CrowdStrike FY2027 Q1 Earnings Call - AI Security Demand Drives Massive Guidance Raise

Brian Essex, Analyst, J.P. Morgan3: Hello, and welcome to CrowdStrike’s fiscal first quarter 2027 financial results conference call. At this time, all participants are in a listen-only mode. After the speaker’s presentation, we will conduct a question and answer session. Please be advised that today’s conference is being recorded. I would now like to hand the call over to Andy Nowinski, Vice President of Investor Relations and Strategic Finance. Andy, please go ahead.

Andy Nowinski, Vice President of Investor Relations and Strategic Finance, CrowdStrike Holdings, Inc.: Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, Chief Executive Officer and founder of CrowdStrike, and Burt Podbere, Chief Financial Officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives, growth, including projections, and expected performance, including our outlook for the second quarter and fiscal year 2027, and any assumptions for fiscal periods beyond that, are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call. While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties.

We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements, whether as a result of new information, future events, or otherwise. Further information on these and other factors that could affect the company’s financial results is included in the filings we make with the SEC from time to time, including the section titled Risk Factors in the company’s annual and quarterly reports. Additionally, unless otherwise stated, excluding revenue, all financial measures disclosed on this call will be non-GAAP. A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our earnings release, which may be found on our investor relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. With that, I will now turn the call over to George.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Thank you, Andy, and thank you for joining CrowdStrike’s Q1 FY 2027 earnings call. We started our fiscal year in an environment where cybersecurity has dramatically risen in organizational visibility and funding priority. CrowdStrike is now being understood as critical AI infrastructure. Frontier AI Lab started a new chapter in the AI revolution. New model releases starting in April connected AI innovation with cybersecurity necessity. CrowdStrike was the only cybersecurity company selected by both Anthropic and OpenAI from the very start to secure these new models, their adoption, and the new risks they create. Today, AI adoption is not a nice-to-have, it’s an existential imperative across every geography and vertical. The more AI an organization adopts, the more cybersecurity it requires. In this new agentic era, we’re now guiding net new ARR acceleration for the full year.

Q1 highlights included, one, record Q1 net new ARR of $256 million, up 32% year-over-year, and exceeding the high end of our guidance. Two, ending ARR of $5.51 billion, accelerating over our record Q4 at more than 24% growth. Three, total revenue of $1.39 billion, up 26% year-over-year, beating guidance and accelerating for the fourth consecutive quarter. Four, all-time record free cash flow of $468 million or 34% of revenue, exceeding our expectations. Our free cash flow Rule of 40 was 59, increasing for the fourth consecutive quarter. Five, record Q1 operating income of $326 million or 24% of revenue, up 62% year-over-year, exceeding guidance. Six, we added over 300 Falcon Flex accounts in the quarter, with accounts that have adopted this subscription model reaching more than $1.9 billion in ending ARR, growing 99% year-over-year.

These data points illustrate momentum, traction, and achievement. It’s on the backs of our strong Q1 results and the unprecedented market dynamics I see that we are raising our growth expectations for the full year net new ARR by more than 500 basis points. For the full year, we now expect net new ARR growth to accelerate over FY 2026. What I see is AI driving structural demand for cybersecurity that compounds, not decelerates. The AI enterprise is unfolding in real-time, and CrowdStrike is a necessity to secure it. AI’s technology progression has unfolded in waves. Wave one of AI adoption was about making information rapidly accessible and foreshadowing the power of reasoning using existing data points to connect new dots. Wave two of AI adoption started with the agent, transforming what was once a basic web experience into a rich, connected, and human-like digital worker.

Agents became a major unlock moment for the enterprise, opening the door to productivity gains and augmentation of human workers. The concept of the agentic workforce was born. For the first time, enterprises could start pointing to economic value creation and newfound outputs from the AI revolution. This brings us to Q1, right in the middle of wave 2, the wave of agent creation. In April of Q1, more happened in a matter of weeks in cybersecurity than in the whole year prior, the Mythos inflection moment. Collaboration with Anthropic from the start, we saw a new model emerge that had relevance for the cybersecurity market, relevance for defenders in identifying vulnerabilities much faster than before, including the chaining of multiple vulnerabilities to create lethal cyber attacks. Project Glasswing brought together CrowdStrike and a focus group of consequential companies to ensure market readiness for Anthropic’s new model.

Shortly thereafter, OpenAI announced GPT 5.5 Cyber, later known as Daybreak, where we were selected as a founding member of their Trusted Access for Cyber program. CrowdStrike is the only cybersecurity company to secure both Anthropic and OpenAI’s introduction programs from the very start. What the Mythos moment proved is that the world, starting from the frontier AI labs themselves, realized that AI needs a cybersecurity ecosystem. This was a Mythos inflection point. The discussion evolved from is AI going to disrupt cybersecurity to organizations and even the frontier AI labs relying on Falcon as their AI-powered defender for the post-Mythos era. Even more consequential is how adversaries can use these new and future models to democratize destruction. Now, any human or agent can be a vibe hacker or worse, wage serious cyber attacks that threaten enterprise survival, nation-state continuity, and critical infrastructure operations.

AI has now directly entered the world of cybersecurity across two dimensions. One, you need cybersecurity to secure AI itself. Deploying AI across the enterprise is simply too risky without cybersecurity from the start. Cybersecurity is now foundational AI infrastructure. Two, an explosion in greenfield attack surfaces, each of which needs cybersecurity. The AI revolution has led to a boom in, one, hardware, GPUs, MPUs, TPUs, and Trainium chips. Two, data centers and hyperscalers, training and housing AI models. Three, Neoclouds, a whole new class of cloud focusing on inference. Four, token factories. We’re seeing unprecedented, eye-watering demand for Anthropic and OpenAI. Five, agentic applications, a whole new class of agentic tools such as Cursor, Sierra, ElevenLabs, Exa, Legora, and more. The inflection point is that every player in this value chain is experiencing hypergrowth, and every one of these technologies needs cybersecurity.

The Mythos moment crystallized the reality for the market. For the first time in my career, the market’s view of cybersecurity’s role has shifted from being viewed primarily through the lens of risk management, compliance, and protection to being recognized as a strategic accelerator and a critical enabler of AI adoption. Here’s how we’re seeing this shift manifest across our ecosystem, customers, and business. As soon as Project Glasswing and Mythos were announced, a deluge of customer, prospect, and partner inquiries followed. Post-Mythos threat landscape readiness reached a fever pitch, with the primary question being, is my organization protected? The immediate focus turned to uncovering and remediating vulnerabilities susceptible to being weaponized by new models. Answering this question across tens of thousands of organizations created an opportunity to showcase the power of our platform and ecosystem.

Within days of Anthropic’s Project Glasswing and OpenAI’s TAC, we announced Project QuiltWorks to unite and mobilize the industry around Mythos readiness. QuiltWorks is a phased process of vulnerability discovery, prioritization, remediation, and then executive communication. Are we protected conversations at executive and board levels quickly became opportunities to leapfrog legacy point-in-time vulnerability discovery. The answer became real-time, continuous discovery, and remediation. This conversation plays right into the strength of Falcon’s continuous exposure management solution and Falcon for IT, both of which saw adoption nearly double year-over-year in the quarter. We saw immediate interest from our ecosystem to join our coalition. After the announcement of Project QuiltWorks, Accenture, EY, IBM, Kroll, and OpenAI joined us to use the latest OpenAI and Anthropic models for QuiltWorks engagements.

A few weeks later, we expanded the coalition to include Armadin, Cognizant, HCLTech, Infosys, KPMG, NTT Data, Tata Consultancy Services, and Wipro. More recently, insurers such as Coalition, Liberty Mutual Insurance, Lockton, Resilience, and Marsh joined the coalition to start underwriting frontier AI model risk to the enterprises they serve. Quiltworks engagements include EY engaged with a Fortune 100 account and uncovered more than 45 million vulnerabilities leveraging Falcon Exposure Management and Frontier Models. The engagement is also accelerating next-gen SIEM adoption within this account. Kroll, who recently replaced their incumbent next-gen endpoint vendor with CrowdStrike, brought us into a clothing manufacturer, which is becoming a new logo account on the back of a Quiltworks assessment. Quiltworks is how we’re preparing the market for cybersecurity’s Y2K moment with CrowdStrike as the key security control for AI deployment.

Quiltworks and the AI-accelerated demand environment are delivering growth across the business. In Q1, we delivered innovation and saw pronounced demand across the following platform modules. First, endpoint. Our endpoint business again accelerated for the third consecutive quarter. The endpoint has become the epicenter of where AI happens, and our best-in-class efficacy sets us apart. The rapid adoption of AI tools like Claude Cowork, Claude Code, and Codex have dramatically expanded the endpoint attack surface. Our endpoint leadership continues to widen, with Gartner naming us a leader for the seventh consecutive year and scoring us the very highest on both axes of the Magic Quadrant, ahead of all other participants for the fourth year in a row. Today, we’re seeing two new phenomena on the endpoint. First, AI’s rapid evolution has created renewed enterprise focus on endpoint security investment.

Second, non-human identities and agents require their own underlying host, creating greenfield demand for sensors. We’re already seeing companies deploying agentic workloads inside virtual machines, each requiring its own sensor. Illustrating this was an eight-figure new logo land in a major U.S. government agency. We replaced a legacy AV, an operating system EDR, and a legacy vulnerability management point product across more than 200,000 hosts. That unlocks what’s next. We pioneered EDR. We have the endpoint real estate. That gives us the structural advantage to own what we’re bringing to the market, AI DR, AI detection and response. AI DR is quickly becoming a new growth pillar in our business, with ending ARR growing more than 250% sequentially and Q2 pipeline already exceeding $50 million. We went from zero to this in under two quarters. In my career, I’ve never seen adoption happen this fast.

As I look forward, I see AI DR as a larger opportunity than EDR. Here’s why. First, our structural advantage. We built EDR because the endpoint is where attacks execute, and you need a sensor there to see them. The same is true for AI. Agents run on the endpoint. They make tool calls, access files, invoke APIs, and move data at the process level. To detect and respond to AI threats in real-time, you need a runtime sensor where AI executes. That’s Falcon. While competitors may provide AI visibility, only CrowdStrike can detect, block, and respond where AI actually runs. The pattern that made EDR ours repeats. Second, the AI DR market opportunity is structurally larger. EDR secured one attack surface, the host. AI DR secures seven: data, models, prompts, agents, identities, infrastructure, and the interaction layer where they converge.

Worldwide spending on AI is forecasted to total over $2.5 trillion, only a low single-digit % of organizations have an advanced AI security strategy. The gap between AI adoption and AI protection is the widest asymmetry in security since the cloud transition, and it’s moving faster. We’re already converting the demand. An automotive financial services leader added AI DR to more than 30,000 hosts for shadow AI visibility and protection in a seven-figure win. Greenfield opportunity, seamless upsell, same sensor. Moving to Next-Gen SIEM, cloud, and identity. We saw a record Q1 net new ARR from the combination of these businesses. Combined, these businesses have now exceeded $2 billion in ending ARR. Our Next-Gen SIEM business exceeded $600 million in ending ARR and has transformed CrowdStrike into the operating system of the AI SOC.

Charlotte AI, where ending ARR accelerated sequentially over Q4, is now the reasoning engine across Falcon, triaging alerts, correlating cross-domain telemetry, and automating investigation at machine speed. This quarter, we expanded that vision with AgentWorks, our ecosystem of purpose-built AI agents built on the Falcon platform. Partners including Accenture, AWS, Anthropic, Deloitte, NVIDIA, OpenAI, and Salesforce are building specialized security agents that operate natively on Falcon data. The result, a security operations center that runs at AI speed, orchestrated by Charlotte, extended by the ecosystem, and grounded in the richest telemetry in the industry. A key next-gen SIEM win was an eight-figure new logo land in a major fuel retailer. CrowdStrike was selected to replace a legacy SIEM, a next-gen EDR, and stitched together software from a network security hardware vendor.

The performance and price superiority of Next-Gen SIEM, combined with Charlotte AI’s autonomous triage, eliminates swivel chair alert management, successfully starting this customer’s AI SOC journey. Cloud had another strong quarter as enterprises continue securing their AI infrastructure. Concern around elevated risk from new frontier models has pushed customers to harden their cloud environments. An 8-figure win in a high-performance AI chip company allowed this customer to secure their rapidly expanding Kubernetes-managed data center and cloud environments in the wake of the AI boom. Next-Gen Identity net new ARR growth accelerated versus Q4. In the AI era, every agent needs an identity, every identity needs governance, and every enterprise is realizing they can’t tell human from machine in their environment. Falcon Shield had another stellar quarter with ending ARR growing nearly 4x year-over-year as organizations secure their SaaS agentic attack surface.

Our recently acquired SGNL solution and our fast-growing privileged access offering are both seeing strong early demand as enterprises lock down what agents can do and access. A major American healthcare company selected Falcon Next-Gen Identity and SGNL in a 7-figure expansion to solve a problem that simply didn’t exist two years ago, governing what AI agents can and cannot do across the enterprise. SGNL delivers granular, policy-based authorization over agentic workloads in real time. This is the identity opportunity in the AI era. Falcon Flex is how we go to market, with accounts that have adopted the subscription model rapidly approaching $2 billion in ending ARR. The most exciting part is the Re-Flex dynamic. Customers renewing and expanding their investment beyond their first Flex contract, with highlights including the number of Re-Flex customers reached 480, representing nearly 25% of all Flex customers.

The average re-Flex uplift was 26%, with the average re-Flex happening in seven months, well ahead of their subscription renewal date. The most compelling, over 130 customers have re-Flexed multiple times, with the average ARR uplift over their original Flex coming in at 51%. Customers are coming back multiple times, and they’re continuously spending more, consolidating on CrowdStrike. This is the power of the platform in action. To secure AI, organizations need the Falcon platform. To deliver the platform, you need the right go-to-market model. Flex is the commercial harness to drive secure AI adoption. In closing, I’m proud of the start of our year. Q1 was another beat, and as the quarter progressed, we saw the Mythos inflection point. The world of cybersecurity and frontier AI collided. The result is that frontier AI needs the very best defender, and that’s CrowdStrike. The inflection is now.

The need for cybersecurity to defend AI is non-negotiable. CrowdStrike is not only in the right place at the right time with the right technology to stop the breach. Think of CrowdStrike as the picks and shovels for the world’s largest technology gold rush of all time. CrowdStrike is in the prime position to be the world’s AI security layer with nearly 100,000 businesses, including hundreds of the Fortune 500, already trusting us to secure their organizations. Our ecosystem of thousands of partners are looking to us for the answers on how to secure AI at global scale. This is even bigger than customers and partners. The market’s very best AI talent seeks out CrowdStrike to join our mission. I’m excited to announce Dr. Bartley Richardson joins my leadership team as Chief AI and Autonomous System Officer.

He joins CrowdStrike from longtime strategic partner NVIDIA, where he led agentic AI and cybersecurity AI. Bartley deepens our NVIDIA collaboration and furthers our verticalization of AI into cybersecurity. The best AI talent in the world is choosing to build at CrowdStrike. In this inflection moment, I see CrowdStrike’s opportunity larger than ever before. The technology is here, the talent is here, and the market opportunity is here. We’re raising our full-year net new ARR guidance by more than $50 million. We now expect full-year net new ARR growth to accelerate over last year. At $5.5 billion in ending ARR, we are accelerating. We see this as the AI tailwind in action. Given the strength of this quarter and our confidence in what’s ahead, I’m announcing CrowdStrike’s first stock split as a public company.

We’ll be doing a 4-for-1 stock split, making CrowdStrike more accessible for investors to join our mission. Cybersecurity isn’t a nice-to-have in the world of AI. It’s a need-to-have, CrowdStrike is the innovator of choice, the partner of choice, and the protector of choice for this new accelerated AI world. Thank you for your trust. I’ll now turn the call over to Burt Podbere, our CFO.

Burt Podbere, Chief Financial Officer, CrowdStrike Holdings, Inc.: Thank you, George. Good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP. We delivered strong first quarter results to begin the new fiscal year, exceeding expectations across all guided metrics. We achieved record Q1 net new ARR of $255.8 million, up 32% year-over-year, driving ending ARR to $5.51 billion, accelerating growth to more than 24% year-over-year. As George outlined, the Mythos moment marked an inflection point for the industry. Confirming that cybersecurity is not just foundational to AI adoption, it is critical AI infrastructure. Our Q1 results and FY 2027 outlook reflect the very beginnings of this technology wave, with broad-based momentum fueled by customers consolidating their security needs, lowering their total cost of ownership, and accelerating AI adoption with CrowdStrike as their security foundation.

This strength is reflected in our continued strong retention rates, increased module adoption, third consecutive quarter of ending ARR growth acceleration for the endpoint business, and Q2 record pipeline. Additionally, we closed the acquisitions of SGNL and Seraphic in the first quarter, contributing a combined $7.8 million of acquired net new ARR, which was within our stated expectations of $5 million-$8 million. Moving to the P&L, total revenue exceeded our guidance range and grew 26% over Q1 of last year to reach $1.39 billion, with year-over-year growth accelerating sequentially for the fourth consecutive quarter. Professional services revenue remained strong at $64.8 million, up 23% year-over-year, driven by the elevated threat environment.

The geographic mix of first quarter revenue consisted of approximately 66% from the U.S. and 34% from international geographies, with EMEA and overall international year-over-year revenue growth accelerating compared to Q4. Total non-GAAP gross margin was our Q1 record 79%, and non-GAAP subscription gross margin was a Q1 record 81% of revenue, up 90 basis points over the prior year, driven by continued cloud optimization. First quarter non-GAAP operating income was a Q1 record $325.7 million, and non-GAAP operating margin was 24%, up 530 basis points over the prior year and exceeding our guidance. The outperformance was driven by our strong top-line performance, gross margin improvement, and increased operating efficiency, underscoring our commitment to durable, profitable growth. In Q1, we once again delivered positive GAAP net income attributable to CrowdStrike of $27.8 million.

Non-GAAP net income attributable to CrowdStrike was a Q1 record $283.4 million, or $1.10 on a diluted per share basis, exceeding our guidance. Moving to cash, our cash and cash equivalents were $4.55 billion. We generated record cash flow from operations of $590.9 million and record free cash flow of $468.5 million, or 34% of revenue. In Q1, we repurchased $176 million of shares outstanding at an average price of $365.63. We now have approximately $1.3 billion remaining under our share repurchase authorization. We will remain opportunistic in returning capital to shareholders as we remain focused on capturing the significant growth opportunities ahead of us. Finally, as George mentioned, we are announcing a 4:1 forward stock split to make ownership of CrowdStrike stock more accessible to investors.

Stockholders of record after the close of market on June 25th, 2026, will receive an additional three shares of common stock for every one share held after the close of market on July 1st, 2026, with trading on a split adjusted basis expected to commence at market open on July 2nd, 2026. Moving to our outlook and modeling notes. Our record Q2 pipeline and strong momentum across competitive displacements, Falcon Flex adoption, and platform consolidation give us conviction in the durability of CrowdStrike’s growth trajectory, profitability expansion, and cash flow generation. As George outlined, AI adoption has become an existential imperative, and it requires cybersecurity. CrowdStrike provides critical infrastructure that enterprises need to adopt AI safely and at scale. Our broad business momentum and the accelerating AI tailwind we see are reflected in our raised FY 2027 outlook.

We now expect FY 2027 net new ARR growth to accelerate over FY 2026, with year-over-year growth of 27.7% at the midpoint, a 520 basis point increase in year-over-year growth from our prior guidance, translating to an increase of $52 million to $1.291 billion of net new ARR. Given our Q1 net new ARR outperformance and increased outlook for the full fiscal year, we now expect FY 2027 net new ARR seasonality to be approximately 42% in the first half and 58% in the second half. Moving to cash at the midpoint of our guidance, we expect free cash flow margin of 24.5% in Q2, our seasonally lowest free cash flow quarter, and continue to expect at least 30% for the full fiscal year on our increased revenue guidance.

As a result of our outperformance in Q1, we now expect the seasonal mix of free cash flow dollars between the first and second half to be 46% in the first half and 54% in the second half. For the second quarter of FY 2027, we expect annual recurring revenue to be in the range of $5.793 billion-$5.795 billion, reflecting a year-over-year growth rate of 24%. Translating to net new ARR of $284 million-$286 million, reflecting a year-over-year growth rate of 28%-29%. We expect total revenue to be in the range of $1.436 billion-$1.442 billion, reflecting a year-over-year growth rate of 23%. We expect non-GAAP income from operations to be in the range of $346 million-$349 million, and non-GAAP net income attributable to CrowdStrike to be in the range of $301 million-$303 million.

We expect diluted non-GAAP net income per share attributable to CrowdStrike to be approximately $1.16-$1.17, utilizing a 21% tax rate and weighted average share count of approximately 258 million shares on a diluted basis. Adjusted for the stock split, we expect diluted non-GAAP net income per share attributable to CrowdStrike to be approximately $0.29, utilizing a weighted average share count of approximately 1.034 billion shares on a diluted basis. For the full fiscal year 2027, we expect annual recurring revenue to be in the range of $6.532 billion-$6.556 billion, reflecting a year-over-year growth rate of 24%-25% and translating to net new ARR of $1.279 billion-$1.303 billion, reflecting a year-over-year growth rate of 27%-29%. We expect total revenue to be in the range of $5.915 billion-$5.959 billion, reflecting a growth rate of 23%-24% over the prior fiscal year.

Non-GAAP income from operations is expected to be between $1.452 and $1.480 billion. We expect non-GAAP net income attributable to CrowdStrike to be between $1.263 and $1.285 billion. Utilizing a 21% tax rate and approximately 259 million weighted average shares on a diluted basis, we expect non-GAAP net income per share attributable to CrowdStrike to be in the range of $4.88-$4.96. Adjusted for the stock split, we expect diluted non-GAAP net income per share attributable to CrowdStrike to be approximately $1.22-$1.24, utilizing a weighted average share count of approximately 1.036 billion shares on a diluted basis. George and I will now take your questions.

Brian Essex, Analyst, J.P. Morgan3: Thank you. If you would like to ask a question, please click on the Raise Hand button, which can be found on the bar at the bottom of the Zoom window. You may remove yourself from the queue at any time by lowering your hand. When it is your turn, you will hear your name called and receive a message on your screen notifying you that you may unmute yourself. In the interest of time, participants will be limited to one question. Our first question comes from Meta Marshall with Morgan Stanley. Please go ahead.

Brian Essex, Analyst, J.P. Morgan1: Great, thanks. George and Burt, you noted a lot of tailwinds for the business as customers invest in AI. Can you just unpack which of those are the biggest near-term drivers that prompted you to meaningfully raise the net new ARR guidance for both Q2 and the full fiscal year? Thanks.

Burt Podbere, Chief Financial Officer, CrowdStrike Holdings, Inc.: Sure. Thanks, Mita. The first key driver demand for us in terms of the tailwinds are the AI tailwinds that George talked about in his prepared remarks. You look into other things that really give us confidence in terms of raising the guide. One is basically the strong module adoption rates that we have, the strong gross and net retention rates that we have, and of course our strong Q2, record Q2 pipeline. You can throw in the Mythos moment, which created an inflection point around ARR for our business. You combine all those things that gave us confidence for both the Q2 guide as well as the full year guide.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Thanks, Meta. Operator, next question.

Brian Essex, Analyst, J.P. Morgan3: Our next question will come from Saket Kalia with Barclays.

Brian Essex, Analyst, J.P. Morgan6: Okay, great. Hey, guys. Thanks for taking my question here, and great to see the raise in net new ARR for the year. George, maybe for you related to that point, can you just give us a little bit of color on when you started to see that inflection in demand related to what I think we called the Mythos moment? I’m curious how it sort of unfolded here from a timing perspective. Thanks.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Thanks, Saket. It actually started at RSA, just at the end of March, which is slightly before Mythos. Every meeting that we had with customers was all about protecting AI and providing visibility into things like shadow AI. We talked about the inflection point and endpoint and the acceleration, obviously there’s a lot of customers that want to deploy more AI, but they’re actually being held back because they don’t have the right visibility, security controls around everything from identity to data protection to MCP type services. Every meeting was literally the same meeting all over on help us protect these AI workloads that are running on the endpoints. All the developers are running it, marketing is running it, accounting is running it. We heard just crazy stories about AI run amok.

The biggest thing for me when I ask what outcome the customer is looking for, it wasn’t a technology outcome per se, it was, we need to solve the security issue because we want to deploy AI faster. We want to go faster in our business and our CEO is demanding the adoption of AI, and we can’t do it securely. That was a kind of a light bulb moment, obviously, or an inflection point at RSA. Then you combine that with Mythos in April, I mean, literally the thousands of interactions that we’ve had with customers on Mythos briefings and our Project QuiltWorks has been incredible. You kind of put all that together and you’ve got a real inflection point in the market. Thanks, Saket. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Your next question will come from Brian Essex with J.P. Morgan.

Brian Essex, Analyst, J.P. Morgan: Hi. Thanks, everyone. Good afternoon, and thank you for taking the question. Likewise, great to see the pretty impressive net new ARR increase in guide. George, would love to pick your brain a little bit. We’ve been hearing that security’s been gaining budgets outside of traditional IT and security budgets, maybe around RSA. Then after Mythos was released, it seems as though we have a bit of panic spending, which we’re seeing a lot in the consulting industry, and it sounds like everyone’s seeing it in their pipeline. Would love your sense of where do you think the money’s coming from? How much of the current AI tailwind might be incremental security spend? How much is maybe reallocation of existing budgets towards vendors perceived as more AI native, and where’s the money coming from within, what I would imagine, are relatively set budgets for the year?

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Yeah, I think you have to look at just a crazy inflection point in the adoption of frontier-type models, right? We’ve all seen the revenue curves with the big players that are out there. We’re tending to follow the slope of that adoption curve. The token spend has been just jaw-dropping. When you have that level of adoption, you’re going to have incremental funding around security. I think if we look at this realistically, two years ago, there wasn’t these big token budgets, right? All of a sudden there is, and people are finding money, and it’s incremental, and they need to adopt more of it. We have plenty of companies that are tracking token usage, not only from the spend standpoint of what are they spending, but they want to know who’s spending it. Are they spending it enough? Are they going fast enough?

We’ve seen it being incremental, at the end of the day, getting back to something I’ve said time and time again, if you want to create AI, you need GPUs. If you want to use AI, you need security, and that’s what we’re finding. All right. Thanks, Brian. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Your next question will come from Gabriela Borges with Goldman Sachs.

Gabriela Borges, Analyst, Goldman Sachs: Hey, good afternoon. George and Burt, I want to ask you a little bit about the modules in your business where you price based on consumption. I think there might be a little bit of that in your Next-Gen SIEM business, maybe in the cloud business as well. What I want to ask you is, are you seeing a change in, or a step function change in the amount of ingestion, data ingestion, cloud workloads, that sort of dynamic, either because of agentic activity or because perhaps the amount of agentic threats that customers have to deal with has gone up in the SOC? I’m wondering, because of the structural advantages you have on the cost and performance side of Next-Gen SIEM, can that now create an additional motion for you to have success in the Next-Gen SIEM product? Thanks so much.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Well, when we think about the agentic world, it’s all about data, and that’s been a foundational element of CrowdStrike since my starting of the company. If you have the right amount of data, you can solve most security use cases. In today’s world, it’s all about creating data, using that data for training, instrumenting the agentic SOC, and that’s why we’ve seen incredible adoption in our Next-Gen SIEM. We’ve seen workloads increase in the cloud. We’ve seen companies where, in the past, they may not have put as much data into their SIEM just because of a legacy provider and their cost model. Given the disruptive nature of our SIEM pricing, it’s all part of our platform, and we’re really charging for third-party ingest. It’s been a real win for customers.

We’re seeing more and more adoption broader, and we’re able to cover use cases that weren’t covered in the past, just given the economics of how we go to market with it. I think there’ll be more tailwinds. Again, there are a lot of customers now that are using that data with their own AI agents that we provide on the platform, and they’re getting incredible outcomes. The data gravity and the data moat that we talk about is obviously here. It’s been here, and it’s only getting bigger given the nature of AI. Thanks, Gabriela. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Your next question will come from Matthew Hedberg with RBC.

Brian Essex, Analyst, J.P. Morgan0: Great. Thanks for taking my questions. Congrats from me as well. George, you mentioned in your script cloud security had another strong quarter. I guess I’m curious, with the rise in AI demand, how is cloud security impacted by AI, and what are you seeing in terms of either competitive displacements or win rates in that segment?

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Yeah, it’s a good question, and when you think about cloud security, for a long time, it was about posture management. In the AI world, it’s really about runtime protection and control because you’re seeing now these AI workloads being hosted in the cloud, right? In these containers that have agents that are long-running agents, right? They’re being spun up with a certain level of control, and they need the runtime enforcement that we bring to it, which is a real strategic advantage for us. That has certainly played into our favor. You combine that with the ability to understand sort of SaaS posture for cloud providers and some of the attack vectors around those SaaS providers. It’s been just a very, I would say, bright spot for us given the full nature of the cloud stack that we’ve been building over many years.

Thanks, Matt. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Your next question comes from Rob Owens with Piper Sandler.

Brian Essex, Analyst, J.P. Morgan4: Great, Andy. Thanks for the question. George and Burt, good afternoon. George, another seminal cyber event here in our careers, definitely probably lending to a greater step function than we’ve seen historically in terms of the opportunity. Given the events of the last couple of months, how are you thinking about your business in general and where you might lean in to take advantage of it? Obviously, you’ve been building out the product set, given the greater sense of urgency, are there things you’re contemplating from packaging, pricing, further M&A, to really go after this opportunity since seemingly is exploding from a demand perspective? Thank you.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Well, I’ll start with the Flex model itself, and it’s something that we put in for a few years now, and we’re all seeing the benefits of the Flex model in terms of taking advantage of helping customers in these Mythos moments. There are many technologies that are rapidly evolving in an enterprise, and they all need protection. A lot of them obviously center around AI. I think we’ve done a good job from an acquisition perspective. I think we’ve been very strategic in getting companies that fit within our portfolio. Again, we spend a lot of time on the integration, which is something customers recognize and reward us for. We’ll continue to be acquisitive. We’re always looking at companies. Again, we tend to buy tech and great teams and spend a lot of time on the integration.

I think there’s just a lot of areas in AI that are rapidly emerging, and we continue to monitor that market, and we’ll continue to build it organically as we have and inorganically as we round out the entire portfolio, specifically in that area. You’ve got data protection. We continue to invest in those areas. You’ve got Falcon for IT. We’ve seen just incredible progress in replacing some of the larger incumbents in that market. Where we need to, we’ll augment that with acquisitions, and we continue to be a company that drives innovation organically as well.

Thanks, Rob. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Your next question will come from Josh Tilton with Wolfe.

Josh Tilton, Analyst, Wolfe Research: Hey, guys. Thanks for taking my question. George, maybe for you, I thought it was very interesting how in the prepared remarks you mentioned how things were just moving so fast in the month of April. I’m just trying to understand, was there any delayed spending or decision-making that maybe changed the net new ARR seasonality relative to what you guys were initially thinking 90 days ago? I’m just asking because I’m trying to reconcile the incredibly impressive raise, and understandably so, to the beat that you saw in the quarter. Thank you.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Well, I’ll start, and I’ll turn it over to Burt. As I mentioned earlier, you look at March and RSA as a real inflection point, and you have to look at the adoption of things like Claude Code just exploded. I think everyone knows the numbers there. Seeing this massive adoption very quickly of AI agents, and that really took place, I think in earnest towards the end of March, then the Mythos moment was in April. Then obviously, just incredible demand from that standpoint that we saw, obviously you’re seeing it in the forward guidance and the raise. Burt, you want to add to that?

Burt Podbere, Chief Financial Officer, CrowdStrike Holdings, Inc.: For sure, all the things that George said, it all came down to just our record Q2 pipeline. That gave us the confidence as we looked out into the full year. It gave us confidence in terms of how we saw the business, the momentum in the business. As I look at Q1 and I remark on Q1, I look at the 32% year-over-year growth rate for net new ARR. That’s an impressive number. You go to the cash, our record cash, free cash flow, and you look at our rule of 59, which is impressive at our scale. You look at all those things combined, and that gives me confidence in terms of the raise that we looked at for the year.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Thanks, Josh. Operator, next question please.

Brian Essex, Analyst, J.P. Morgan3: Your next question will come from Joseph Gallo with Jefferies.

Joseph Gallo, Analyst, Jefferies: Hey, guys. Thanks for the question. I’ve got a two-parter on agentic identity. This is clearly a huge need that all CISOs know they have, but at the same time, companies aren’t really deploying security there. What is causing that, and what’s the catalyst that can revert that? Just two, can you talk a little bit more about your product positioning and identity outside of ITDR, especially now with SGNL in the fold and just the right to win that agentic identity market. Thanks.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Yeah. We’ve been in the identity market in some segments since 2020, and we’ve built a great business there, one of the largest pure play security identity businesses around. What are we seeing? Well, obviously, with what we’ve built, the organic evolution of the products, and now combined with SGNL, we’ve got an incredible opportunity in front of us. Just SGNL alone, we’ve got customers who are using it for non-human identities, and they’re getting incredible results. I met with a customer at RSA, became a two-time customer. This particular gentleman left one company that was a SGNL customer, and the first thing he did was to get SGNL at his next company, which we called out in the prepared remarks. I asked him, I said, "What do you like? What works?

Why are you here so quickly for your second time around?" He said it would take him two weeks to get an identity up and running, and now it takes him two minutes. The amount of just efficiencies that he was able to provide is incredible. What we’re seeing right now, we’re working with customers right now on this, is using SGNL as the identity control plane, combined with our AI DR. We see a fantastic opportunity. Remember, we’re not saddled with legacy technology and sort of patchwork of things that we have to deal with with respect to sort of vaulting, right? Customers want a new, they want a fresh approach of zero standing privileges, and we have it, and it works in the agentic world. We feel really good about this acquisition and our identity business.

Andy Nowinski, Vice President of Investor Relations and Strategic Finance, CrowdStrike Holdings, Inc.: All right. Thanks, Joe. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Your next question will come from Roger Boyd with UBS.

Brian Essex, Analyst, J.P. Morgan5: Great. Thanks, Andy, for the question. George, I wanted to come back to AI detection response and the pretty impressive pipeline and color you provided on that product. From a higher perspective, relative to that $2.5 trillion forecast AI market, how are you thinking about the TAM for AI DR? A few months ago, it felt like this was a pretty early market. I guess, can you talk about, with these early deals, what you’re seeing from a competitive perspective? What’s giving you the right to win here? Thanks.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Roger, I think when you look at this market now, and the TAM, I think, is going to be very large. I called out in my prepared remarks, I think it’s going to be larger than EDR. The reason why I think that is, from an EDR perspective, we’re protecting machines and workloads and such. In the agentic world, on average, and this is an industry stat, there’ll be 90 agents per employee. When you look at all of those agents that need protection, this is what gives me confidence that it is going to be a bigger market than EDR. Why do we have a right to win? We’ve pretty much created the EDR category. We’re the number 1 sure-play player in that category, and customers already have what they need. They already have the agent. They already have visibility into what’s happening.

We’ve created some incredible advancements that give unparalleled visibility to what’s happening at the agentic layer. We’re working with some of the biggest companies on the planet now, in preview mode on some of this technology, in addition to what we already have in the market. As a leader in EDR, it is a natural evolution where customers have said, "We need this to protect our agents," and we are there to meet them in the market. For me, it’s one of the most exciting times since when I started the company, because it really is just an incredible moment to be in security. Given all of the fast-moving tailwinds of AI, I think we’re perfectly positioned.

Andy Nowinski, Vice President of Investor Relations and Strategic Finance, CrowdStrike Holdings, Inc.: All right. Thanks, Roger. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Your next question will come from Eric Heath with KeyBanc.

Eric Heath, Analyst, KeyBanc: Hey, thanks for taking the question. Can you hear me okay?

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Yep.

Andy Nowinski, Vice President of Investor Relations and Strategic Finance, CrowdStrike Holdings, Inc.: Yes.

Eric Heath, Analyst, KeyBanc: Hey, great. George, as the security industry starts to embrace and leverage these frontier models to deliver products and services, as you’ve done, do the pricing models need to move to more of a token-based pricing model? Just how do you see this evolving? Thanks.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Well, it is an evolving market, and the great news is that Falcon Flex license already contemplates that. Remember, Flex is a commitment model, but it has the ability to use tokens, use credits, things of that nature. I think we’re in a great spot because we’ve done the hard work of getting these Falcon Flex licenses in place. We’ve got customers who already committed massive dollars to it. As it evolves, we can easily add token consumption into the model, and that’s certainly something that we may do in the future. Obviously, it’s moving pretty quick, and we want to make sure that we get it right, and we want to make sure we meet customers where they want to be met, where they’ve got a level of flexibility, but also a level of certainty around the spend.

I think as a company, we’ve done a good job to help provide that to our customers, which is why you’ve seen the adoption around Flex.

Andy Nowinski, Vice President of Investor Relations and Strategic Finance, CrowdStrike Holdings, Inc.: All right. Thanks, Eric. Operator, next question, please.

Brian Essex, Analyst, J.P. Morgan3: Our next question will come from Fatima Boolani with Citi. You may now unmute and ask your question. Fatima, please feel free to unmute your line. Well, we’ll go to our next caller, and we can check back in with Fatima. Our next question will come from John DiFucci with Guggenheim Securities.

John DiFucci, Analyst, Guggenheim Securities: Thank you. George, the question’s for you. You said the gap between AI adoption and AI protection is the widest asymmetry in security since the cloud transition. You also talked about an inflection in the market, which implies some incremental business, your results look good and that’s reflected. It seems like that’s more about interest and intent. It sounds like we’re still really early in this journey for enterprises. My question is, where are we in the actual adoption of AI in the enterprise? Are enterprises still trying to figure out how to harness its power and stepping in lightly, or are they actually really starting to deploy it broadly? I guess more importantly, as it pertains to CrowdStrike, because I don’t think they are necessarily going to be aligned, where are enterprises in their journey of adoption of security for AI?

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: Well, yeah. John, let’s start from the top. It’s still the early innings, as you might imagine, in AI adoption. You have to look across an enterprise where they’ve gone deep very quickly, obviously around developers first, and then they’re moving into other areas, depending on the industry, depending on the company. Certainly in the developer world, just since January, and the evolution of some of the models and the harnesses that they’ve created to actually get work done, you’ve just seen incredible adoption very quickly. That, like many other technology sort of inflection points, the adoption front runs the security piece of it. That’s why so many CISOs, CIOs, and CEOs are calling us saying, "We need something to keep up with the adoption of AI.

We want to go faster, we need something like CrowdStrike and AI DR. We’re still in the early innings. The other thing that I’ll point out, even when you look at our pipelines and the things that Burt talked about, is the AI adoption isn’t all enterprise-wide yet, and it’s almost like the early days of EDR where someone would adopt it in a division or a geography or something. We’re still in those early innings, and we’re seeing incredible pipelines. Once it goes really mainstream and entire company’s adopted across all of their employees and workloads, again, I think you’re going to see just another incremental increase in opportunities there.

Andy Nowinski, Vice President of Investor Relations and Strategic Finance, CrowdStrike Holdings, Inc.: All right. Thanks, John. Operator, next question please.

Brian Essex, Analyst, J.P. Morgan3: Your next question comes from Gregg Moskowitz with Mizuho.

Gregg Moskowitz, Analyst, Mizuho: Great. Thank you for taking the question. George, as you know, the U.S. government just announced an Executive Order to upgrade systems for advanced AI. Can you talk about the role that you expect CrowdStrike to play here? Then maybe for Burt, how, if at all, is this being reflected in your guidance? Thanks.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: First let me commend the administration for calling out the need for AI security, and I think the White House struck an appropriate balance here, and we’re certainly excited and we’ll continue to engage. We’ve been very active in D.C. We work very closely with various groups, administration, et cetera, and I think this is a good thing. When you look at AI and how important it is for the future of the federal business and the security of the country, it’s something that you really have to get right. I think the executive order will create a tailwind ultimately for businesses like CrowdStrike, because these federal governments are going to need to expedite and prioritize cyber defenses in a more modern way. You have to keep in mind that when we think about this, cybersecurity is national security. It’s incredibly important.

We’re at the epicenter there. We will continue to engage, and we’re happy to be part of those efforts as they unfold.

Andy Nowinski, Vice President of Investor Relations and Strategic Finance, CrowdStrike Holdings, Inc.: All right, thanks Gregg. Operator, next question please.

Brian Essex, Analyst, J.P. Morgan3: Your next question comes from Michael Turrin with Wells Fargo Securities.

Brian Essex, Analyst, J.P. Morgan2: Hey, great, thanks. I appreciate you taking the question. I want to go back to just the shape of what you’re seeing and how it shows up in the model. The 1Q ARR was strong, a bit closer to the guide, especially relative to how the full year numbers went up. I know, George, you’ve mentioned the post-Mythos moment multiple times. Maybe speak to the sequence of what you’re expecting for rest of year in terms of pipeline progression. Burt, maybe you can just also touch on how we should think about the visibility you have into the ARR guide for the rest of the year versus what would drive further upside. Thank you.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: I’ll start, I’ll turn it over to Burt, but when you look at AI DR, it’s 250% quarter-over-quarter up with a $50 million plus pipeline, and that’s only growing by the day. Our executive briefing centers are full with companies that want to be talking about Mythos, how to protect AI. Every conversation, every rep, every you name it, we’ve done a tremendous amount of executive and board briefings because Mythos, this is from the back room to the boardroom. I can tell you CEO after CEO who called their CISOs on the weekend saying, "Is this thing really a problem? What does it mean for us? How do we protect ourselves? What does it mean going forward?" It really is a Y2K moment for security.

We look at the upcoming year and the guidance, and it reflects that sort of momentum that we’ve seen in the pipeline. Burt?

Burt Podbere, Chief Financial Officer, CrowdStrike Holdings, Inc.: Yeah, I think that’s exactly right. For us, again, we’re getting that confidence from all the fundamentals in the business. We’re getting the confidence from all the conversations we’re having with our customers, what George talked about with the Mythos moment. There’s not a conversation that isn’t happening from our largest customers down to our smallest customers about how are we going to protect our AI. Look, I think the world is looking to us to be an accelerant for AI deployment, because CISOs all over the world are the ones that have to be the roadblock in terms of deploying all of the AI. They can’t do it unless they know that there are the proper guardrails in place, and that’s where they look to CrowdStrike. Based on all of that, I got confidence in the full year guide as well as the Q2 guide.

Brian Essex, Analyst, J.P. Morgan3: Thank you. This concludes today’s question and answer session. I would now like to turn the call back over to George Kurtz for closing remarks.

George Kurtz, Chief Executive Officer and Founder, CrowdStrike Holdings, Inc.: I want to thank everyone for their time today. We certainly appreciate your continued support and look forward to seeing you at our upcoming events. Thanks so much. We’ll see you soon.