The parade of cybersecurity vendors looking to capitalize on the CrowdStrike and Microsoft outages has gone by, but it's unclear whether enterprises will be able to have both resiliency and vendor consolidation.
These conflicting goals are worth pondering as Microsoft meets with CrowdStrike and other security vendors Sept. 10 in Redmond.
Zscaler CEO Jay Choudhury spent a lot of time talking about CrowdStrike's outage and the opportunities for his company. Those opportunities are compelling, but Zscaler cut its fiscal 2025 outlook as it overhauls its go-to-market and sales approach. Nevertheless, Choudhury had a lot of insights on what CIOs are thinking.
Speaking on Zscaler's fourth quarter earnings call, Choudhury said: "The importance of mission criticality has gone up significantly since the outage that was caused by CrowdStrike. While our customers want resilience, they also do want consolidation, but they do not want consolidation such that it makes them dependent on a single vendor."
In other words, enterprises are trying to thread a needle between consolidating security vendors and building resilience. Choudhury noted:
"Most of the CIO I talk to have been standardizing in-line access to three providers, one for EDR (endpoint detection and response), one for identity, and one for Zero Trust actions. I think that's a good combination because you end up getting a couple of extra layers, but you still have separation. So, in this environment, our customers aren't really pushing back on us because we tell them don't buy everything through Zscaler. You've got an EDR provider, you've got an identity provider and we'll do the rest of Zero Trust on activity."
Simply put, cybersecurity isn't likely to be the best-of-breed mashup it has been in recent years. Cybersecurity also isn't going to be this platformization nirvana that has been pitched by Palo Alto Networks. The reality is something in between and that means that CrowdStrike's moat around its business is largely intact.
This post first appeared in the Constellation Insight newsletter, which features bespoke content weekly and is brought to you by Hitachi Vantara.
A few themes that have emerged in the weeks since the CrowdStrike outage include:
Multiple vendors are capitalizing on the CrowdStrike outage. Zscaler noted increased interest, but SentinelOne had similar comments. SentinelOne CEO Tomer Weingarten said on the company's second quarter earnings call: "We've already seen customers choosing to move away (from CrowdStrike). Some of them have moved away already to SentinelOne, some of them are in the process, some of them will take time to assert, but I think everybody is considering their next steps. People are looking to diversify risk and not really concentrate more and more capabilities with one vendor."
CrowdStrike will be fine and the outage will make the company better. Yes, CrowdStrike said it will take a subscription revenue hit for the remainder of its fiscal year due to its outage, but CEO George Kurtz said deals that were delayed during the July 19 outage remain in the pipeline. "Obviously, there's a lot of noise in the marketplace and we can only control what we can control, and I think the best way for me to articulate that is to just recount some of the conversations. I had two customer calls this morning and most of them start out the same. They talk about our response, how transparent we were, and how we dealt with the problem. We talked about some of the mitigating steps that we've taken and it generally ends with we want to do more with CrowdStrike."
Platformization is still a theme for enterprises. Palo Alto Networks CEO Nikesh Arora said his company's platformization play is resonating with enterprises. Palo Alto Networks delivered a strong fourth quarter and Arora steered his comments toward the intersection of AI and cybersecurity with a brief mention of CrowdStrike's outage. He did say that customers are asking about resiliency and update procedures. Palo Alto Networks also closed its acquisition of IBM’s QRadar SaaS business.
Enterprises will look to multiple platforms based on cybersecurity roles. It's likely that larger cybersecurity vendors are going to gobble up smaller players to build out platforms. Fortinet is one example as it has acquired its way to becoming more of a platform that resembles Palo Alto Networks. Also look for Google Cloud to make some more cybersecurity moves. Google Cloud recently partnered with Rubrik on data protection via integration with Mandiant and was reportedly in talks to buy cloud security startup Wiz.
We’ll leave you with the ShortLists you need to know:
- Constellation ShortList™ Security Access Service Edge (SASE)
- Constellation ShortList™ Network Firewall
- Constellation ShortList™ Endpoint Protection Platforms
- Constellation ShortList™ Extended Detection and Response Platforms (XDR)
- Constellation ShortList™ Security Information and Event Management (SIEM)
- Constellation ShortList™ Software Defined - Wide Area Network (SD-WAN)
Insights Archive
- Big software deals closing on AWS Marketplace, rival efforts
- Peraton's Cari Bohley: Why internal talent recruiting and retention is critical
- Starbucks lands new CEO from Chipotle: Here’s how digital strategy could change
- Disruption is coming for enterprise software
- Enterprise software vendors shift genAI narrative: 'GenAI is just software'
- The generative AI buildout, overcapacity and what history tells us
- Enterprises start to harvest AI-driven exponential efficiency efforts
- GenAI may be the new UI for enterprise software
- Education tech in turmoil amid genAI: Why consolidation is next
- 14 takeaways from genAI initiatives midway through 2024
- OpenAI and Microsoft: Symbiotic or future frenemies?
- AI infrastructure is the new innovation hotbed with smartphone-like release cadence
- Don't forget the non-technical, human costs to generative AI projects
- GenAI boom eludes enterprise software...for now
- The real reason Windows AI PCs will be interesting
- Copilot, genAI agent implementations are about to get complicated
- Generative AI spending will move beyond the IT budget
- Financial services firms see genAI use cases leading to efficiency boom
