Security Information & Event Management (SIEM) , Security Operations

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

LogScale Reaches $100M ARR as EY Builds 150-Person Practice Around CrowdStrike SIEM
CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes
George Kurtz, CEO, CrowdStrike (Image: CrowdStrike)

Pervasive discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk have driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering.

See Also: Cortex XSIAM: The Machine-Led, Human-Empowered Security Platform

The Austin, Texas-based cybersecurity titan's SIEM tool hit the $100 million annual recurring revenue milestone in the most recent quarter thanks to LogScale's search speed, data gravity and cost efficiency, said CEO George Kurtz. That growth prompted consulting giant EY to build a 150-person practice around LogScale to capitalize on CrowdStrike's technological superiority and demand for SIEM transformation (see: CrowdStrike CEO: Point Product Vendors Are Being Left Behind).

"I tend to like businesses in markets where the incumbents are entrenched but have a high degree of dissatisfaction, where the technology is legacy, and where the complexity is high of patching all this stuff together," Kurtz told investors Tuesday. "Our next-gen SIEM offering is the right technology in the right place at the right time to benefit from market dynamics and the scale of CrowdStrike."

CrowdStrike was not one of the world's 10 largest SIEM vendors in 2022, meaning the company's annual SIEM revenue came in below $112.4 million, IDC found. But SIEM market share leader Splunk agreed in September to be acquired by Cisco for $28 billion, creating an opening for challengers such as CrowdStrike. Splunk's $1.55 billion in SIEM sales accounted for a 29.8% share and represented 29.1% annual growth (see: Cisco to Bring XDR, SIEM Together With $28B Splunk Purchase).

Kurtz said most organizations want to replace their "expensive, cumbersome and slow legacy SIEM," and IDC found that the SIEM business for Micro Focus and LogRhythm actually declined in 2022 despite the market as a whole growing by 16.6%. In fact, Kurtz said, customer conversations today about legacy SIEM feel like the discussions he was having about replacing legacy antivirus in 2012 or 2013.

"This is a massive opportunity for CrowdStrike," Kurtz said. "And now is the right time for us, given the level of dissatisfaction, M&A in the environment and the customer's willingness to look for a much better solution."

How CrowdStrike Expanded Its Foothold in the SIEM Market

LogScale is built off CrowdStrike's March 2021 acquisition of Humio for $392 million and addresses both security and performance management use cases around logging infrastructure or Kubernetes clusters, Kurtz said. In September 2023, CrowdStrike said it would standardize all customers on LogScale over the next year, making it easier to access the company's first-party data and third-party product data.

"We think there's a much broader opportunity than just SIEM."
– George Kurtz, CEO, CrowdStrike

Kurtz called out several customer wins in the SIEM space over the past quarter, including a seven-figure expansion from a major consumer organization that wants to more easily ingest data from third parties, correlate alerts and capitalize on long-term data retention. A new business process outsourcing client simultaneously adopted LogScale alongside CrowdStrike's XDR, identity and cloud security tools, he said.

And CrowdStrike landed a new financial services customer in a seven-figure deal after the company was called in to stop a breach. The company decided to replace Microsoft with LogScale due to CrowdStrike's ability to operationalize high-fidelity security data without compromising on cost. Neither Microsoft nor Splunk immediately responded to Information Security Media Group's requests for comment (see: CrowdStrike to Buy AppSec Startup Bionic for Reported $350M).

"CrowdStrike is cybersecurity's AI consolidator, liberating organizations from legacy AV, subpar EDRs, and a hodgepodge of hygiene, compliance and vulnerability device management tools, costly and clunky SIEMs, and a confusing alphabet soup of immature cloud point products," Kurtz said. "This lengthy list of costly point products can be left behind, saving tens of millions of dollars annually for businesses."

Kurtz said approximately 85% of relevant security data is generated from the endpoint and that data loses fidelity if it has to travel across the network. CrowdStrike can therefore take its native endpoint data and combine that with LogScale's ability to ingest third-party data without creating an index, meaning customers can replace their existing SIEM and enjoy immediately results, according to Kurtz.

"We think there's a much broader opportunity than just SIEM itself," Kurtz said. "It opens up the entire data architecture of an organization to CrowdStrike."

CrowdStrike Hits GAAP Profitability for Third Time in a Row

Category Quarter Ended Oct. 31, 2023 Quarter Ended Oct. 31, 2022 % Change
Total Revenue $786M $580.9M 35.3%
Subscription Revenue $733.5M $547.4M 34%
Professional Services Revenue $52.6M $33.5M 56.8%
Net Income $26.7M -$54.6M N/A
Earnings Per Diluted Share $0.11 -$0.24 N/A
Non-GAAP Net Income $199.2M $96.1M 107.4%
Non-GAAP Earnings Per Share $0.82 $0.40 105%
Source: CrowdStrike

CrowdStrike's revenue of $786 million in the quarter ended Oct. 31 edged out Seeking Alpha's sales estimate of $777.4 million. Meanwhile, the company's non-GAAP earnings of $0.82 per share beat Seeking Alpha's non-GAAP estimate of $0.76 per share. CrowdStrike achieved GAAP profitability for the third time in company history - just six months after crossing the threshold the first time.

The company's stock dipped $2.66 - 1.25% - to $209.69 per share in after-hours trading. Earnings were announced after the market closed Tuesday.

For the fiscal quarter ending Jan. 31, CrowdStrike expects non-GAAP net income of $199.6 million to $202.1 million, or $0.81 to $0.82 per share, on revenue of between $836.6 million to $840 million. That compares to analyst expectations of earnings of $0.78 per share on revenue on $836.8 million, according to Seeking Alpha.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.