CrowdStrike's meltdown didn't dent its market dominance … yet

CrowdStrike's major meltdown a month ago doesn't look like affecting the cyber security vendor's market dominance anytime soon, based on its earnings reported Wednesday.

CrowdStrike's faulty Falcon sensor update in July bricked 8.5 million Windows machines, grounding thousands of flights worldwide, delaying medical services and downing some US states' 911 emergency services. Nonetheless, it reported better-than-expected revenue for the second quarter of fiscal year 2025.

Total revenue for Q2 grew 32 percent to $963.9 million, execs told investors during a conference call on August 28. Annual recurring revenue (ARR) also increased 32 percent, year-over-year, to $3.86 billion – of which $217.6 million was net new ARR added in the quarter.

And while CrowdStrike did slightly cut its full-year guidance in response to the July incident – to between $3.89 billion and $3.90 billion, compared to its earlier FY 2025 revenue projection of $3.98 billion to $4.01 billion – "our execution following the July 19 incident highlights the resiliency of Crowdstrike's business," CEO George Kurtz declared on an earnings call.

CrowdStrike's fatal Friday on July 19 happened during the last two weeks of the business's quarter. While "a meaningful" number of its deals closed despite the global outage, some of these deals were delayed, Kurtz acknowledged. Still, "the vast majority of these deals remain in our pipeline," he assured investors.

Moving forward, these new customers signing CrowdStrike contracts will be key to watch – and a good indicator if the July 19 fiasco will have any lasting impact on the security vendor, said IDC Group VP of security and trust Frank Dickson.

"When you look at the impact, the only think you're really going to be able to impact is new consideration, new customers evaluating security vendors," Dickson told The Register. "Net-new companies may look at this and say 'I don't know.' But that isn't going to start showing its head in the earnings for another quarter or two."

Existing customers – especially those who have gone all in with CrowdStrike's security products – aren't likely to go anywhere, despite any lingering frustrations about the flawed update.

CrowdStrike, along with some of its competitors, calls its separate products "modules," and all 28 of CrowdStrike's modules connect to its central Falcon platform.

For the quarter, CrowdStrike boasted its module adoption rates were 65 percent, 45 percent, and 29 percent, for five or more, six or more and seven or more modules, respectively, as of July 31, 2024.

According to Kurtz, 48 percent of customers spending at least $100,000 annually on CrowdStrike use at least eight modules – and replacing these products with equivalents from different vendors would be a "costly and time consuming process."

This is where CrowdStrike finds the bulk of its business. "If you only have one service from CrowdStrike, it's a lot easier to cancel," Dickson explained. "If you are a company with four, five, and six modules, it's going to be a lot harder to change. If you were so angry at CrowdStrike that you wanted to rip and replace everything, that's a herculean effort."

Even Delta Air Lines – which has threatened lawsuits against both CrowdStrike and Microsoft for the outage, alleging it cost the airline more than $500 million – is unlikely to switch cyber security providers anytime soon, Dickson opined.

In its latest missive to CrowdStrike, Delta revealed about 60 percent of its "mission-critical applications and their associated data – including Delta's redundant backup systems – depend on the Microsoft Windows operating system and CrowdStrike."

"Even with how much they dislike CrowdStrike right now, I would bet it takes them a couple of quarters if they do actually decide to rip and replace," Dickson observed.

The general consensus, however, seems to be that Kurtz and crew responded well to the incident, appearing apologetic enough to appease angry customers and putting forth a plan to ensure that this doesn't happen again.

Even Palo Alto Networks CEO Nikesh Arora praised the way Kurtz "stepped up to handle the crisis caused by the content update," adding, "your diligence, transparency and perseverance is admirable."

Despite the $10 gift cards sent to CrowdStrike's partners who were working overtime to help customers recover from the outage, it doesn't appear that the security vendor will suffer any lasting damage.

"Longer term, it's possible to improve your reputation based on how proactive your approach is," Dickson noted – pointing to Mandiant, and its then-CEO Kevin Mandia's response to the SolarWinds hack. "They got breached, their tools were stolen, and here they are, one of the preeminent security providers." ®