The Importance Of Cyberdefenses
As more and more activities move to the digital realm, the more risks they entail as well. This is true not only in terms of increased competition or changing business strategies, but also in terms of actual security risks.
For example, theft, which used to require physically going to steal a company’s assets, can now be done remotely and almost invisibly by cybercriminals. Blackmail can also now take the form of holding hostage not a company’s employees or assets, but by threatening to destroy or publish confidential data, or to block a company’s operations until the criminals’ demands are met.
As a result, cybersecurity is a booming sector, with even more growth projected in the future. It is currently a $245B market, expected to grow by 12.9% CAGR until 2030.
Source: Grand View Research
The growth of the cybersecurity sector is driven mostly by the adoption of new technologies, especially ERP (Enterprise Resource Planning ) and CRM (Customer Relationship Management) softwares for B2B cybersecurity and cloud-based services, together with the increased frequency and severity of cyber attacks.
Source: Statista
As more data is located in the cloud, it makes sense that cybersecurity solutions are also moving there. One company was ahead of this strategic move: CrowdStrike.
CrowdStrike Holdings, Inc. (CRWD +1.12%)
CrowdStrike: A Leader in Cloud Security
CrowdStrike was founded with a cloud-first approach to cybersecurity, with a strong focus on B2B (business-to-business) markets.
It was founded in 2012, with only $26M in initial funding. It started to release its global threat report in 2018, now an industry-leading information source. It became a publicly traded company in 2019 and started a series of acquisitions, together with module launches, to create a complete end-to-end cybersecurity solution.
CrowdStrike’s early move to the cloud allowed it to be ahead when it came to protecting this type of data, and proved a major competitive advantage as more and more companies moved from self-secured, on-site servers to cloud servers.
The company can provide security to all levels of the organization, from individual devices to the whole IT infrastructure of a company.
Source: CrowdStrike
The company counts among its clients most of the world’s largest organizations, notably:
- 18 of the 20 largest US banks.
- 44 out of 50 US States.
- >70% of the Fortune 100 companies.
Source: CrowdStrike
This makes CrowdStrike the world’s largest independent software vendor securing Windows systems, with the company working hand-in-hand with Microsoft (MSFT +0.93%).
CrowdStrike’s Integrated Cybersecurity Model
How CrowdStrike Integrates Cybersecurity Tools
A key point of Crowdstrike’s offer is that it brings together in a cloud environment what was before an extremely fragmented landscape of security solutions that needed to be integrated with each other.
For example, threat intelligence, the information about viruses and other digital threats like specific hacker groups and infected systems, was then used by software like McAfee or Symantec for data protection.
Or SIEM (Security Information and Event Management), the aggregation of security-related data in an organization, needs to be organized with identity verification and endpoint safety (defense of devices).
Source: CrowdStrike
CrowdStrike’s Subscription Revenue Model
Because Cybersecurity is something that needs to be deeply integrated into a company’s operations, the choice of a cybersecurity provider is a long-term one.
This results in CrowdStrike’s revenues being highly predictable, with 98% gross retention of its user accounts. CrowdStrike’s Annual recurring revenue (ARR) where $3.9B in Q2 2025, with a target of $10B fixed by the company for 2031.
Source: CrowdStrike
Another aspect of CrowdStrike is that the product is highly modular. Some companies might not need all the possible cybersecurity tools, or lack the ability to implement them yet. Others might only want to test some functions before deciding to replace their existing solutions entirely.
In all these cases, the client can choose to pick only a few modules of the whole platform.
On average, 7 modules are used per customer (for customers with $100K+ ending ARR). In total, 67% of users use 5 modules or more, and 21% use 8 modules or more. Generally, the older a customer, the more cybersecurity modules from CrowdStrike it adds to its systems.
CrowdStrike’s Innovations in SIEM Security
Security Information and Event Management, or SIEM, has been the initial core of cybersecurity strategy.
It is the activity of gathering and identifying all the potential weak points, concerned devices, their connections to each other, and the overall architecture of an organization’s digital systems, and their implications for cybersecurity.
It was also the least innovative and reactive segment of the industry, with a severe lack of innovation from incumbents.
CrowdStrike has worked to change that with a few key changes:
- Platform consolidation allows for smooth integration with other cybersecurity tools.
- A threat-first approach moving away from the outdated existing-infrastructure-first approach.
- Easy data imports.
Source: CrowdStrike
How CrowdStrike is Creating New Cyber Markets
Following its initial lead in cloud-based cybersecurity, the company has made somewhat of a habit to create new markets in the industry in response to evolving cyber-threats.
For example, it created the identity protection segment and recently grew it from $200M in revenue in Q2 2024 to $350M a year later, or a 70% growth year-to-year (4,000+ customers).
This allows for much more secured login and identification of users into an IT system, a growing requirement as more and more employees are working remotely or needing access to sensitive data.
Source: CrowdStrike
The same happened for cloud security, which is still growing extremely quickly, with a 80% year-to-year growth, reaching $515M revenues and >10,000 customers in Q2 2025.
And as the threats become more and more complex, the level of integration and innovation CrowdStrike display has been a winning proposition with increasingly anxious corporations regarding cyberthreats that are beyond their core competences. And that was before the ongoing generalization of AI capacities.
Source: CrowdStrike
CrowdStrike and AI-Powered Cybersecurity
As AIs’ capacities are exploding, this is both to the benefit and to the detriment of cybersecurity.
On one hand, this is a very powerful tool given to hacker and cyber criminals. For example, LLMs (Large Language Models) can now be used to try to pry out of unsuspecting employees passwords, confidential data, or create other vulnerabilities without human intervention at all.
For example, “vishing”, or voice phishing, is now using AIs to generate credible voice requests for sensitive information, like login credentials, credit card numbers, or bank details.
On the other hand, companies like CrowdStrike can now deploy AI systems to monitor safety in real time and at a scale not previously possible. For example the company recently released Charlotte AI, a generative AI for cybersecurity. This is an AI agent helping triage security alarms, remove false positives and has already stopped billions of security breaches.
Source: CrowdStrike
“AI also helps prioritize which alerts are likely urgent. Our analysts then spend their time on the highest-risk issues rather than sifting through noise.”
David Levin – CISO (Chief Information Security Officer) at American Express
AI can also make the integration of CrowdStrike to legacy cybersecurity tools and IT systems a lot easier, with adding data to CrowdStrike cloud tools almost seamless.
Source: CrowdStrike
CrowdStrike was also integrated in May 2025 by NVIDIA (NVDA -0.01%) into its Enterprise AI Factory validated design
“CrowdStrike pioneered AI-native cybersecurity, and today we’re securing the standardized architecture that’s transforming how organizations innovate in the AI era.
Together with NVIDIA, we’re eliminating the guesswork from securing AI infrastructure with a validated reference architecture.”
Daniel Bernard – Chief Business Officer at CrowdStrike.
Overall, CrowdStrike sees AI-native cybersecurity platforms as a $116B total addressable market, with most of the industry still extremely fragmented and sub-scale for development of AI tools and data integration at the capacity CrowdStrike can deploy.
More Flexible And Accessible Offers
Falcon Flex
While being at the top of technical capacity is certainly important in a field as complex and quickly changing as cybersecurity, commercial offer can also have a huge impact on a company’s success.
A recurring issue for potential users of CrowdStrike was that they are not always sure of their present cybersecurity needs, and even less of future needs. As a result, a tendency to play it safe and stick to already implemented solutions, or to reluctantly expand subscriptions and modules have been common.
This is why CrowdStrike introduced Flacon Flex, a new licensing model for its flagship Flacon platform, with much less stringent and rigid subscription conditions:
- The subscription is now flexible, with a duration that can be changed from 1-5 years costlessly.
- The actual subscription costs can fluctuate depending on platform demand and usage.
- Modules can be swapped, making the costs of tentatively adopting a new module for a test a lot less daunting and expensive.
This has been a very successful offer, and since launch it has grown extremely quickly to represent a significant portion of CrowdStrike customers. In Q4 2024 these customers were “only” a $185M in total account value, which already grew to >$700M by Q2 2025.
Source: CrowdStrike
CrowdStrike Financing
Another issue for CrowdStrike customers, especially smaller companies, is that cybersecurity needs might occur when the company least expects it.
If this coincides with a severe crisis caused by security failure, it can be difficult to mobilize the financial resources to deploy expensive cybersecurity tools, even if they are now understood as direly needed. This is why CrowdStrike has started offering advantageous financing services to its existing and onboarding clients.
For the customer, the benefit is getting access to adequate protection without the constraints of the cash on hand available.
For CrowdStrike, this is the occasion to sign larger, multi-year deals, close the new deals or new module sales quickly, and build a stronger relationship with its users.
This service has only been provided to US customers so far, and so could likely be beneficial when expanded to customers globally. As it converts in generally larger deals, it is mostly cash neutral for the company.
CrowdStrike’s Financial Performance
From a financial point of view, CrowdStrike is remarkably profitable. It has registered 81% non-GAAP subscription gross margins, and grew its annual recurring revenues by 32% year-to-year.
Meanwhile, the free cash flow grew 44% year-to-year to reach $272M in Q2 2025.
The deals with large uses of the platform, with 8+ modules, are also becoming very frequent, with a growth of 66% year-to-year of such deals.
Source: CrowdStrike
As the above 95% retention rate persists, this growth in new clients should convert into very stable revenue streams for the years to come.
Analysis of the 2024 CrowdStrike Outage
Not all has been rosy for CrowdStrike’s uninterrupted growth. Unfortunately, the first time the company name became very well known beyond IT and investing professionals was during a massive IT outage linked to the company.
On July 19th, 2024, a botched software update from CrowdStrike caused around 8.5 million Windows computers to crash with dreaded blue screens, in what has been described as “maybe the largest IT outage in history”.
This affected many infrastructures, including hospitals, emergency services, airports, airlines, retail shops, broadcasting, government agencies, factories, etc.
What happened is that the update in the Falcon platform caused a crash in the software. But as Falcon is integrated pretty deep inside Windows, this caused the rest of the operating system to crash as well.
So this was not a cyber attack, nor a malicious event of any sort. But it was certainly a major blunder. Something the company is today referring to as (somewhat ominously) “the incident”.
Since then, CrowdStrike has changed its content update procedures to prevent similar incidents in the future. New updates will be rolled out slowly and not everywhere at once, and customers can now choose to pick if they are early adopters of these updates, delay, or even opt out entirely.
In addition, 3rd party input, review and validation has now been implemented, in order to avoid this event to ever repeat again.
This nevertheless illustrated the issue of centralized and shared software between so many critical systems, especially one with high-level authorization and deep into the OS, like a cybersecurity concept. This concept is central to CrowdStrike’s business model, as well as to most of its competitors today operating in cloud cybersecurity.
The generation of new leads and clients in the sales pipeline is apparently returning to “pre-incident levels.” Overall, this has not affected the service’s popularity, even if it has certainly made many customers more likely to delay updating their systems.
The Future of CrowdStrike in Cybersecurity
The transition to the cloud is still mostly ongoing for many large companies. This creates a large opportunity for a market leader like CrowdStrike to help them transition their cybersecurity strategy to the cloud as well.
The cloud-first approach of CrowdStrike has allowed it to take market share quickly and is now replicated by all the large cybersecurity companies. So, investors will want to pay attention to CrowdStrike’s ability to retain its advantage despite mounting counterattacks by the industry to catch up with the first mover.
The company should also see its international business grow, with still 3/4th of the Global 2000 companies yet to enter the CrowdStrike ecosystem. The arrival of AI as a massive accelerator for cloud adoption, IT migration, as well as a growth in threats should be an extra booster to CrowdStrike growth. And an extra tool to leverage for the company to do its job even better.
The 2024 IT outage illustrates the possibility of such centralization and ultra-fast connectivity to cause trouble as well. It is likely a sign of maturation of the industry that now, such an update will only be rolled back progressively and much more safely, limiting any failure to a much smaller and less publicized scale.
Still, “the event” does not seem to have hurt the company’s momentum, and the stock price has already rebounded almost to its all-time-high levels, demonstrating it. So as long as the world uses computers more and more, and as long as CrowdStrike can stay at the top of innovation in the cybersecurity space, investors will likely do well with the company.
(You can also read more about the cybersecurity sector in our article “Top 10 Cybersecurity Stocks for Digital Protection”.)
Latest CrowdStrike (CRWD) Stock News and Developments