The cybersecurity platform wars may be getting a bit chippy as CrowdStrike and Palo Alto Networks duel as they try to convince enterprises to consolidate on their platforms.
This cybersecurity platform skirmish all started when Palo Alto Networks reported earnings and CEO Nikesh Arora said the company would offer incentives to entice enterprises to consolidate vendors. The catch is that Palo Alto Networks cut its outlook.
Enter CrowdStrike, which delivered strong fourth quarter results and said it would buy Flow Security. CrowdStrike reported fiscal fourth quarter adjusted earnings of 95 cents a share on revenue of $845.3 million. Wall Street was expecting adjusted earnings of 82 cents a share on $839.97 million.
For fiscal 2024, CrowdStrike delivered net income of $89.3 million, or 37 cents a share, on revenue of $3.06 billion, up 36% from a year ago. Adjusted annual earnings were $3.09 a share.
As for the outlook, CrowdStrike was also impressive. It projected first quarter revenue between $902.2 million and $905.8 million with non-GAAP earnings of 89 cents a share to 90 cents a share. For fiscal 2025, CrowdStrike projected revenue of $3.92 billion and $3.99 billion with non-GAAP earnings of $3.77 a share to $3.97 a share.
George Kurtz, CEO of CrowdStrike, had two weeks to prepare for the platform question and came prepared for the earnings conference call. He was so prepared that the word "platform" was mentioned 78 times on the conference call.
- Cybersecurity platforms spar over data, generative AI, wallet share
-
CrowdStrike launches Charlotte AI, generative AI to uplevel, democratize cybersecurity analysis
"CrowdStrike is the only single platform, single agent technology in cybersecurity that solves use cases well beyond endpoint protection," said Kurtz, who touted the company's Falcon platform with native AI. Kurtz argued that customers have gone all-in on Falcon and are increasingly adopting more modules. His argument was that enterprises are "leaving stitched together point products and PowerPoint platforms behind."
From there, Kurtz noted that the cybersecurity game is "is a frenetic vendor bazaar." He said:
"Disjointed point feature copycat products clutter the market, attempting to Band-Aid symptoms instead of curing the illness. OS vendors use their market position to create a monoculture of dependence and risk, and in many cases serve as the breach originator. Even worse, multi-platform hardware vendors evangelize their stitched together patchwork of point products masquerading as thinly veiled piecemeal platforms. And what organizations inevitably realize is that vendor lock-in leads to deployment difficulties, skyrocketing costs, and subpar cybersecurity.
The outcome is shelf wear and sunk costs. ELA and bundling addiction become the only way to coax customers into purchasing non-integrated point products."
Kurtz's punchline: The enterprise IT budgets are fine, but the fatigue over bolt-on products is real.
- Constellation ShortList™ Managed Detection and Response (MDR)
- Constellation ShortList™ Endpoint Protection Platforms
- Constellation ShortList™ Extended Detection and Response Platforms (XDR)
- Constellation ShortList™ Cloud Native Application Protection Platforms (CNAPP)
CrowdStrike often takes aim directly at Microsoft and Hurtz noted that "we eliminated multiple Microsoft consoles and multiple agents to a single console, single agent, and single platform of Falcon."
But Palo Alto Networks' platform grab also was an obvious target. Kurtz said:
"A global financial services giant replaced their Palo Alto Prisma Cloud products in a large seven-figure deal. The Palo Alto cloud security products required separate management consoles and separate agents because cloud security is on a separate Palo Alto platform altogether. CrowdStrike was able to deliver an expected 70%-time reduction in management as well as more than $5 million in annual staffing cost savings. The patchwork of multi-product, multi-agent, multi-console, separate platform technologies resulted in visibility gaps, asynchronous alerts, and overall fatigue managing cloud security. Falcon single platform with its integrated cloud security components was a win for the customer."
The big takeaway from Kurtz was that enterprises shouldn't confuse "platformization" with old-fashioned bundling and freebies. He said:
"As you might imagine, I heard a lot about platformization over the last week. To me it's kind of a made-up, but what I believe our competitors are talking about is bundling, discounting, and giving products away for free, which is nothing new in software and security software. It's been done for the last 30 years. We know free isn't free. And what customers are saying is more consoles, more point products masquerading as platforms create fatigue in their environment. We've been focused on is that single agent architecture, single platform, single console that allows us to stop the breach, but more importantly, drive down the operational cost."
Arora, who spoke at the Morgan Stanley Technology, Media & Telecom Conference the same day as CrowdStrike’s earnings report, defended the company's platform play. He said:
"This is totally different than bundling that's what we say it. Bundling is the economic bundle. You say if you buy one thing from me, you buy the second thing, you can buy the third thing for free or as part of the deal, you have to go spend it freely. Cybersecurity works differently because Chief Security Officers and CIOs don't get in trouble buying the best in a category.
It's different because we actually have to prove the value of these things working together because the customer already has the other use case. This is about actually going and demonstrating value from the integration as opposed to creating an economic construct."
Zscaler, the other security platform vendor in this race, had a take that rhymed with CrowdStrike as well as Palo Alto Networks. Zscaler CEO Jay Chaudhry said at the Morgan Stanley conference:
"The word platform has been hijacked just like the word Zero Trust has been hijacked. Platform is supposed to be a common set of services on which you build application A, B and C. It's not supposed to be a collection of acquisitions and labeled under a bundle. That platform is really nothing, but ELAs labeled as platform, which is becoming shelfware. Our philosophy has been platform can give you a good model. ServiceNow has built a good platform that works well together. How many vendors have tried to do a bunch of acquisitions they never came together. It's supposed to be a platform."
Chaudhry said enterprises have collected a bunch of best-of-breed products that don't add up. The way forward will be to consolidate vendors. In the end, 30 to 50 security vendors will be consolidated to a handful. Perhaps the question is less about CrowdStrike vs. Palo Alto Networks vs. Zscaler and more about what security vendors will walk the plank completely and which players (Microsoft and Cisco Systems with Splunk) have an incumbent's advantage.