Wow_老虎社区_美港股上老虎

2021-08-25

Wow

CrowdStrike: Not Just Any Cybersecurity Company<blockquote>CrowdStrike：不是任何一家网络安全公司</blockquote>

免责声明：上述内容仅代表发帖人个人观点，不构成本平台的任何投资建议。

精彩评论

我们需要你的真知灼见来填补这片空白

发表看法

{"i18n":{"language":"zh_CN"},"detailType":1,"isChannel":false,"data":{"magic":2,"id":837459822,"tweetId":"837459822","gmtCreate":1629907119066,"gmtModify":1631890254526,"author":{"id":3561324941812646,"idStr":"3561324941812646","authorId":3561324941812646,"authorIdStr":"3561324941812646","name":"6fea9d87","avatar":"https://community-static.tradeup.com/news/default-avatar.jpg","vip":1,"userType":1,"introduction":"","boolIsFan":false,"boolIsHead":false,"crmLevel":2,"crmLevelSwitch":0,"individualDisplayBadges":[],"fanSize":1,"starInvestorFlag":false},"themes":[],"images":[],"coverImages":[],"extraTitle":"","html":"<html><head></head><body>Wow</body></html>","htmlText":"<html><head></head><body>Wow</body></html>","text":"Wow","highlighted":1,"essential":1,"paper":1,"likeSize":2,"commentSize":0,"repostSize":0,"favoriteSize":0,"link":"https://laohu8.com/post/837459822","repostId":1148011558,"repostType":4,"repost":{"id":"1148011558","kind":"news","pubTimestamp":1629902594,"share":"https://www.laohu8.com/m/news/1148011558?lang=zh_CN&edition=full","pubTime":"2021-08-25 22:43","market":"us","language":"en","title":"CrowdStrike: Not Just Any Cybersecurity Company<blockquote>CrowdStrike：不是任何一家网络安全公司</blockquote>","url":"https://stock-news.laohu8.com/highlight/detail?id=1148011558","media":"Seeking Alpha","summary":"Summary\n\nCybersecurity is one of the most important aspects in the digital world, gaining more and m","content":"Summary<blockquote>总结</blockquote> <ul> <li>Cybersecurity is one of the most important aspects in the digital world, gaining more and more significance with weekly new breaches.</li> <li>CrowdStrike says goodbye to reactive antivirus and offers only a pro-active Indicator of Attack Solution. I explain in detail what this means.</li> <li>CrowdStrike is the most mature new-gen cybersecurity company leaving its competition far behind in maturity and reputation in the new-age world.</li> <li>CrowdStrike is expensive, but investors can profit if they maintain a long-term view.</li> </ul> <img src=\"https://static.tigerbbs.com/7c6aec1f150eb5e8ada2bd309de812f8\" tg-width=\"768\" tg-height=\"480\" width=\"100%\" height=\"auto\">mdegrood/iStock via Getty Images<blockquote><ul><li>网络安全是数字世界中最重要的方面之一，随着每周新的违规事件的发生，网络安全变得越来越重要。</li><li>CrowdStrike告别了反应式防病毒，只提供了一个主动的攻击指标解决方案。我详细解释这意味着什么。</li><li>CrowdStrike是最成熟的新一代网络安全公司，在新时代世界的成熟度和声誉方面远远落后于其竞争对手。</li><li>CrowdStrike的成本很高，但如果投资者保持长期观点，他们可以获利。</li></ul>mdegrood/iStock来自Getty Images</blockquote> One of my readers asked me to take a deeper look into CrowdStrike (CRWD), and luckily I've been reading a lot about them lately.<blockquote>我的一位读者让我更深入地了解CrowdStrike（CRWD），幸运的是，我最近读了很多关于他们的书。</blockquote> Cybersecurity is one if not the most important aspects for IT departments these days. Every month or even week, we hear stories about hackers infecting companies.<blockquote>如今，网络安全即使不是IT部门最重要的方面，也是其中之一。每个月甚至每周，我们都会听到黑客感染公司的故事。</blockquote> Here is a list of the largest hacks of 2021 (with sources):<blockquote>以下是2021年最大的黑客攻击列表（附来源）：</blockquote> <ol> <li>Kia Motors- Hacked with Ransomware - Demand ~$20m</li> <li>CD Project- Hacked with Ransomware - Refuse to pay the ransom - financial damage due to workers inability to access internal documents and resources -&gt; High</li> <li>AXA- Hacked with Ransomware (after stopping to reimburse clients for ransomware attacks :D) - 3TB of data Stolen</li> <li>JBS Foods- Hacked with Ransomware - Hacker group REvil - JBS paid $11m in Bitcoin - Largest paid ransom to that date. Shutdown damage not included.</li> </ol> These are just a few of the hacks that happened in 2021. The list for 2021 is long and ongoing. YoY growth in monetary damage, meaning the amount of money paid by companies and individuals to receive access to their data, is extremely high.<blockquote><ol><li>起亚汽车-被勒索软件黑客攻击-需求约2000万美元</li><li>CD项目-被勒索软件黑客攻击-拒绝支付赎金-由于工人无法访问内部文档和资源而造成的财务损失-&gt;高</li><li>AXA–遭到勒索软件黑客攻击（在停止向客户赔偿勒索软件攻击后：D）–3TB数据被盗</li><li>JBS食品公司——被勒索软件黑客攻击——黑客组织REvil——JBS在比特币支付了1100万美元——这是迄今为止支付的最大一笔赎金。不包括停机损坏。</li></ol>这些只是2021年发生的几起黑客事件。2021年的名单很长，而且还在继续。金钱损失的同比增长，意味着公司和个人为访问其数据而支付的金额非常高。</blockquote> <img src=\"https://static.tigerbbs.com/70cbf321b3334784058a05e70fefbd8c\" tg-width=\"640\" tg-height=\"395\" width=\"100%\" height=\"auto\">Chart by author, Data fromStatista<blockquote>作者图表，数据来自Statista</blockquote> Monetary damage doesn't include the economic damage by not having access to data or data being leaked to other countries or competitors.<blockquote>金钱损失不包括因无法访问数据或数据泄露给其他国家或竞争对手而造成的经济损失。</blockquote> According to&nbsp;Cybersecurity Ventures, cybercrime is expected to induce $6 trillion in damage annually by 2021. There is a huge monetary incentive for hackers globally to continue with their ransom and malware attacks. The risk-reward balance tilts strongly towards the reward side for hackers.<blockquote>据Cybersecurity Ventures称，到2021年，网络犯罪预计每年将造成6万亿美元的损失。全球范围内的黑客有巨大的金钱动机继续他们的赎金和恶意软件攻击。风险回报的天平强烈倾向于黑客的回报。</blockquote> Thesis<blockquote>论文</blockquote> CrowdStrike provides security measures to stop a virus before initiating the processes required to infect the host computer and network.<blockquote>CrowdStrike提供安全措施，在启动感染主机和网络所需的进程之前阻止病毒。</blockquote> CrowdStrike's total addressable market - TAM - is expanding YoY with new product offerings, new breaches and hacks, home office expansion, IoT, and much more.<blockquote>CrowdStrike的总目标市场TAM正在逐年扩大，包括新产品供应、新的违规和黑客攻击、家庭办公室扩张、物联网等等。</blockquote> I'm bullish on CrowdStrike over the next 5 years as its next-generation antivirus (NGAV) technology is an effective way to stop viruses from breaching networks and companies' IT infrastructures. CrowdStrike has the first-mover advantage, a mature platform, and an excellent and strong reputation throughout the industry.<blockquote>我看好未来5年的CrowdStrike，因为其下一代防病毒(NGAV)技术是阻止病毒破坏网络和公司IT基础设施的有效方法。CrowdStrike拥有先发优势、成熟的平台以及在整个行业中出色而强大的声誉。</blockquote> CrowdStrike is cloud-native, which means that it is scalable, adaptable, and gains through a network effect. Each new node and potential breach within a node helps strengthen the network by sharing information about the virus, strengthening its first-mover advantage in the market.<blockquote>CrowdStrike是云原生的，这意味着它具有可扩展性、适应性，并通过网络效应获得收益。每个新节点和节点内的潜在漏洞都有助于通过共享有关病毒的信息来加强网络，从而增强其在市场上的先发优势。</blockquote> How does CrowdStrike work?<blockquote>CrowdStrike是如何工作的？</blockquote> When investing in a high-growth company, I make sure to understand how its offerings differentiate from existing technologies within the industry and why they solve their customers' problems better than their competitors.<blockquote>在投资一家高增长公司时，我会确保了解其产品与行业内现有技术的区别，以及为什么它们比竞争对手更好地解决客户的问题。</blockquote> First, we must understand the difference between the Indicator of Compromise - IoC - and the Indicator of Attack - IoA.<blockquote>首先，我们必须了解妥协指标IoC和攻击指标IoA之间的区别。</blockquote> An IoC is a post-infection indicator. That means that after a virus has been installed, the antivirus program scans files and documents for known virus signatures (like we do with the PCR tests and Covid-19) and then quarantines the files and deletes them.<blockquote>IoC是感染后指标。这意味着在安装病毒后，防病毒程序会扫描文件和文档中的已知病毒特征（就像我们对PCR测试和新冠肺炎所做的那样），然后隔离文件并删除它们。</blockquote> That's not what CrowdStrike specializes in.CrowdStrike focuses on IoA.<blockquote>这不是CrowdStrike的专长。CrowdStrike专注于IoA。</blockquote> IoA scans for suspicious processes that are started in the background by malicious files. Let's understand what this means.<blockquote>IoA扫描恶意文件在后台启动的可疑进程。让我们理解这意味着什么。</blockquote> There are many types of viruses - malware, ransomware, phishing, spear-phishing... There are also endless versions of these viruses. An antivirus program will have a hard time finding each new iteration because manipulating the virus in some sort changes the file's hash (signature of the virus), making it impossible for IoCs to find the virus. But all viruses have things in common.<blockquote>有许多类型的病毒——恶意软件、勒索软件、网络钓鱼、鱼叉式网络钓鱼...这些病毒也有无穷无尽的版本。反病毒程序将很难找到每个新的迭代，因为以某种方式操纵病毒会改变文件的散列（病毒的签名），使IOC无法找到病毒。但是所有的病毒都有共同点。</blockquote> <img src=\"https://static.tigerbbs.com/b00527a719e98d68b0657b9b2cea0901\" tg-width=\"612\" tg-height=\"184\" width=\"100%\" height=\"auto\">IoC vs. IoA - reactive vs. proactive - Source:CrowdStrike<blockquote>IoC与IoA–被动与主动–来源：CrowdStrike</blockquote> Any virus must execute processes, which results in patterns. The virus can change its face, color, size, but it must execute and run code in some distinguishable way. For example, many viruses alter Window registry keys, create new users, or start encryption processes on the host.<blockquote>任何病毒都必须执行进程，这就产生了模式。病毒可以改变它的外观、颜色和大小，但它必须以某种可区分的方式执行和运行代码。例如，许多病毒会更改Window注册表项、创建新用户或在主机上启动加密进程。</blockquote> CrowdStrike stops the virus in its tracks. Below is an example of how the Falcon Sensor executes.<blockquote>CrowdStrike阻止了病毒的传播。下面是Falcon传感器如何执行的示例。</blockquote> <img src=\"https://static.tigerbbs.com/e4d02bc55a2843c84cde9d9797acd2c3\" tg-width=\"640\" tg-height=\"399\" width=\"100%\" height=\"auto\">CrowdStrike Falcon in Action malware prevention based on behavior.YouTube<blockquote>CrowdStrike Falcon在行动中基于行为的恶意软件预防.YouTube</blockquote> The host, in this case, a virtual machine - VM - by CrowdStrike. The user clicked on a malicious file, and the virus begins to \"install\" itself. The Falcon sensor detects if something in the background is initiating processes that indicate suspicious activity and stops those processes from executing.<blockquote>在本例中，主机是CrowdStrike提供的虚拟机VM。用户点击了一个恶意文件，病毒开始“安装”自己。Falcon传感器检测后台是否有东西正在启动指示可疑活动的进程，并停止这些进程的执行。</blockquote> That's the distinguishing factor for CrowdStrike.<blockquote>这是CrowdStrike的与众不同之处。</blockquote> CrowdStrike's EPP is cloud-native and gains from the network effect. The more nodes connect to its platform, the more secure it becomes by training the AI model with process signatures of new viruses.<blockquote>CrowdStrike的EPP是云原生的，受益于网络效应。连接到其平台的节点越多，通过用新病毒的进程签名训练人工智能模型，它就变得越安全。</blockquote> <img src=\"https://static.tigerbbs.com/0977994bb6cc4510cdb52337742c9734\" tg-width=\"1280\" tg-height=\"1024\" width=\"100%\" height=\"auto\"><blockquote></blockquote> CrowdStrike combines AI with its Indicator of Attack approach and scales it up in its cloud. The cloud helps train the virus-threat model from endless endpoints.<blockquote>CrowdStrike将人工智能与其攻击指标方法相结合，并在其云中进行扩展。云有助于从无尽的端点训练病毒威胁模型。</blockquote> Based on statements from CrowdStrike, none of its customers has yet experienced a breach while using its sensors, and CrowdStrike is confident enough in its NGAV that it provides a&nbsp;$1 million warranty&nbsp;if a breach happens.<blockquote>根据CrowdStrike的声明，其客户在使用其传感器时尚未遇到违规行为，CrowdStrike对其NGAV有足够的信心，如果发生违规行为，它将提供100万美元的保修。</blockquote> Competition<blockquote>竞争</blockquote> CrowdStrike's largest market is the endpoint protection platform - EPP. Within this segment, CrowdStrike is competing with many companies like Microsoft (MSFT), Trend Micro(OTCPK:TMICF)(OTCPK:TMICY), SentinelOne(NYSE:S), or McAfee(NASDAQ:MCFE).<blockquote>CrowdStrike最大的市场是终端保护平台——EPP。在这一领域，CrowdStrike正在与微软(MSFT)、趋势科技(OTCPK：TMICF)(OTCPK：TMICY)、SentinelOne(NYSE：S)或迈克菲(纳斯达克：MCFE)等许多公司竞争。</blockquote> <img src=\"https://static.tigerbbs.com/319e77e2cb361294371b4ff4d5074b91\" tg-width=\"570\" tg-height=\"592\" width=\"100%\" height=\"auto\">Source:Gartner Magic Quadrant for Endpoint Protection Platforms<blockquote>来源：Gartner终端保护平台魔力象限</blockquote> In terms of EPP, CrowdStrike is pretty much in a league of itself.<blockquote>就EPP而言，CrowdStrike几乎是独一无二的。</blockquote> The only negative 'real' negative with CrowdStrike is that they are very secretive about their detection logic. There is no way for IT personnel to look into the Falcon sensor and the logic behind it.<blockquote>CrowdStrike唯一的负面“真正”负面影响是他们对自己的检测逻辑非常保密。IT人员没有办法调查猎鹰传感器及其背后的逻辑。</blockquote> Other EPPs like TrendMicro or SentinelOne score highly in the quadrant but lack against CrowdStrike in scale and maturity.<blockquote>TrendMicro或SentinelOne等其他EPP在该象限中得分较高，但在规模和成熟度方面不如CrowdStrike。</blockquote> SentinelOne is one of CrowdStrike's closest competitors and&nbsp;boasts a much better&nbsp;technology than CrowdStrike. This is two-sided as CrowdStrike&nbsp;pushes back against SentinelOne, calling them 'outdated.'<blockquote>SentinelOne是CrowdStrike最接近的竞争对手之一，拥有比CrowdStrike好得多的技术。这是两面性的，CrowdStrike反击SentinelOne，称它们“过时”。</blockquote> SentinelOne is focused on a completely AI-driven security approach. Removing the human aspect from resolving breaches to a larger extent than CrowdStrike.<blockquote>SentinelOne专注于完全人工智能驱动的安全方法。在比CrowdStrike更大程度上消除了解决违规的人为因素。</blockquote> Nevertheless, the difference between the platforms is small.<blockquote>尽管如此，平台之间的差异很小。</blockquote> CrowdStrike is more mature than SentinelOne, and its offerings are more scalable SentinelOne's. CrowdStrike's platform is easier to use, deploy, and has a solid reputation (source1,source2,source3).<blockquote>CrowdStrike比SentinelOne更成熟，其产品也更具可扩展性。CrowdStrike的平台更易于使用、部署，并且拥有良好的声誉（source1、source2、source3）。</blockquote> IT personnel deciding on either one of these AVs wouldn't harm their company.<blockquote>IT人员决定使用这些AVs中的任何一种都不会损害他们的公司。</blockquote> Valuation<blockquote>估值</blockquote> CrowdStrike is expensive, no question about it. It's definitely not the value investment I usually cover, like&nbsp;KLAC,SWKS, or&nbsp;QRVO.<blockquote>毫无疑问，CrowdStrike很贵。这绝对不是我通常涵盖的价值投资，比如KLAC、SWKS或QRVO。</blockquote> <img src=\"https://static.tigerbbs.com/66028ec453a5dbfa0d874e98df65d499\" tg-width=\"635\" tg-height=\"433\" width=\"100%\" height=\"auto\">Data by YCharts<blockquote>数据来自YCharts</blockquote> CrowdStrike is trading at a 53 price to sales ratio and a forward EV to sales of 38. CrowdStrike is a fast-growing company in an expanding market.<blockquote>CrowdStrike的市销率为53，远期EV与销售额为38。CrowdStrike是一家在不断扩大的市场中快速增长的公司。</blockquote> <img src=\"https://static.tigerbbs.com/9e7a3f611dd2ebdec4bf08cf2aefd4ab\" tg-width=\"589\" tg-height=\"364\" width=\"100%\" height=\"auto\">Chart by author, Data from CrowdStrike Quarterly reports<blockquote>作者图表，数据来自CrowdStrike季度报告</blockquote> The scale and maturity of CrowdStrike are clearly visible as it's the first choice among the largest companies in the world. That translates into revenue growth and customer retention rates above 100%.<blockquote>CrowdStrike的规模和成熟度清晰可见，因为它是世界上最大公司的首选。这意味着收入增长和客户保留率超过100%。</blockquote> <img src=\"https://static.tigerbbs.com/bfd887db2b9e38910791e999d8696429\" tg-width=\"640\" tg-height=\"324\" width=\"100%\" height=\"auto\">Source: CrowdStrike Corporate OverviewPresentation<blockquote>资料来源：CrowdStrike公司概述演示文稿</blockquote> That means that CrowdStrike is not only acquiring more customers but that existing customers pay more for more of CrowdStrike's services. That's a really, really good situation for an as-a-Service company.<blockquote>这意味着CrowdStrike不仅获得了更多客户，而且现有客户为CrowdStrike的更多服务支付了更多费用。对于一家即服务公司来说，这是一个非常非常好的情况。</blockquote> CrowdStrike's TAM is expanding YoY from multiple sources like Cloud, IoT, home office.<blockquote>CrowdStrike的TAM正在从云、物联网、家庭办公室等多个来源同比扩张。</blockquote> <img src=\"https://static.tigerbbs.com/438ec1c32df8f3239a04a5f93775dc19\" tg-width=\"1280\" tg-height=\"720\" width=\"100%\" height=\"auto\">Source: CrowdStrike Corporate OverviewPresentation<blockquote>资料来源：CrowdStrike公司概述演示文稿</blockquote> I find CrowdStrike's own TAM projections rather conservative. Believing the statements from large research companies like Gartner or IDC, cybersecurity expenditures of companies are likely to increase significantly (source1,source2,source).<blockquote>我发现CrowdStrike自己的TAM预测相当保守。相信Gartner或IDC等大型研究公司的说法，公司的网络安全支出可能会大幅增加（source1、source2、source）。</blockquote> Gartner estimates the size of the cybersecurity market to be $150bn in 2021 with a 12.4% CAGR over the next 5 years. The breakdown is below.<blockquote>Gartner估计，2021年网络安全市场规模将达到1500亿美元，未来5年CAGR将达到12.4%。明细如下。</blockquote> <img src=\"https://static.tigerbbs.com/f2266da9e98fa9f2ed6c1f19135b2ebc\" tg-width=\"775\" tg-height=\"620\" width=\"100%\" height=\"auto\">Gartner ForecastWorldwide Security<blockquote>Gartner Forecast全球安全</blockquote> CrowdStrike is not only profiting from an expanding market, but it's also pulling customers from competitors within the antivirus market.<blockquote>CrowdStrike不仅从不断扩大的市场中获利，还从反病毒市场的竞争对手那里吸引了客户。</blockquote> More and more companies switch towards IoA next-gen antivirus companies.<blockquote>越来越多的公司转向IoA下一代防病毒公司。</blockquote> CrowdStrike is the top choice among its competitors.<blockquote>CrowdStrike是其竞争对手中的首选。</blockquote> Is the valuation justified?<blockquote>估值是否合理？</blockquote> Comparing CrowdStrike with other high-growth IT companies like SentinelOne, Cloudflare (NET), or ZScaler (ZS), we find CrowdStrike between those. CrowdStrike's Gross Margin is 74%, just below ZS's 77.5% and NET's 76.78%, and well above Sentinel's 55%.<blockquote>将CrowdStrike与SentinelOne、Cloudflare(NET)或ZScaler(ZS)等其他高增长IT公司进行比较，我们发现CrowdStrike介于两者之间。CrowdStrike的毛利率为74%，略低于ZS的77.5%和NET的76.78%，远高于Sentinel的55%。</blockquote> CrowdStrike has strong pricing power, which translates into the best GAAP net margins. CrowdStrike is the only company that operates profitably when looking at its non-GAAP numbers.<blockquote>CrowdStrike拥有强大的定价能力，这转化为最佳的GAAP净利润率。从非公认会计准则数据来看，CrowdStrike是唯一一家盈利的公司。</blockquote> SentinelOne has to push its prices down to remain competitive and balance the immaturity of its platform.<blockquote>SentinelOne必须压低价格以保持竞争力并平衡其平台的不成熟。</blockquote> CrowdStrike has the largest market cap with $53bn and boasts a sales growth of 77% against ZS's and NET's 54% and 52%. SentinelOne has a higher sales growth rate of 100% but only 1/10th of CrowdStrike's revenue.<blockquote>CrowdStrike的市值最大，为530亿美元，销售额增长了77%，而ZS和NET的销售额分别为54%和52%。SentinelOne的销售增长率更高，为100%，但仅为CrowdStrike收入的1/10。</blockquote> Investor's Takeaway<blockquote>投资者要点</blockquote> CrowdStrike is not just any antivirus company in a crowded cybersecurity market. It'sthecybersecurity company in the market.<blockquote>CrowdStrike不仅仅是拥挤的网络安全市场中的任何一家反病毒公司。这是the市场上的网络安全公司。</blockquote> CrowdStrike built a strong reputation with excellent reviews among IT experts, calling it the top-choice in cybersecurity. Gartner positions CrowdStrike above any other EPP in its magic quadrant.<blockquote>CrowdStrike在IT专家中建立了良好的声誉，好评如潮，称其为网络安全的首选。Gartner将CrowdStrike置于其魔力象限中的任何其他EPP之上。</blockquote> CrowdStrike is definitely not a value-play and requires conviction to buy and hold at these prices for the next 3-5 years.<blockquote>CrowdStrike绝对不是一种价值游戏，需要坚定信念才能在未来3-5年内以这些价格购买并持有。</blockquote> On the other hand, it wouldn't surprise me a bit if CrowdStrike can double, triple, or even quadruple its revenue over the next 3-5 years. As it's very common for high-growth companies, the share price is largely determined by the companies' sales growth in these early stages.<blockquote>另一方面，如果CrowdStrike能够在未来3-5年内将其收入增加一倍、三倍甚至四倍，我也不会感到一点惊讶。由于这对于高增长公司来说很常见，股价很大程度上取决于公司在早期阶段的销售增长。</blockquote> Many sources are depicting a high correlation between sales growth and share price increase.Aswath Damodarandiscussed this topic in detail for Amazon in 2000 in thispaper.<blockquote>许多消息来源都描述了销售增长和股价上涨之间的高度相关性。Aswath Damodaran在2000年的本文中为亚马逊详细讨论了这个主题。</blockquote> One of my Seeking Alpha colleagues,From Growth To Value, discussed this topic in his latest article aboutFiverr, including this chart.<blockquote>我的一位Seeking Alpha同事《从增长到价值》在他关于Fiverr的最新文章中讨论了这个话题，包括这张图表。</blockquote> BCG showed that valuation correlates the strongest with revenue growth in the long term, especially for high-growth companies.<blockquote>波士顿咨询公司表明，从长期来看，估值与收入增长的相关性最强，尤其是对于高增长公司。</blockquote> CrowdStrike will likely experience a multiples contraction, but its revenue expansion will more than outperform that contraction, providing investors with a return on their investment.<blockquote>CrowdStrike可能会经历倍数收缩，但其收入扩张将远远超过收缩，为投资者提供投资回报。</blockquote>","collect":0,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>CrowdStrike: Not Just Any Cybersecurity Company<blockquote>CrowdStrike：不是任何一家网络安全公司</blockquote></title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 12.5px; color: #7E829C; margin: 0;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nCrowdStrike: Not Just Any Cybersecurity Company<blockquote>CrowdStrike：不是任何一家网络安全公司</blockquote>\n</h2>\n<h4 class=\"meta\">\n\nSeeking Alpha2021-08-25 22:43\n\n</h4>\n</header>\n<article>\nSummary<blockquote>总结</blockquote> <ul> <li>Cybersecurity is one of the most important aspects in the digital world, gaining more and more significance with weekly new breaches.</li> <li>CrowdStrike says goodbye to reactive antivirus and offers only a pro-active Indicator of Attack Solution. I explain in detail what this means.</li> <li>CrowdStrike is the most mature new-gen cybersecurity company leaving its competition far behind in maturity and reputation in the new-age world.</li> <li>CrowdStrike is expensive, but investors can profit if they maintain a long-term view.</li> </ul> <img src=\"https://static.tigerbbs.com/7c6aec1f150eb5e8ada2bd309de812f8\" tg-width=\"768\" tg-height=\"480\" width=\"100%\" height=\"auto\">mdegrood/iStock via Getty Images<blockquote><ul><li>网络安全是数字世界中最重要的方面之一，随着每周新的违规事件的发生，网络安全变得越来越重要。</li><li>CrowdStrike告别了反应式防病毒，只提供了一个主动的攻击指标解决方案。我详细解释这意味着什么。</li><li>CrowdStrike是最成熟的新一代网络安全公司，在新时代世界的成熟度和声誉方面远远落后于其竞争对手。</li><li>CrowdStrike的成本很高，但如果投资者保持长期观点，他们可以获利。</li></ul>mdegrood/iStock来自Getty Images</blockquote> One of my readers asked me to take a deeper look into CrowdStrike (CRWD), and luckily I've been reading a lot about them lately.<blockquote>我的一位读者让我更深入地了解CrowdStrike（CRWD），幸运的是，我最近读了很多关于他们的书。</blockquote> Cybersecurity is one if not the most important aspects for IT departments these days. Every month or even week, we hear stories about hackers infecting companies.<blockquote>如今，网络安全即使不是IT部门最重要的方面，也是其中之一。每个月甚至每周，我们都会听到黑客感染公司的故事。</blockquote> Here is a list of the largest hacks of 2021 (with sources):<blockquote>以下是2021年最大的黑客攻击列表（附来源）：</blockquote> <ol> <li>Kia Motors- Hacked with Ransomware - Demand ~$20m</li> <li>CD Project- Hacked with Ransomware - Refuse to pay the ransom - financial damage due to workers inability to access internal documents and resources -&gt; High</li> <li>AXA- Hacked with Ransomware (after stopping to reimburse clients for ransomware attacks :D) - 3TB of data Stolen</li> <li>JBS Foods- Hacked with Ransomware - Hacker group REvil - JBS paid $11m in Bitcoin - Largest paid ransom to that date. Shutdown damage not included.</li> </ol> These are just a few of the hacks that happened in 2021. The list for 2021 is long and ongoing. YoY growth in monetary damage, meaning the amount of money paid by companies and individuals to receive access to their data, is extremely high.<blockquote><ol><li>起亚汽车-被勒索软件黑客攻击-需求约2000万美元</li><li>CD项目-被勒索软件黑客攻击-拒绝支付赎金-由于工人无法访问内部文档和资源而造成的财务损失-&gt;高</li><li>AXA–遭到勒索软件黑客攻击（在停止向客户赔偿勒索软件攻击后：D）–3TB数据被盗</li><li>JBS食品公司——被勒索软件黑客攻击——黑客组织REvil——JBS在比特币支付了1100万美元——这是迄今为止支付的最大一笔赎金。不包括停机损坏。</li></ol>这些只是2021年发生的几起黑客事件。2021年的名单很长，而且还在继续。金钱损失的同比增长，意味着公司和个人为访问其数据而支付的金额非常高。</blockquote> <img src=\"https://static.tigerbbs.com/70cbf321b3334784058a05e70fefbd8c\" tg-width=\"640\" tg-height=\"395\" width=\"100%\" height=\"auto\">Chart by author, Data fromStatista<blockquote>作者图表，数据来自Statista</blockquote> Monetary damage doesn't include the economic damage by not having access to data or data being leaked to other countries or competitors.<blockquote>金钱损失不包括因无法访问数据或数据泄露给其他国家或竞争对手而造成的经济损失。</blockquote> According to&nbsp;Cybersecurity Ventures, cybercrime is expected to induce $6 trillion in damage annually by 2021. There is a huge monetary incentive for hackers globally to continue with their ransom and malware attacks. The risk-reward balance tilts strongly towards the reward side for hackers.<blockquote>据Cybersecurity Ventures称，到2021年，网络犯罪预计每年将造成6万亿美元的损失。全球范围内的黑客有巨大的金钱动机继续他们的赎金和恶意软件攻击。风险回报的天平强烈倾向于黑客的回报。</blockquote> Thesis<blockquote>论文</blockquote> CrowdStrike provides security measures to stop a virus before initiating the processes required to infect the host computer and network.<blockquote>CrowdStrike提供安全措施，在启动感染主机和网络所需的进程之前阻止病毒。</blockquote> CrowdStrike's total addressable market - TAM - is expanding YoY with new product offerings, new breaches and hacks, home office expansion, IoT, and much more.<blockquote>CrowdStrike的总目标市场TAM正在逐年扩大，包括新产品供应、新的违规和黑客攻击、家庭办公室扩张、物联网等等。</blockquote> I'm bullish on CrowdStrike over the next 5 years as its next-generation antivirus (NGAV) technology is an effective way to stop viruses from breaching networks and companies' IT infrastructures. CrowdStrike has the first-mover advantage, a mature platform, and an excellent and strong reputation throughout the industry.<blockquote>我看好未来5年的CrowdStrike，因为其下一代防病毒(NGAV)技术是阻止病毒破坏网络和公司IT基础设施的有效方法。CrowdStrike拥有先发优势、成熟的平台以及在整个行业中出色而强大的声誉。</blockquote> CrowdStrike is cloud-native, which means that it is scalable, adaptable, and gains through a network effect. Each new node and potential breach within a node helps strengthen the network by sharing information about the virus, strengthening its first-mover advantage in the market.<blockquote>CrowdStrike是云原生的，这意味着它具有可扩展性、适应性，并通过网络效应获得收益。每个新节点和节点内的潜在漏洞都有助于通过共享有关病毒的信息来加强网络，从而增强其在市场上的先发优势。</blockquote> How does CrowdStrike work?<blockquote>CrowdStrike是如何工作的？</blockquote> When investing in a high-growth company, I make sure to understand how its offerings differentiate from existing technologies within the industry and why they solve their customers' problems better than their competitors.<blockquote>在投资一家高增长公司时，我会确保了解其产品与行业内现有技术的区别，以及为什么它们比竞争对手更好地解决客户的问题。</blockquote> First, we must understand the difference between the Indicator of Compromise - IoC - and the Indicator of Attack - IoA.<blockquote>首先，我们必须了解妥协指标IoC和攻击指标IoA之间的区别。</blockquote> An IoC is a post-infection indicator. That means that after a virus has been installed, the antivirus program scans files and documents for known virus signatures (like we do with the PCR tests and Covid-19) and then quarantines the files and deletes them.<blockquote>IoC是感染后指标。这意味着在安装病毒后，防病毒程序会扫描文件和文档中的已知病毒特征（就像我们对PCR测试和新冠肺炎所做的那样），然后隔离文件并删除它们。</blockquote> That's not what CrowdStrike specializes in.CrowdStrike focuses on IoA.<blockquote>这不是CrowdStrike的专长。CrowdStrike专注于IoA。</blockquote> IoA scans for suspicious processes that are started in the background by malicious files. Let's understand what this means.<blockquote>IoA扫描恶意文件在后台启动的可疑进程。让我们理解这意味着什么。</blockquote> There are many types of viruses - malware, ransomware, phishing, spear-phishing... There are also endless versions of these viruses. An antivirus program will have a hard time finding each new iteration because manipulating the virus in some sort changes the file's hash (signature of the virus), making it impossible for IoCs to find the virus. But all viruses have things in common.<blockquote>有许多类型的病毒——恶意软件、勒索软件、网络钓鱼、鱼叉式网络钓鱼...这些病毒也有无穷无尽的版本。反病毒程序将很难找到每个新的迭代，因为以某种方式操纵病毒会改变文件的散列（病毒的签名），使IOC无法找到病毒。但是所有的病毒都有共同点。</blockquote> <img src=\"https://static.tigerbbs.com/b00527a719e98d68b0657b9b2cea0901\" tg-width=\"612\" tg-height=\"184\" width=\"100%\" height=\"auto\">IoC vs. IoA - reactive vs. proactive - Source:CrowdStrike<blockquote>IoC与IoA–被动与主动–来源：CrowdStrike</blockquote> Any virus must execute processes, which results in patterns. The virus can change its face, color, size, but it must execute and run code in some distinguishable way. For example, many viruses alter Window registry keys, create new users, or start encryption processes on the host.<blockquote>任何病毒都必须执行进程，这就产生了模式。病毒可以改变它的外观、颜色和大小，但它必须以某种可区分的方式执行和运行代码。例如，许多病毒会更改Window注册表项、创建新用户或在主机上启动加密进程。</blockquote> CrowdStrike stops the virus in its tracks. Below is an example of how the Falcon Sensor executes.<blockquote>CrowdStrike阻止了病毒的传播。下面是Falcon传感器如何执行的示例。</blockquote> <img src=\"https://static.tigerbbs.com/e4d02bc55a2843c84cde9d9797acd2c3\" tg-width=\"640\" tg-height=\"399\" width=\"100%\" height=\"auto\">CrowdStrike Falcon in Action malware prevention based on behavior.YouTube<blockquote>CrowdStrike Falcon在行动中基于行为的恶意软件预防.YouTube</blockquote> The host, in this case, a virtual machine - VM - by CrowdStrike. The user clicked on a malicious file, and the virus begins to \"install\" itself. The Falcon sensor detects if something in the background is initiating processes that indicate suspicious activity and stops those processes from executing.<blockquote>在本例中，主机是CrowdStrike提供的虚拟机VM。用户点击了一个恶意文件，病毒开始“安装”自己。Falcon传感器检测后台是否有东西正在启动指示可疑活动的进程，并停止这些进程的执行。</blockquote> That's the distinguishing factor for CrowdStrike.<blockquote>这是CrowdStrike的与众不同之处。</blockquote> CrowdStrike's EPP is cloud-native and gains from the network effect. The more nodes connect to its platform, the more secure it becomes by training the AI model with process signatures of new viruses.<blockquote>CrowdStrike的EPP是云原生的，受益于网络效应。连接到其平台的节点越多，通过用新病毒的进程签名训练人工智能模型，它就变得越安全。</blockquote> <img src=\"https://static.tigerbbs.com/0977994bb6cc4510cdb52337742c9734\" tg-width=\"1280\" tg-height=\"1024\" width=\"100%\" height=\"auto\"><blockquote></blockquote> CrowdStrike combines AI with its Indicator of Attack approach and scales it up in its cloud. The cloud helps train the virus-threat model from endless endpoints.<blockquote>CrowdStrike将人工智能与其攻击指标方法相结合，并在其云中进行扩展。云有助于从无尽的端点训练病毒威胁模型。</blockquote> Based on statements from CrowdStrike, none of its customers has yet experienced a breach while using its sensors, and CrowdStrike is confident enough in its NGAV that it provides a&nbsp;$1 million warranty&nbsp;if a breach happens.<blockquote>根据CrowdStrike的声明，其客户在使用其传感器时尚未遇到违规行为，CrowdStrike对其NGAV有足够的信心，如果发生违规行为，它将提供100万美元的保修。</blockquote> Competition<blockquote>竞争</blockquote> CrowdStrike's largest market is the endpoint protection platform - EPP. Within this segment, CrowdStrike is competing with many companies like Microsoft (MSFT), Trend Micro(OTCPK:TMICF)(OTCPK:TMICY), SentinelOne(NYSE:S), or McAfee(NASDAQ:MCFE).<blockquote>CrowdStrike最大的市场是终端保护平台——EPP。在这一领域，CrowdStrike正在与微软(MSFT)、趋势科技(OTCPK：TMICF)(OTCPK：TMICY)、SentinelOne(NYSE：S)或迈克菲(纳斯达克：MCFE)等许多公司竞争。</blockquote> <img src=\"https://static.tigerbbs.com/319e77e2cb361294371b4ff4d5074b91\" tg-width=\"570\" tg-height=\"592\" width=\"100%\" height=\"auto\">Source:Gartner Magic Quadrant for Endpoint Protection Platforms<blockquote>来源：Gartner终端保护平台魔力象限</blockquote> In terms of EPP, CrowdStrike is pretty much in a league of itself.<blockquote>就EPP而言，CrowdStrike几乎是独一无二的。</blockquote> The only negative 'real' negative with CrowdStrike is that they are very secretive about their detection logic. There is no way for IT personnel to look into the Falcon sensor and the logic behind it.<blockquote>CrowdStrike唯一的负面“真正”负面影响是他们对自己的检测逻辑非常保密。IT人员没有办法调查猎鹰传感器及其背后的逻辑。</blockquote> Other EPPs like TrendMicro or SentinelOne score highly in the quadrant but lack against CrowdStrike in scale and maturity.<blockquote>TrendMicro或SentinelOne等其他EPP在该象限中得分较高，但在规模和成熟度方面不如CrowdStrike。</blockquote> SentinelOne is one of CrowdStrike's closest competitors and&nbsp;boasts a much better&nbsp;technology than CrowdStrike. This is two-sided as CrowdStrike&nbsp;pushes back against SentinelOne, calling them 'outdated.'<blockquote>SentinelOne是CrowdStrike最接近的竞争对手之一，拥有比CrowdStrike好得多的技术。这是两面性的，CrowdStrike反击SentinelOne，称它们“过时”。</blockquote> SentinelOne is focused on a completely AI-driven security approach. Removing the human aspect from resolving breaches to a larger extent than CrowdStrike.<blockquote>SentinelOne专注于完全人工智能驱动的安全方法。在比CrowdStrike更大程度上消除了解决违规的人为因素。</blockquote> Nevertheless, the difference between the platforms is small.<blockquote>尽管如此，平台之间的差异很小。</blockquote> CrowdStrike is more mature than SentinelOne, and its offerings are more scalable SentinelOne's. CrowdStrike's platform is easier to use, deploy, and has a solid reputation (source1,source2,source3).<blockquote>CrowdStrike比SentinelOne更成熟，其产品也更具可扩展性。CrowdStrike的平台更易于使用、部署，并且拥有良好的声誉（source1、source2、source3）。</blockquote> IT personnel deciding on either one of these AVs wouldn't harm their company.<blockquote>IT人员决定使用这些AVs中的任何一种都不会损害他们的公司。</blockquote> Valuation<blockquote>估值</blockquote> CrowdStrike is expensive, no question about it. It's definitely not the value investment I usually cover, like&nbsp;KLAC,SWKS, or&nbsp;QRVO.<blockquote>毫无疑问，CrowdStrike很贵。这绝对不是我通常涵盖的价值投资，比如KLAC、SWKS或QRVO。</blockquote> <img src=\"https://static.tigerbbs.com/66028ec453a5dbfa0d874e98df65d499\" tg-width=\"635\" tg-height=\"433\" width=\"100%\" height=\"auto\">Data by YCharts<blockquote>数据来自YCharts</blockquote> CrowdStrike is trading at a 53 price to sales ratio and a forward EV to sales of 38. CrowdStrike is a fast-growing company in an expanding market.<blockquote>CrowdStrike的市销率为53，远期EV与销售额为38。CrowdStrike是一家在不断扩大的市场中快速增长的公司。</blockquote> <img src=\"https://static.tigerbbs.com/9e7a3f611dd2ebdec4bf08cf2aefd4ab\" tg-width=\"589\" tg-height=\"364\" width=\"100%\" height=\"auto\">Chart by author, Data from CrowdStrike Quarterly reports<blockquote>作者图表，数据来自CrowdStrike季度报告</blockquote> The scale and maturity of CrowdStrike are clearly visible as it's the first choice among the largest companies in the world. That translates into revenue growth and customer retention rates above 100%.<blockquote>CrowdStrike的规模和成熟度清晰可见，因为它是世界上最大公司的首选。这意味着收入增长和客户保留率超过100%。</blockquote> <img src=\"https://static.tigerbbs.com/bfd887db2b9e38910791e999d8696429\" tg-width=\"640\" tg-height=\"324\" width=\"100%\" height=\"auto\">Source: CrowdStrike Corporate OverviewPresentation<blockquote>资料来源：CrowdStrike公司概述演示文稿</blockquote> That means that CrowdStrike is not only acquiring more customers but that existing customers pay more for more of CrowdStrike's services. That's a really, really good situation for an as-a-Service company.<blockquote>这意味着CrowdStrike不仅获得了更多客户，而且现有客户为CrowdStrike的更多服务支付了更多费用。对于一家即服务公司来说，这是一个非常非常好的情况。</blockquote> CrowdStrike's TAM is expanding YoY from multiple sources like Cloud, IoT, home office.<blockquote>CrowdStrike的TAM正在从云、物联网、家庭办公室等多个来源同比扩张。</blockquote> <img src=\"https://static.tigerbbs.com/438ec1c32df8f3239a04a5f93775dc19\" tg-width=\"1280\" tg-height=\"720\" width=\"100%\" height=\"auto\">Source: CrowdStrike Corporate OverviewPresentation<blockquote>资料来源：CrowdStrike公司概述演示文稿</blockquote> I find CrowdStrike's own TAM projections rather conservative. Believing the statements from large research companies like Gartner or IDC, cybersecurity expenditures of companies are likely to increase significantly (source1,source2,source).<blockquote>我发现CrowdStrike自己的TAM预测相当保守。相信Gartner或IDC等大型研究公司的说法，公司的网络安全支出可能会大幅增加（source1、source2、source）。</blockquote> Gartner estimates the size of the cybersecurity market to be $150bn in 2021 with a 12.4% CAGR over the next 5 years. The breakdown is below.<blockquote>Gartner估计，2021年网络安全市场规模将达到1500亿美元，未来5年CAGR将达到12.4%。明细如下。</blockquote> <img src=\"https://static.tigerbbs.com/f2266da9e98fa9f2ed6c1f19135b2ebc\" tg-width=\"775\" tg-height=\"620\" width=\"100%\" height=\"auto\">Gartner ForecastWorldwide Security<blockquote>Gartner Forecast全球安全</blockquote> CrowdStrike is not only profiting from an expanding market, but it's also pulling customers from competitors within the antivirus market.<blockquote>CrowdStrike不仅从不断扩大的市场中获利，还从反病毒市场的竞争对手那里吸引了客户。</blockquote> More and more companies switch towards IoA next-gen antivirus companies.<blockquote>越来越多的公司转向IoA下一代防病毒公司。</blockquote> CrowdStrike is the top choice among its competitors.<blockquote>CrowdStrike是其竞争对手中的首选。</blockquote> Is the valuation justified?<blockquote>估值是否合理？</blockquote> Comparing CrowdStrike with other high-growth IT companies like SentinelOne, Cloudflare (NET), or ZScaler (ZS), we find CrowdStrike between those. CrowdStrike's Gross Margin is 74%, just below ZS's 77.5% and NET's 76.78%, and well above Sentinel's 55%.<blockquote>将CrowdStrike与SentinelOne、Cloudflare(NET)或ZScaler(ZS)等其他高增长IT公司进行比较，我们发现CrowdStrike介于两者之间。CrowdStrike的毛利率为74%，略低于ZS的77.5%和NET的76.78%，远高于Sentinel的55%。</blockquote> CrowdStrike has strong pricing power, which translates into the best GAAP net margins. CrowdStrike is the only company that operates profitably when looking at its non-GAAP numbers.<blockquote>CrowdStrike拥有强大的定价能力，这转化为最佳的GAAP净利润率。从非公认会计准则数据来看，CrowdStrike是唯一一家盈利的公司。</blockquote> SentinelOne has to push its prices down to remain competitive and balance the immaturity of its platform.<blockquote>SentinelOne必须压低价格以保持竞争力并平衡其平台的不成熟。</blockquote> CrowdStrike has the largest market cap with $53bn and boasts a sales growth of 77% against ZS's and NET's 54% and 52%. SentinelOne has a higher sales growth rate of 100% but only 1/10th of CrowdStrike's revenue.<blockquote>CrowdStrike的市值最大，为530亿美元，销售额增长了77%，而ZS和NET的销售额分别为54%和52%。SentinelOne的销售增长率更高，为100%，但仅为CrowdStrike收入的1/10。</blockquote> Investor's Takeaway<blockquote>投资者要点</blockquote> CrowdStrike is not just any antivirus company in a crowded cybersecurity market. It'sthecybersecurity company in the market.<blockquote>CrowdStrike不仅仅是拥挤的网络安全市场中的任何一家反病毒公司。这是the市场上的网络安全公司。</blockquote> CrowdStrike built a strong reputation with excellent reviews among IT experts, calling it the top-choice in cybersecurity. Gartner positions CrowdStrike above any other EPP in its magic quadrant.<blockquote>CrowdStrike在IT专家中建立了良好的声誉，好评如潮，称其为网络安全的首选。Gartner将CrowdStrike置于其魔力象限中的任何其他EPP之上。</blockquote> CrowdStrike is definitely not a value-play and requires conviction to buy and hold at these prices for the next 3-5 years.<blockquote>CrowdStrike绝对不是一种价值游戏，需要坚定信念才能在未来3-5年内以这些价格购买并持有。</blockquote> On the other hand, it wouldn't surprise me a bit if CrowdStrike can double, triple, or even quadruple its revenue over the next 3-5 years. As it's very common for high-growth companies, the share price is largely determined by the companies' sales growth in these early stages.<blockquote>另一方面，如果CrowdStrike能够在未来3-5年内将其收入增加一倍、三倍甚至四倍，我也不会感到一点惊讶。由于这对于高增长公司来说很常见，股价很大程度上取决于公司在早期阶段的销售增长。</blockquote> Many sources are depicting a high correlation between sales growth and share price increase.Aswath Damodarandiscussed this topic in detail for Amazon in 2000 in thispaper.<blockquote>许多消息来源都描述了销售增长和股价上涨之间的高度相关性。Aswath Damodaran在2000年的本文中为亚马逊详细讨论了这个主题。</blockquote> One of my Seeking Alpha colleagues,From Growth To Value, discussed this topic in his latest article aboutFiverr, including this chart.<blockquote>我的一位Seeking Alpha同事《从增长到价值》在他关于Fiverr的最新文章中讨论了这个话题，包括这张图表。</blockquote> BCG showed that valuation correlates the strongest with revenue growth in the long term, especially for high-growth companies.<blockquote>波士顿咨询公司表明，从长期来看，估值与收入增长的相关性最强，尤其是对于高增长公司。</blockquote> CrowdStrike will likely experience a multiples contraction, but its revenue expansion will more than outperform that contraction, providing investors with a return on their investment.<blockquote>CrowdStrike可能会经历倍数收缩，但其收入扩张将远远超过收缩，为投资者提供投资回报。</blockquote>\n<div class=\"bt-text\">\n\n\n 来源：<a href=\"https://seekingalpha.com/article/4451592-crowdstrike-not-just-any-cybersecurity\">Seeking Alpha</a>\n为提升您的阅读体验，我们对本页面进行了排版优化\n\n\n</div>\n</article>\n</div>\n</body>\n</html>\n","type":0,"thumbnail":"","relate_stocks":{"CRWD":"CrowdStrike Holdings, Inc."},"source_url":"https://seekingalpha.com/article/4451592-crowdstrike-not-just-any-cybersecurity","is_english":true,"share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","article_id":"1148011558","content_text":"Summary\n\nCybersecurity is one of the most important aspects in the digital world, gaining more and more significance with weekly new breaches.\nCrowdStrike says goodbye to reactive antivirus and offers only a pro-active Indicator of Attack Solution. I explain in detail what this means.\nCrowdStrike is the most mature new-gen cybersecurity company leaving its competition far behind in maturity and reputation in the new-age world.\nCrowdStrike is expensive, but investors can profit if they maintain a long-term view.\n\nmdegrood/iStock via Getty Images\nOne of my readers asked me to take a deeper look into CrowdStrike (CRWD), and luckily I've been reading a lot about them lately.\nCybersecurity is one if not the most important aspects for IT departments these days. Every month or even week, we hear stories about hackers infecting companies.\nHere is a list of the largest hacks of 2021 (with sources):\n\nKia Motors- Hacked with Ransomware - Demand ~$20m\nCD Project- Hacked with Ransomware - Refuse to pay the ransom - financial damage due to workers inability to access internal documents and resources -> High\nAXA- Hacked with Ransomware (after stopping to reimburse clients for ransomware attacks :D) - 3TB of data Stolen\nJBS Foods- Hacked with Ransomware - Hacker group REvil - JBS paid $11m in Bitcoin - Largest paid ransom to that date. Shutdown damage not included.\n\nThese are just a few of the hacks that happened in 2021. The list for 2021 is long and ongoing. YoY growth in monetary damage, meaning the amount of money paid by companies and individuals to receive access to their data, is extremely high.\nChart by author, Data fromStatista\nMonetary damage doesn't include the economic damage by not having access to data or data being leaked to other countries or competitors.\nAccording to Cybersecurity Ventures, cybercrime is expected to induce $6 trillion in damage annually by 2021. There is a huge monetary incentive for hackers globally to continue with their ransom and malware attacks. The risk-reward balance tilts strongly towards the reward side for hackers.\nThesis\nCrowdStrike provides security measures to stop a virus before initiating the processes required to infect the host computer and network.\nCrowdStrike's total addressable market - TAM - is expanding YoY with new product offerings, new breaches and hacks, home office expansion, IoT, and much more.\nI'm bullish on CrowdStrike over the next 5 years as its next-generation antivirus (NGAV) technology is an effective way to stop viruses from breaching networks and companies' IT infrastructures. CrowdStrike has the first-mover advantage, a mature platform, and an excellent and strong reputation throughout the industry.\nCrowdStrike is cloud-native, which means that it is scalable, adaptable, and gains through a network effect. Each new node and potential breach within a node helps strengthen the network by sharing information about the virus, strengthening its first-mover advantage in the market.\nHow does CrowdStrike work?\nWhen investing in a high-growth company, I make sure to understand how its offerings differentiate from existing technologies within the industry and why they solve their customers' problems better than their competitors.\nFirst, we must understand the difference between the Indicator of Compromise - IoC - and the Indicator of Attack - IoA.\nAn IoC is a post-infection indicator. That means that after a virus has been installed, the antivirus program scans files and documents for known virus signatures (like we do with the PCR tests and Covid-19) and then quarantines the files and deletes them.\nThat's not what CrowdStrike specializes in.CrowdStrike focuses on IoA.\nIoA scans for suspicious processes that are started in the background by malicious files. Let's understand what this means.\nThere are many types of viruses - malware, ransomware, phishing, spear-phishing... There are also endless versions of these viruses. An antivirus program will have a hard time finding each new iteration because manipulating the virus in some sort changes the file's hash (signature of the virus), making it impossible for IoCs to find the virus. But all viruses have things in common.\nIoC vs. IoA - reactive vs. proactive - Source:CrowdStrike\nAny virus must execute processes, which results in patterns. The virus can change its face, color, size, but it must execute and run code in some distinguishable way. For example, many viruses alter Window registry keys, create new users, or start encryption processes on the host.\nCrowdStrike stops the virus in its tracks. Below is an example of how the Falcon Sensor executes.\nCrowdStrike Falcon in Action malware prevention based on behavior.YouTube\nThe host, in this case, a virtual machine - VM - by CrowdStrike. The user clicked on a malicious file, and the virus begins to \"install\" itself. The Falcon sensor detects if something in the background is initiating processes that indicate suspicious activity and stops those processes from executing.\nThat's the distinguishing factor for CrowdStrike.\nCrowdStrike's EPP is cloud-native and gains from the network effect. The more nodes connect to its platform, the more secure it becomes by training the AI model with process signatures of new viruses.\n\nCrowdStrike combines AI with its Indicator of Attack approach and scales it up in its cloud. The cloud helps train the virus-threat model from endless endpoints.\nBased on statements from CrowdStrike, none of its customers has yet experienced a breach while using its sensors, and CrowdStrike is confident enough in its NGAV that it provides a $1 million warranty if a breach happens.\nCompetition\nCrowdStrike's largest market is the endpoint protection platform - EPP. Within this segment, CrowdStrike is competing with many companies like Microsoft (MSFT), Trend Micro(OTCPK:TMICF)(OTCPK:TMICY), SentinelOne(NYSE:S), or McAfee(NASDAQ:MCFE).\nSource:Gartner Magic Quadrant for Endpoint Protection Platforms\nIn terms of EPP, CrowdStrike is pretty much in a league of itself.\nThe only negative 'real' negative with CrowdStrike is that they are very secretive about their detection logic. There is no way for IT personnel to look into the Falcon sensor and the logic behind it.\nOther EPPs like TrendMicro or SentinelOne score highly in the quadrant but lack against CrowdStrike in scale and maturity.\nSentinelOne is one of CrowdStrike's closest competitors and boasts a much better technology than CrowdStrike. This is two-sided as CrowdStrike pushes back against SentinelOne, calling them 'outdated.'\nSentinelOne is focused on a completely AI-driven security approach. Removing the human aspect from resolving breaches to a larger extent than CrowdStrike.\nNevertheless, the difference between the platforms is small.\nCrowdStrike is more mature than SentinelOne, and its offerings are more scalable SentinelOne's. CrowdStrike's platform is easier to use, deploy, and has a solid reputation (source1,source2,source3).\nIT personnel deciding on either one of these AVs wouldn't harm their company.\nValuation\nCrowdStrike is expensive, no question about it. It's definitely not the value investment I usually cover, like KLAC,SWKS, or QRVO.\nData by YCharts\nCrowdStrike is trading at a 53 price to sales ratio and a forward EV to sales of 38. CrowdStrike is a fast-growing company in an expanding market.\nChart by author, Data from CrowdStrike Quarterly reports\nThe scale and maturity of CrowdStrike are clearly visible as it's the first choice among the largest companies in the world. That translates into revenue growth and customer retention rates above 100%.\nSource: CrowdStrike Corporate OverviewPresentation\nThat means that CrowdStrike is not only acquiring more customers but that existing customers pay more for more of CrowdStrike's services. That's a really, really good situation for an as-a-Service company.\nCrowdStrike's TAM is expanding YoY from multiple sources like Cloud, IoT, home office.\nSource: CrowdStrike Corporate OverviewPresentation\nI find CrowdStrike's own TAM projections rather conservative. Believing the statements from large research companies like Gartner or IDC, cybersecurity expenditures of companies are likely to increase significantly (source1,source2,source).\nGartner estimates the size of the cybersecurity market to be $150bn in 2021 with a 12.4% CAGR over the next 5 years. The breakdown is below.\nGartner ForecastWorldwide Security\nCrowdStrike is not only profiting from an expanding market, but it's also pulling customers from competitors within the antivirus market.\nMore and more companies switch towards IoA next-gen antivirus companies.\nCrowdStrike is the top choice among its competitors.\nIs the valuation justified?\nComparing CrowdStrike with other high-growth IT companies like SentinelOne, Cloudflare (NET), or ZScaler (ZS), we find CrowdStrike between those. CrowdStrike's Gross Margin is 74%, just below ZS's 77.5% and NET's 76.78%, and well above Sentinel's 55%.\nCrowdStrike has strong pricing power, which translates into the best GAAP net margins. CrowdStrike is the only company that operates profitably when looking at its non-GAAP numbers.\nSentinelOne has to push its prices down to remain competitive and balance the immaturity of its platform.\nCrowdStrike has the largest market cap with $53bn and boasts a sales growth of 77% against ZS's and NET's 54% and 52%. SentinelOne has a higher sales growth rate of 100% but only 1/10th of CrowdStrike's revenue.\nInvestor's Takeaway\nCrowdStrike is not just any antivirus company in a crowded cybersecurity market. It'sthecybersecurity company in the market.\nCrowdStrike built a strong reputation with excellent reviews among IT experts, calling it the top-choice in cybersecurity. Gartner positions CrowdStrike above any other EPP in its magic quadrant.\nCrowdStrike is definitely not a value-play and requires conviction to buy and hold at these prices for the next 3-5 years.\nOn the other hand, it wouldn't surprise me a bit if CrowdStrike can double, triple, or even quadruple its revenue over the next 3-5 years. As it's very common for high-growth companies, the share price is largely determined by the companies' sales growth in these early stages.\nMany sources are depicting a high correlation between sales growth and share price increase.Aswath Damodarandiscussed this topic in detail for Amazon in 2000 in thispaper.\nOne of my Seeking Alpha colleagues,From Growth To Value, discussed this topic in his latest article aboutFiverr, including this chart.\nBCG showed that valuation correlates the strongest with revenue growth in the long term, especially for high-growth companies.\nCrowdStrike will likely experience a multiples contraction, but its revenue expansion will more than outperform that contraction, providing investors with a return on their investment.","news_type":1,"symbols_score_info":{"CRWD":0.9}},"isVote":1,"tweetType":1,"viewCount":932,"commentLimit":10,"likeStatus":false,"favoriteStatus":false,"reportStatus":false,"symbols":[],"verified":2,"subType":0,"readableState":1,"langContent":"EN","currentLanguage":"EN","warmUpFlag":false,"orderFlag":false,"shareable":true,"causeOfNotShareable":"","featuresForAnalytics":[],"commentAndTweetFlag":false,"andRepostAutoSelectedFlag":false,"upFlag":false,"length":3,"xxTargetLangEnum":"ORIG"},"commentList":[],"isCommentEnd":true,"isTiger":false,"isWeiXinMini":false,"url":"/m/post/837459822"}