, taking CrowdStrike, Okta, Proofpoint and others putting them together. And I think that’s important.
So, we’ve got the integrations there and a big part of what we’re doing as well. Things like Okta is helping to drive zero trust initiatives, right, where the endpoint really has a view of what’s happening and an idea of what’s happening from an identity perspective. That’s really important for a lot of these identity brokers, if you will.
So, I mean, overall, it’s been very well received by customers and a lot of joint customers that are using all these technologies and they’re looking for vendors to be able to come up with solutions that just seamlessly work together and share information. And that’s really what we’re focused on.
I appreciate the color. Thank you.
Thank you. Our next question comes from Gray Powell of BTIG. Your line is open.
Great. Thanks for taking the question. Yes, so I’ll be quick. I think with the trends to work from home just about everybody knows that companies had to go out and they had to buy more laptops and the device footprints have increased. Just roughly speaking a ballpark number, by how much do you think the endpoint footprint at your typical customer has increased over the last six months? And then where do you think customers are with that spending cycle? Is there still more to go? Or do you think they’re where they need to be?
Well, it’s a good question. I don’t know that I have an exact answer. We have seen accelerations in companies buying laptops. We’ve seen great uptick in mobile protection. We’ve done some really big deals in – on the mobile side as well, where organizations couldn’t afford maybe laptops, or they bought some lower-cost mobile devices.
And I think overall, that sort of expansion is one way to look at it. But I think you also have to look at in combination for every asset they actually create, or new asset they buy, how many new cloud instances are they spinning up to support those assets. And what we’ve seen is that there is a pretty big increase in just all the cloud workloads, as these – you may buy a laptop and add many more cloud instances.
So it’s hard to – it depends on the company, and it’s hard to pin down. But overall, as I said before, I think, it really is a sustainable trend that these devices, they’re not going to go away, they bought them, they’re not going to go away and they’re going to probably buy more of them. But at the same time, they’re also putting more in the cloud and all of those cloud workloads need protection as well?
Got it. All right. Thank you very much.
Thanks.
Thank you. Our next question comes from Shaul Eyal of Oppenheimer.. Your question please.
Thank you. Good afternoon, guys. Congrats on the quarterly performance and improved outlook yet, again. George, a question on Microsoft. We keep hearing about them advancing within the security arena with a growing focus on some categories, endpoints, identity, e-mail, and some other included. How do you see their advancement? And has anything meaningfully changed from Microsoft perspective in that regard?
Well, again, Microsoft is still primarily a signature-based legacy AV product, and they certainly made some strides. But I think fundamentally, he’s got a lot of legacy tech and then they’ve got some acquisitions thrown in there. And what we’ve seen in the field is the customers want a single agent, a solution that works across not just windows, but across Linux and Mac seamlessly.
And a company that’s really focused on stopping breaches. And we’ve seen a lot of customers that just are looking for a church and state and there’s so many Microsoft patches and vulnerabilities that have come out, I think, 11,000 security issues just from May through July alone, that they’re looking for solutions to help deal with some of that, and I think they’re looking for church and state. So, certainly, they’ve got some offerings there, but a lot of it is very complex with multiple consoles and harder to really operationalizing, I think, a lot of people…
Understood. Thank you.
Thank you. Our next question comes from Andrew Nowinski of D.A. Davidson. Your line is open.
Okay, thank you, congrats on nice quarter. You spoke a lot about cloud workloads today and I understand it’s based on metered billing versus on a per endpoint basis. But can you give us anymore color on the revenue contribution from cloud workloads relative to the revenue contribution from your traditional endpoints? And then where would you rank cloud workloads on the list of your top revenue growth drivers going forward?
Well, we haven’t put out anything specific on actual numbers in cloud workloads. And just to be clear, we have the ability to bill on a metered billing basis. But we also have the ability to leverage the traditional model we have, and we have companies that do both, right? So it’s not one or the other. It’s actually both.
But I would say, in general, when we look at the opportunity in cloud, I really think we’re just scratching the surface. I don’t – I haven’t run into too many CIOs or folks in technology that believe that cloud is going to slowdown anytime soon. In fact, really, what we’re seeing is,. we’re sort of staring at 2023’s digital transformation plan and we’re looking at in 2020, right? They’ve just – everything has been accelerated.
And, as I said earlier, there’s just a lack of protection in those environments. And companies have really figured out they have to go through security transformation before they can actually get their digital transformation off the ground that support it.
Got it. Thanks, George.
Thanks.
Thank you. Our next question comes from Matt Hedberg of RBC Capital Markets. Your question, please.
Okay, guys, thanks, George, regarding the CrowdStrike store, you added a number of applications this quarter, including Illumio. Yes, I’m wondering, can you talk about the longer-term strategy and really monetization opportunity of the store versus your core platform?
Yes, sure. I think Illumio is a great example of what we’ve been able to do and really what we’ve been able to create, it’s really more than a store. You can think about it as endpoint, PaaS, right, Platform as a Service, where we’ve got very valuable beachfront real estate which happens to be these endpoints and workloads and customers don’t want yet another agent.
So our store partners can take advantage of the infrastructure we built the micro services, the API’s, the workflows. And instead of putting out yet another agent, they leverage our infrastructure. We get paid for that. And ultimately, it’s a great win for the customer, not another agent, because they’re leveraging what we have, and a seamless integration for other capabilities.
In the case of illumio, they’re helping to prevent lateral movement based upon some of their expertise in microsegmentation space. So, we’re 14 partners today. We continue to grow that out. And, again, it’s been very strategic to us and we’ll look to really harvest and monetize that in future years. But right now, it’s about solving problems for customers and making it really sticky.
Thank you.
Thank you.
Thank you. Our last question comes from the line of Gregg Moskowitz of Mizuho. Your line is open.
All right. Thanks very much, and thanks for taking the question. George, just getting back to the competition, you called out some interesting customer case studies. But more broadly, if you were to look at just the rate and pace of displacement activity in terms of what you’re seeing and hearing from your Salesforce, from your channel, and just kind of look at that over the past few months., Has that shifted at all? Has that sort of accelerated as it relates to competing against both legacy, as well as more next-gen type solutions?
Yes, it’s been favorable. It continues to remain favorable. Obviously, there’s a lot of shared donors out there. We’ve made substantial gains in the latest IDC report in terms of our market share, and there’s a lot of donors, right? It’s certainly Symantec, but a lot of other donors, including next-gen players when they’re going through their renewal cycle.
So, overall, it’s actually, I think, been a great market for us. And customers, again, are looking for that consolidation play, reduction of agents, reduction of cost and better outcomes, and that’s what we’re able to deliver.
Terrific. Thank you.
Thank you.
Thank you. At this time, I’d like to turn the call back over to George Kurtz for closing remarks. Sir?
All right. Well, thank you. We’re excited about the quarter and we look forward to talking everyone next quarter, and we certainly want to wish everyone well and please stay safe and we’ll talk soon. Thank you so much.
Ladies and gentlemen, this concludes today’s conference call. Thank you for participating. You may now disconnect.