Good day, and thank you for standing by, and welcome to the CrowdStrike Holdings First Quarter Fiscal 2022 Financial Results Conference Call. At this time, all participants are in a listen-only mode. After the speaker presentation, there will be a question-and-answer session. [Operator Instructions] Please be advised that today’s conference is being recorded. [Operator Instructions] I would now like to hand the conference over to your speaker today, Maria Riley, Vice President of Investor Relations. Please go ahead.

Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, President and Chief Executive Officer and Co-Founder of CrowdStrike; and Burt Podbere, Chief Financial Officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives, growth and expected performance, including our outlook for the second quarter and fiscal year 2022 are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call. While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements whether as a result of new information, future events or otherwise. Further information on these and other factors that could affect the Company’s financial results is included in filings we make with the SEC from time-to-time, including the section titled Risk Factors in the Company’s quarterly and annual reports that we file with the SEC. Additionally, unless otherwise stated, excluding revenue, all financial measures discussed on this call will be non-GAAP. A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our press release, which may be found on our Investor Relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. Please also note that in light of our recent acquisition of Humio management will provide additional information into our guidance assumptions. We do not intend to provide this additional information on an ongoing basis. With that, I’ll turn the call over to George to begin.

Thank you, Maria, and thank you all for joining us today. We delivered an outstanding first quarter, and fiscal year 2022 is off to a record start for CrowdStrike. Building on last year’s milestone performance, we started and finished the first quarter with strong momentum and results exceeding our expectations. We saw strength in multiple areas of the business, added $143.8 million in net new ARR and grew ending ARR 74% to exceed $1.19 billion. Burt will provide the details of our financial performance and I will focus my remarks on three key points. First, customers are increasingly turning to CrowdStrike as their trusted security cloud platform of record. As we extend the platform beyond core protection, we’re seeing strong momentum in cloud workloads, IT operations and our expansion into DevOps. Our platform includes 19 modules and easily allows customers to consolidate agents and reduce debt. Second, our leadership is recognized by both customers and industry analysts such as Gartner and Forrester. Our growing brand has become the cybersecurity gold standard, translating into a broad customer base that is scaling rapidly, deeper penetration within verticals and our strong financial success. And third, the demand environment is robust, driven by strong secular trends, including digital and security transformation, cloud adoption, and an ongoing heightened threat environment. This includes the massive influx of ransomware and the operational impact of these attacks that have been seen over the past two years. We believe these dynamics will provide CrowdStrike a runway for long-term sustainable growth. Now, let’s discuss these topics in more detail. It only takes a quick glance at current headlines to know that the threat landscape is fierce and growing in intensity every day. High profile breaches and vulnerabilities like SUNBURST, pipeline and infrastructure attacks, and zero-day vulnerabilities in Microsoft Exchange, are…

Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP. Before we get started, I will note that the results we are reporting today include the acquisition of Humio. To assist with your models, we will share select details regarding Humio’s impact on Q1. However, we do not intend to disclose these details on an ongoing basis. The acquired net new ARR from Humio was approximately $3.6 million, which is reflected in both, the ending and net new ARR results we are reporting today. From the acquisition of Humio, we also gained 119 net new customers in the quarter. Given the acquisition closed during the quarter and the impact of fair value purchase accounting adjustments related to deferred revenue, the GAAP revenue recognized from Humio was de minimis to our results. The acquisition also added approximately $5 million to operating expenses in the quarter, which again represents about two months of quarterly expenses. Moving to our results. We delivered an exceptional first quarter. In addition to strong growth at scale in the first quarter, we continue to maintain very high unit economics, drive leverage and remain very capital efficient, generating record operating and free cash flow. Additionally, we continue to perform at a high level, well in excess of the SaaS industry’s Rule of 40 benchmark, achieving a Rule of 80. Demand in the quarter was broad-based and fueled by strength in multiple areas of the business. Similar to last quarter, demand for our solutions was well-balanced between new customers and expansion business and between large enterprises and mid-market and smaller accounts. We once again ended the quarter with a record pipeline, which we believe indicates a strong foundation for future growth. In the quarter,…

[Operator Instructions] Our first question will come from the line of Saket Kalia from Barclays. You may begin.

Okay, great. Hey, guys, thanks for taking my question here. George, maybe for you, a lot of nice sample wins you mentioned in your prepared remarks, particularly in the cloud portfolio part of the business. Understanding it’s still early with some of those tools, I was wondering if you could share what customers have said about their willingness to use third-party security tools for public cloud workloads, and also about the competitiveness of Falcon in the public cloud.

Sure. So, hey Saket, good to connect here. Customers are very willing to use our technology. As we’ve talked about many times, they’re looking for a holistic solution across multiple clouds, not just one cloud provider. They’re looking for a single agent that not only can give visibility and protection in their corporate enterprise, but also in their cloud environment. And in terms of the willingness to use it, it’s an extremely competitive product. We continue to add more and more capabilities, including drift detection now if these workloads drift and containers drift, which is a real boon for the devops team. So, we’ve spent a lot of time selling into that group. We’ve got a lot of traction there. And as I mentioned before, a lot of our cloud technology, not necessarily new product, particularly things like Horizon because we built it for internal use before we actually delivered it to the market. So, in general, it’s a greenfield opportunity in cloud. There’s not a lot of competitors and the existing technologies we have to displace. And we’re really excited about the momentum we’ve seen in that particular category.

Great. Thanks very much.

Our next question will come from the line of Sterling Auty from JPMorgan. You may begin.

Yes. Thanks. George, maybe just on the cloud side. I think this is an area that people have -- are struggling to understand the different pieces of what fits to make a cloud security stack. Can you maybe help us understand what piece of the puzzle will CrowdStrike provide going forward? Where will you partner? And what parts will be delivered by others in the industry?

Sure. So, you have to separate, again, the network components out from the workload components. And there are other players that have virtual firewalls and network technology. So, we need to separate that out because we don’t actually supply that. So, specific to workloads, containers, virtual instances, we have the ability to protect at runtime. So, similar to what we do today in a normal environment, we can identify threats and prevent those using machine learning and behavioral technologies. We’ve got the ability to understand and stream data, EDR data, if you will. And we also have cloud security posture management, which gives you the configuration of that infrastructure. And what’s different than a normal corporate environment is that since customers in the cloud don’t control the infrastructure, it’s mostly set up via policy settings. And a lot of those settings can go awry or be misconfigured. So, we’re handling the policy piece and the configuration of the infrastructure as well as the workload protection piece, as well as understanding the configurations of these containers, as an example, to understand if there are vulnerabilities or drifts. So, in our mind, in terms of workload protection, we’re covering a full suite of protection capabilities that a customer would need.

That makes sense. Thank you.

Our next question will come from the line of Matt Hedberg from RBC Capital Markets. You may begin.

Hi, guys, thanks for taking my question. Congrats on a really strong Q1. George, you’ve got over 11,000 customers, and you’re seeing acceleration there on customer adds. And I think what strikes me, and it was really coming out of your last financial update was it still looks like you’re early and potentially could 10x your customers and still not be fully penetrated into that global opportunity. I guess, I’m wondering from a high level, could you talk about your strategy in going after the next 10,000. How might that change versus the first 10,000? And where do you see the biggest opportunities for share gains?

Sure. Well, as we’ve talked about in the past, we’ve built a tremendous sales machine and we spent a lot of time, obviously, focusing on the scalability of the technology but also the scalability of the sales machine. And things like trial to pay, in-app trials, creating frictionless ways to actually cross-sell into our customer base, that’s really important for what we do. And when we think about the next 10,000 or beyond, and as you said, 10,000, 11,000 is fantastic. But when you look at other competitors over the many, many years, they’ve had hundreds of thousands. So, we certainly think we can be in that arena in the future. And it goes to, I think, a very efficient go-to-market motion. Burt talked about our Magic Number of 1.4. And it also combines with the fact that we’ve built an e-commerce platform behind or below, if you will, the Falcon platform. So, the platform is designed to sell itself and to get new customers and we spend a lot of time on digital to trial to pay and then conversions. And whether it’s a small customer or whether it’s a large one in enterprise, once we get them in the door, we certainly can’t convert them with a credit card, but obviously, the bigger customers will engage on the sales team and a partner and close deals. And now with things like AWS and GCP and EY, we’ve expanded our partner network. So we feel really good about the flywheel we’ve built and the scalability -- sales scalability built into the platform.

Thanks, guys.

Our next question will come from the line of Shaul Eyal from Cowen. You may begin.

Thank you. Good afternoon, guys. Congrats on the strong set of results. George or Burt, when looking at your net new 1,500-plus customers, even when you exclude the Humio a little bit, can you outline to us whether they are predominantly midsized or high-end enterprises. If you had to put a ballpark on the average number of modules that are currently deployed, is it three or even more than that per new customer?

Hi, Shaul, great to hear your voice. So, I’ll take the second part of your question first. Number one, as new customers come on board, we’re seeing them deploy more and more modules. That goes also talk to the fact that we have more modules for customers to purchase. On the second part, in terms of where we’re seeing uptick with respect to new customers and new logos, obviously, a lot of the velocity is coming from some of the smaller -- the SMB and mid-market because it does take less time for -- to contract a deal. But the good news is that we’re capturing deals both at the large enterprise level, mid-market and SMB, across the board.

Thank you for that.

Our next question will come from the line of Brian Essex from Goldman Sachs. You may begin.

Hi, good afternoon, and thank you for taking the question, and congrats on a good set of results. Maybe George, I want to dig into -- in your prepared remarks, you mentioned the partnership with Zscaler. And I know Zscaler called out that I think you brought them into a large investment bank deal. And then here you called out that they pulled you into an insurance deal. Maybe if you could -- if we could take a step back more thematically and understand the driver behind those deals. Is it the two of you going together with an end-to-end -- endpoint through network security Zero Trust deal, or maybe to better understand the go-to-market behind some of these partnerships and what’s driving those deals would be helpful?

Sure. I think, thematically, its customers are looking for a next-gen endpoint workload technology platform like CrowdStrike combined with next-gen network technology, and they’re looking to replace their legacy Palo Alto Networks. And we spent -- or others. And we spent a lot of time in the field, and we’ve set up compensation structures between the two organizations, where both sales teams are incented to help each other out, which is always good in the field. And we’ve done the integration. So, when we think about understanding what happens out of the network, obviously, we’re not a network company, that information can be supplied to us in the Falcon platform. And we’ve got tremendous visibility on the endpoints that go beyond anything a network company could have, and that’s useful to Zscaler customers. So, when you put the two of them together, we think it’s better together. And we’ve got a huge hotel company that uses both, Zscaler and CrowdStrike. And it has just been amazing to see the technologies work together, and they’ve been a big fan and a big proponent of us putting these integrations together. So, I think it’s good for customers and it’s good for both parties.

Our next question will come from the line of Andrew Nowinski from D.A. Davidson.

Great. Thank you. And congrats on another fantastic quarter. I wanted to just get a question in on the net new ARR this quarter. So you, again -- you saw no seasonality from Q4 to Q1, which I think is the first time at least the last three years where net new ARR has not declined sequentially, clearly indicating a significant change in the spending environment. In the past, I think you’ve talked about AWS driving a significant percentage of that net new ARR. So, I was curious, was that again the key driver this quarter that enabled CrowdStrike to define normal seasonality?

Hey Andy, this is Burt. So, I think it’s just more broad-based demand. I don’t think it’s necessarily focused in just AWS. I think, the great news is we essentially delivered a second Q4 in Q1, to your point. You’ve been following us closely. I think it’s the continuation of trends we have been seeing for quite some time. George talked about them, the digital and security transformation, cloud adoption, this robust threat landscape. And I think we’re in a buying environment. And so, we’re really excited to be able to post such a strong Q1. But I think, again, it goes back to the broad-based demand. But thanks for tracking that information.

Our next question will come from the line of Rob Owens from Piper Sandler.

Could you guys elaborate on some of the success you’re seeing in the public sector? Obviously, a growing commitment from the administration towards Zero Trust, and you mentioned a couple of wins. So, maybe just help us understand the success you’re seeing and how big that opportunity could be. Thanks.

Sure. Good to connect here. When you look at the -- some of the orders that have come out of the White House, it will -- if you will, it’s like -- lines up with our strategy, lines up with what we do. And I think certainly, the federal government can benefit and has been benefiting from our technology. We spent our initial foray into the civilian agencies, and that gives you a beachhead into some of the broader intelligence agencies. So, we’ve gotten a lot of our certifications that has taken some time. That’s just a process that anyone has to go through. We put the effort in and spend the money to do it. And we think we’re set up for success. So, we’ve seen some really nice wins, big wins in the federal space. And we think that’s going to continue to carry forward. And when we think about federal, that’s just one piece of the government. Obviously, state and local, we’ve had tremendous wins. A lot of the states in the U.S. certainly have adopted CrowdStrike, a lot of municipalities and communities. And as you’ve seen with ransomware and some of the other forest attacks that are out there, typically, they are under protected and they need technologies like CrowdStrike. And they typically don’t have the people power to do it. So, we feel really good about fed, state and local from a platform perspective.

And our next question will come from the line of Mike Walkley from Canaccord Genuity.

Hey. Thanks. And my congrats on the strong results. I guess, George, a question for me is just with the sale of McAfee’s enterprise business and the lack of innovation out there and growing industry concerns for legacy solutions. I was hoping you could maybe share your thoughts on what inning you think you’re in regards to taking share from legacy vendors. And how all these recent ransomware attacks might be accelerating the transition from legacy solutions to yours.

Sure. It’s a good question. And I think we’re still in the early innings, maybe second inning in terms of our ability to continue to take share. And actually, just today, IDC released an updated worldwide market share stat from modern endpoint security, and CrowdStrike was ranked number one, ahead of Microsoft and other legacy vendors. So, we feel really good about where we are. But, as we talked about earlier on the call, 11,000-plus customers, fantastic, but there’s a lot of companies out there, big and small, and we still think we’ve got a lot of runway, and still continue the migration of -- and share from Symantec and McAfee to CrowdStrike. So, still early on, but obviously, lots of progress that we’re proud of.

Our next question come from the line of Alex Henderson from Needham.

Great. Thanks. There’s been a lot of attacks and some pretty high visibility ones of late. In fact, the intensity and rapidity of these attacks seem to be escalating as Biden’s going into meeting with Putin. I was wondering if you could give us some clarity on the efficacy of your system which is, I think, probably the most important variable to look at relative to any security company in terms of handling those attacks that have recently occurred and how it has or has not impacted your customers. Thanks.

Yes, sure. So, we went through some of the prepared remarks in terms of our efficacy and some of the latest results that we’ve seen with the testing organizations. I’ll point you back to those, 100% for the last couple of months. Obviously, that’s just one piece of it, right? You have to look at the entire system and it’s designed to stop breaches. And we stopped last year, I think, 65,000 -- or 75,000, I should say, in process breaches. So, we know the technology works. We know it has extremely high efficacy. MITRE ATT&CK, we had 100% coverage across the 20 different groups. And there’s a reason why we’re winning. The technology works, the technology scales. And it’s designed to catch things across the kill chain. Even if something slips through one part of the kill chain is designed to catch it in the second part and stop breaches. And that’s what we’ve done from the beginning, and that’s what we’re going to continue to do.

Our next question will come from the line of Jonathan Ruykhaver from Baird.

George, I think this one is for you. Gartner -- some Gartner research I was reading recently noted growing competition commoditation on log management offerings across a lot of companies both public and private. And obviously, logs are important to contributing to the richness and breadth of data sources. So, I could see how it’s very important for applications like EDR, XDR and et cetera. But just wondering your thoughts looking forward, how do you maintain differentiation on the data side given some of those forces around commoditization?

Sure. I mean you can -- any company has lots of data, it’s the value and what you do with it. And I think CrowdStrike has proven our ability to utilize the data. And whether that’s in training our AI algorithms or whether that’s creating a product that can actually be quickly searched and insights be gained. With our Threat Graph, we’ve pioneered cloud delivery end point and graft technology specific to security. So, I think that continues. With Humio, you’ve got fantastic technology, extremely fast, extremely efficient, in-memory, index-free, driving down the cost compared to legacy technologies that are out there on the lock side. And that will be a key part of our XDR extension in our strategy. And we’ve seen fantastic feedback from customers. I called out some big wins that we had with Humio. And as that gets integrated, which we’re working on, we feel really good about having the ability to pull other information besides CrowdStrike data into our data platform and our Threat Graph and make that available to customers. So, I think it comes down to -- again, there’s a lot of marketing noise in the marketplace. But when you actually look at the technology which we have and why we bought Humio, we feel really good about it as a next-gen technology that’s going to be a good fit for our platform.

Our next question comes from the line of Ittai Kidron from Oppenheimer.

Thanks. Hey, guys. Great quarter. I want to go back to the cloud, George, if I may. Can you talk about the cloud workload and Horizon. How often are dissolving conjunction, both of them together. Is there a high attach rate for those two? And with respect to your attach rates, the 4 to 5 and 6 modules, clearly those are doing very well for you. But how frequently are cloud workload protection and Horizon part of those 4, 5, 6?

Well, I would say, much more frequently now. Obviously, Horizon is still a relatively new entrant into our portfolio as of last year. But, we talked about Cloudera is a good example. That was a company who had our traditional endpoint protection and obviously, now adopted our cloud technology. So, we have a big base that we can go into and cross sell, which we are. And part of the conversation with any new customer is about what you’re doing in the cloud and how you’re protecting it. Some companies, they have a different time scale or path to the cloud. And it may not line up exactly to what they’re doing internally or for their end points. But every sales call, certainly at the larger enterprise in the medium, we’re talking about our cloud technology. It’s really about the platform play. And again, we’ve seen tremendous success in the overall adoption just over the last couple of quarters with it. So, it’s been out less than a year. But I think when you look at how fast we’re innovating in that area and our ability to actually sell into dev ops, we feel really good about its future.

Our next questions come from the line of Gray Powell from BTIG.

Congratulations on the great results. So yes, maybe focusing in on ARR. So, if I look at Q1, your net new ARR of $144 million, that’s up 68% year-over-year in Q1 versus a 65% comp last year, which is just a really impressive number. Of your net new growth, how much of that is coming from sort of the core endpoints or EDR space versus new product areas, whether that’s Humio, Preempt, vulnerability management, IT operations or other stuff?

Hey Gray, great questions. So effectively, our core is still the majority of our sales, right? That’s the core traditional workload and endpoint protection, it’s detection, it’s prevention, it’s OverWatch. But, we’ve seen some great traction coming in from things even like device control and then you throw in Discover for IT management and you got also Spotlight which has gained some traction. And so, what we’re really seeing across the board is companies coming in and buying more modules out of the gate, because they see the value not only of the platform and where they can go with the platform, but the total cost of ownership. We’re able to drive down those costs overall by taking out some other competitors that offer other type of technologies where we come in with better efficacy and lower cost. So, it’s really all about the opportunity for customers to purchase more of our modules, and they’re doing so more and more out of the get-go. So, that’s how we look at it.

And our last question will come from the line of Patrick Colville from Deutsche Bank.

Hey there. Thank you so much for squeezing me in. I mean, a lot of impressive metrics this quarter. I mean, one that kind of stood out to me was RPO billings, which if I’m not mistaken, grew 79% in fiscal first quarter, which is actually larger than any quarter last year. So, trying to understand why that metric might be so strong. Were there some very large multiyear deals signed in this quarter?

Yes. So, Patrick, great question. And the answer is yes. We’re seeing an uptick in the number of multiyear deals versus where we’ve been historically. Customers want to lock into us. They want to use our platform and they see us as the platform that they can grow on. And they see us as a platform of the future. Everyone today is looking for that modern day architecture. We supply it, easy to deploy, simple to manage, and we’re able to show customers that, hey, we’re here to stay. We’re going to continue to invest in R&D. And we’re going to use our balance sheet to be able to do that. We are seeing more and more of those multiyear deals they paid annually, which obviously impacts the deferred, but the total RPO number has gone up because customers are willing to sign longer term contracts with us because they believe in what we’re doing. And that’s really good for us. And we’re really happy -- we’ll really have to see that uptick in RPO.

And I now turn it over to George Kurtz for any closing remarks.

Okay. I want to thank all of you for your time today. We certainly appreciate your interest and look forward to seeing you virtually at our upcoming investor events. Stay safe, and we’ll talk soon. Thank you.

And this concludes today’s conference call. Thank you for participating. You may now disconnect.