Image source: The Motley Fool.
CrowdStrike (NASDAQ: CRWD)
Q4 2024 Earnings Call
Mar 05, 2024, 5:00 p.m. ET
Contents:
Prepared Remarks Questions and Answers Call Participants
Prepared Remarks:
Operator
Thank you for standing by, and welcome to CrowdStrike’s fourth quarter and fiscal year 2024earnings conference call At this time, all participants are in a listen-only mode. After the speaker presentation, there will be a question-and-answer session. [Operator instructions] I would now like to hand the call over to Maria Riley, vice president of investor relations.
Please go ahead.
Maria Riley — Vice President, Investor Relations
Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, president and chief executive officer and co-founder of CrowdStrike; and Burt Podbere, chief financial officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives, growth, including projections, and expected performance, including our outlook for the first quarter in fiscal year 2025 and any assumptions for fiscal periods beyond that, are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call.
While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements, whether as a result of new information, future events, or otherwise. Further information on these and other factors that could affect the company’s financial results is included in the filings we make with the SEC from time to time, including the section titled risk factors in the company’s quarterly and annual report. Additionally, unless otherwise stated, excluding revenue, all financial measures disclosed on this call will be non-GAAP.
Should you invest $1,000 in CrowdStrike right now?
Before you buy stock in CrowdStrike, consider this:
The Motley Fool Stock Advisor analyst team just identified what they believe are the 10 best stocks for investors to buy now… and CrowdStrike wasn’t one of them. The 10 stocks that made the cut could produce monster returns in the coming years.
Stock Advisor provides investors with an easy-to-follow blueprint for success, including guidance on building a portfolio, regular updates from analysts, and two new stock picks each month. The Stock Advisor service has more than tripled the return of S&P 500 since 2002*.
See the 10 stocks
*Stock Advisor returns as of February 26, 2024
A discussion of why we use non-GAAP financial measures in a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our earnings press release, which may be found on the investor relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. With that, I will now turn the call over to George.
George Kurtz — Co-Founder, President, and Chief Executive Officer
Thank you, Maria, and thank you all for joining us today. CrowdStrike delivered an exceptional fourth quarter that far exceeded our expectations. It was another quarter of records: record net new ARR of $282 million, continuing our acceleration trend, growing 27% year over year; record operating margin of 25%, up 10 percentage points year over year; record free cash flow reaching 33% of revenue; and a free cash flow rule of 66; record GAAP profitability; and record cloud identity and next-gen SIEM ending ARR of greater than $850 million, together more than doubling year over year. These results illustrate CrowdStrike’s substantial and widening competitive mode, exceptional business acceleration, and validated market leadership.
Building on my founding vision, CrowdStrike is the only single-platform, single-agent technology in cybersecurity that solves use cases well beyond endpoint protection. Falcon is the easiest and fastest cybersecurity technology to deploy. And our single AI-native platform makes vendor consolidation instant, frictionless, and natural. The feedback we receive from customers, prospects, and partners alike is consistent: eagerness to deploy the Falcon platform, ease of adopting more Falcon platform modules, and excitement from continuous innovation with new Falcon capabilities delivered weekly.
Leaving stitched-together point products and PowerPoint platforms behind, CrowdStrike customers realize the benefits of superior outcomes and lower TCO. A recent IDC report echoes this, showcasing $6 of return for every dollar invested in the Falcon platform. That is ROI. Free is never free.
Customers understand the difference between product pricing and the total lifetime cost of operating inferior technology. Given the Falcon platform’s ROI and TCO savings, we believe we will continue to see favorable pricing dynamics. I’m thrilled with our performance, which is a testament to the execution and passion from the very best team in cybersecurity. Unified by our focused mission, we stop breaches.
My gratitude to all CrowdStrikers on a job well done. Our execution and discipline across the business, coupled with overwhelmingly positive market feedback, gives me strong conviction in our fiscal year 2025 momentum, which Burt will cover in more detail. The current macro environment remains stable and consistent with prior quarters. We expect continued deal scrutiny throughout this coming year.
We remain focused on operational excellence while delivering market leading growth at scale, assisting organizations of all sizes to consolidate and improve their cybersecurity. In contrast to the macroeconomic backdrop, the state of the threat landscape has never been more elevated. In CrowdStrike’s recent 2024 Global Threat Report, we unpack the harsh realities of cyber today. Key findings include, first, attacks are faster than ever.
What took adversaries hours has shrunk to minutes and seconds. Attack speeds will only accelerate. Second, the cloud is increasingly under attack. We tracked a 75% increase in cloud intrusion attempts.
The cloud is today’s battleground for cyberattacks. And third, generative AI is an adversary force multiplier. Gen AI puts advanced cybercrime tradecraft in the hands of attackers of all skill levels. Gen AI will dramatically grow the adversary population.
The Global Threat Report showcases our threat intelligence leadership. We collect trillions of threat signals daily, creating one of the world’s largest and fastest-growing cyberthreat datasets. From day one, we’ve been an AI company, training the industry’s most effective and accurate AI models to prevent attacks based upon our data mode. Embedded in the Falcon platform is a virtuous data cycle where we collect cybersecurity’s very best threat intelligence data, build and train robust preventative and generative models, and protect CrowdStrike customers with community immunity.
Our team of data science PhDs operate this continuous and real-time process, constantly evolving Falcon’s AI foundation to predict adversary activity and stay ahead of threats. Our ever-growing data corpus and unique access to cyber’s freshest data at the source, alongside our technology and our human incident response, threat analysts, data science, and engineering expertise, together serve as a structural competitive advantage. Along with AI, cybersecurity is a top priority in my discussions with numerous boards. In today’s environment of heightened cyberattacks, the latest SEC breach disclosure regulation only increases the pressure on companies and their boards.
We regularly assist boards with regulation readiness by bringing cybersecurity from the backroom to the boardroom. This, alongside the severity of the threat landscape, makes effective cybersecurity an increasingly mission-critical necessity. That said, cybersecurity today is a frenetic vendor bizarre. Disjointed point feature copycat products clutter the market, attempting to band-aid symptoms instead of curing the illness.
OS vendors use their market position to create a monoculture of dependence and risk, and in many cases, serve as the breach originator. Even worse, multi-platform hardware vendors evangelize their stitched-together patchwork of point products, masquerading as thinly veiled piecemeal platforms. And what organizations inevitably realize is that vendor lock-in leads to deployment difficulties, skyrocketing costs, and subpar cybersecurity. The outcome is shelfware and sunk costs.
ELA and bundling addiction become the only way to coast customers into purchasing nonintegrated point products. It’s the organization trapped in these fragmented pseudo platforms, riddled with bolt-on point products, that are the ones suffering from fatigue. In stark juxtaposition, what CrowdStrike customers tell us is that when you build the right single data-centric AI platform, deliver the right frictionless native solutions, and architect the right go-to-market, organizations purchase because they need more, receive more, and understand how cybersecurity transformation saves them time and money. Our deal metrics validate this.
First, record deal volumes. In Q4, we closed more than 250 deals greater than 1 million in deal value, more than 490 deals greater than 500,000 in deal value, and more than 1,900 deals greater than 100,000 in deal value. Deal counts grew by more than 30% year over year across all deal segments. Second, record platform adoption.
Deals with eight or more modules more than doubled year over year. And lastly, continued rising win rates. In Q4, we saw steadily rising win rates across the board, validating our technological leadership over the competition. These results are driven by the following: the winning AI platform, the right solutions, and our frictionless go-to-market motion.
Let me begin with our winning AI platform. The secret to cybersecurity’s leading platform is our single platform has one console and one agent. It solves an ever expanding set of cybersecurity and IT use cases. Our single platform is open.
Our single platform is data-centric, AI native, and scalable, delivering immediate times of value. Key wins prove the value of the Falcon platform, which makes point product consolidation and vendor replacement a reality. A recent seven-figure win in a Fortune 1000 company highlights how our platform consolidates at scale. Falcon replaced an OS security vendor, a legacy AV vendor, and a next-gen vendor.
We eliminated multiple Microsoft consoles and multiple agents to a single console, single agent, and single platform of Falcon. Our platform approach organically inspires customers to deploy Falcon Cloud Security as their first CSPM, CIEM, and ASPM solution. An eight-figure multiyear win in a Fortune 100 business, where the Falcon platform displayed five different products, with recent breaches costing them hundreds of millions, it costs too much to keep using ineffective cybersecurity tools. They purchased EDR, next-gen AV, identity, file integrity monitoring, and vulnerability management, reducing the number of agents on their devices by approximately 50%.
What used to require five installs is now done with one. There are countless similar stories. Our platform approach makes landing with multiple solutions at once easy and adopting increasing capabilities over time in organic experience. We collect data once and reuse it many times for today’s and tomorrow’s use cases.
Our application of gen AI makes cybersecurity predictive and accessible for all skill levels. It’s all on one platform, one agent, and one integrated workflow. Next, delivering the right solutions. Our market-leading cloud security, identity protection, and next-gen SIEM solutions are in demand because they solve painful customer problems.
These businesses collectively are more than doubling year over year, each are IPO-able businesses, and each play lead roles in Falcon platform consolidation. I’d like to start with our breakout cloud security solution, where we are setting new records and winning at scale. Our cloud security momentum accelerated in the quarter, with net new ARR growing nearly 200% year over year. At more than $400 million in ending ARR, CrowdStrike is one of the largest cloud security businesses in the market and was recently positioned as a market leader in Forrester’s cloud security wave.
Here are a few recent cloud security wins. An eight-figure multi-year win in a hyper-growth AI company. This company’s endpoint footprint is in the low thousands. However, with its rapidly expanding cloud estate, this transaction marks our largest inside sales deal of all time.
Falcon Cloud Security protects their LLM development and cloud environment. This customer uses CrowdStrike for CFPM, CIEM, CWP, and ASPM. From the SMB to large enterprises, our sellers and partners win with Falcon Cloud Security. A leading hyperscaler grew its use of Falcon Cloud Security, praising our Linux capabilities.
This large eight-figure transaction takes us deeper into the account where we’re not only on every device but now across large parts of their cloud. The win extends CrowdStrike leadership in securing the world’s largest cloud. A global financial services giant replaced their Palo Alto Prisma Cloud products in a large seven-figure deal. The Palo Alto Cloud Security products required separate management consoles and separate agents because cloud security is on a separate Palo Alto platform altogether.
CrowdStrike was able to deliver an expected 70% time reduction in management, as well as more than 5 million in annual staffing cost savings. The patchwork of multi-product, multi-agent, multi-console, separate-platform technologies resulted in visibility gaps, asynchronous alerts, and overall fatigue managing cloud security. Falcon’s single platform, with its integrated cloud security components, was a win for the customer. Customers are starting to realize that CSPM doesn’t stop the breach.
It is a compliance and reporting tool. Cloud security has moved beyond CSPM. Customers are increasingly realizing that a holistic suite encompassing runtime protection is the only way to protect from active real-time threats. CrowdStrike built the first native single-agent and agent-less cloud security solution.
We’ve taken cloud security beyond CSPM to include CIEM for securing cloud identity; ASPM for locating, controlling, and securing cloud applications; CWP to stop malicious behavior and breaches; and now, we turn to securing the cloud data itself that flows in and out of the cloud. Turning our cloud security focus to data, we’re incredibly excited to announce our intended acquisition of Flow Security. Flow stood out as the most unique technology among a sea of early start-ups by delivering the industry’s first and only cloud data runtime security solution. Let me explain.
The majority of companies in cloud data security focus on two things: discovery and classification. Here’s where Flow stands apart: runtime data discovery and classification, data is analyzed pre- and post-decryption, enabling precise and instant results; real-time and continuous data visibility, a live view into data risk, not just at rest, but also in motion with LLM-powered adaptive policies; data leakage prevention, the ability to block data exfiltration, including the data exposed through gen AI services. Simply put, Flow is the industry’s first and only cloud data runtime security solution. But we’ll also enhance our native data protection module, which is off to a great start, already replacing legacy DLP products in Fortune 500 accounts.
Customer frustration with legacy DLP is at a fever pitch, similar to the days of legacy AV where outdated products overstayed their welcome. We will now be able to offer a cloud-centric, next-gen alternative, addressing a market currently shackled by ineffective legacy vendors estimated to be an $8 billion TAM in CY ’28. With Flow, we will have the most comprehensive data protection from code to application, to device to cloud, focused on stopping breaches. Next, let’s look at identity protection, which surpassed $300 million in ARR, more than doubling year over year.
Q4 was also a record quarter of net new identity customer ads, with 80% of attacks involving identity vectors. We’ve made identity protection standard fare for modern cybersecurity because it is already integrated into our single agent. Other vendors attempt to offer identity protection through nonintegrated afterthought features, or simply lack identity protection altogether. Our identity threat detection and response module remains the market’s only single-agent solution that stops lateral movement, protects credentials, and secures, where identities are actually born, active directory.
Wins from the quarter include a seven-figure deal with a mega cruise line using a next-gen product that can never be fully deployed. Upgrades and operations were a disaster. When I personally met with them, they were beyond frustrated with being the quality control test bed and tired of too many incidents that slipped past their current vendor. Our identity solution delivered in one, not two agents, sets the Falcon platform apart.
An eight-figure transaction with a major chip manufacturer added identity to their Falcon deployment. Trapped in a large Microsoft ELA, this organization realized Microsoft needed to bring in a start-up to augment its current offering. This piecemeal approach to identity protection created a massive burden of deploying another unproven agent. The customer saw the immediate value of Falcon identity.
Our single-agent and single-platform approach reduced their Microsoft dependency. Lastly, let’s discuss LogScale next-gen SIEM, an inflecting Falcon platform solution. We added record net new next-gen SIEM ARR in Q4, growing over 170% year over year. As of the end of Q4, our next-gen SIEM ending ARR is now greater than $150 million, selected by well over 1,000 customers.
Our next-gen SIEM is quickly emerging as the go-to Splunk alternative for all businesses looking to leave legacy SIEMs. Following M&A consolidation in the legacy SIEM market and mounting dissatisfaction with a slew of withering SIEMs, the market is hungry for better technology, lower TCO, and instant time-to-value. In LogScale next-gen SIEM, all CrowdStrike data is already resonant, saving the expense and time of data transfer. Customers are looking to standardize on the right cloud-native data-centric platform for actioning their data, where they’re manually searching, using automated AI-powered queries for trusting partners to manage their next-gen SIEM Falcon experience.
With pipeline already in the hundreds of millions, there’s overwhelming interest in LogScale next-gen SIEM. One of many noteworthy wins from the quarter was in partnership with Deloitte, which has a hyper-growth, LogScale next-gen SIEM practice. Together, we closed a seven-figure, multiyear next-gen SIEM deal with a large European manufacturer, displacing Splunk and Elastic, and beating out Azure Sentinel. This customer now has 16 Falcon platform modules deployed.
A major mobile computing company standardized a LogScale next-gen SIEM in a seven-figure multiyear deal, replacing a legacy SIEM. We competed against Palo Alto’s XSIAM. The customer was looking for an open architecture versus a closed vendor locked-in approach to cybersecurity. The complexity of having to deploy many different Palo Alto products and multiple agents made CrowdStrike an even easier choice.
Lastly, a Fortune 500 hospitality brand grew its relationship with us, again, displacing Splunk and Azure Sentinel in a seven-figure deal. In partnership with E&Y and their global LogScale next-gen SIEM practice, this customer grew their SIEM use cases by bringing in security and IP data more than before, retaining that data for years and benefiting from faster searches. LogScale next-gen SIEM was significantly faster than Azure Sentinel with a substantially lower total cost of operation, which helped drive this win. Our LogScale next-gen SIEM wins illustrate our sticky and growing data gravity within businesses of all sizes.
I can confidently say LogScale next-gen SIEM is one of the fastest-growing SIEM solutions on the market today. Our pace of innovation has never been faster. We’re incredibly excited to announce that Falcon for IT and Charlotte AI are generally available. As our customers look to solve increasingly complex IT challenges across their heterogeneous environments, Falcon for IT excitement is palpable.
Our customers are also excited about the gen AI productivity gains from Charlotte AI, where over 80% of our beta users believe they will save hours to days of work each week using Charlotte AI. The third and final driver of CrowdStrike’s growth at scale is our frictionless go-to market. I’m a big believer that customers don’t buy what they don’t need and should never be forced to do so. At Falcon, we announced FalconFlex, a flexible licensing model where we enable customers to use the products they want, when they want, over the course of a multiyear subscription term.
FalconFlex drives customer stickiness, enabling larger lands, and helping us expand with customers adopting more Falcon platform solutions faster. A recent noteworthy FalconFlex deal was a multimillion dollar transaction with a Fortune 500 technology company that leveraged FalconFlex to go all-in with Falcon, consolidating and displacing legacy IT Hygiene products, point cloud products, and legacy DLP products. The right platform, solutions, and go-to-market make us the partner ecosystem’s leading choice. Some partnership highlights include accelerating momentum with Dell.
Since announcing our Dell partnership last year, we’ve transacted more than $50 million of total deal value together with customers in every segment and geography. We’re in the early innings of where this partnership is going, and I’m thrilled with the momentum that we have with Dell as they standardize new offerings, such as their own MDR service on Falcon. Our MSSP business is growing by triple digits year over year, fueled by the right technology, strategy, and partners. MSSPs increasingly want the platform, not part of the platform, to power cybersecurity transformation.
MSSPs are bringing Falcon to tens of thousands of SMBs who lack the staff and time but still need the outcome of the industry’s best cybersecurity. Our AWS Marketplace business continues to accelerate at scale, surpassing $1 billion in sales. The AWS Marketplace continues to be one of the fastest-growing routes to market. A vast majority of our Marketplace business also transacts through resellers and SIs where we’ve unified partners and cloud marketplaces for ease, speed, and end customer value.
The Falcon platform is validated, tested, and certified. Industry analysts regularly recognize Falcon and our leadership. Here are two recent examples. First, the Gartner’s EPP Magic Quadrant.
Our placement speaks for itself. CrowdStrike’s positioning as highest in ability to execute and furthest to the right in completeness of vision in this year’s Magic Quadrant solidifies our unequivocal market leadership, ahead of Microsoft and every other vendor profile. Second, the Forrester Wave for cloud security placed CrowdStrike as one of only two leaders in the entire cloud security market, ranking highest for vision and innovation. In conclusion, CrowdStrike’s single-agent, single unified data-centric platform, and our mission to stop breaches set us apart.
Since starting the company, we brought cybersecurity to the cloud, we pioneered AI for cybersecurity, and we’ve quickly become the de-facto security platform that disrupts, displaces, and consolidates other vendors. I couldn’t be more excited about the year we completed, as well as our bright future. CrowdStrike’s contribution to cybersecurity goes beyond technology. It’s the power of the crowd.
We’re a cybersecurity community. When cybersecurity professionals apply for jobs, CrowdStrike certification is a required skillset. In the reseller and ISV ecosystem, CrowdStrike is at the top of the line card. In SOCs across every vertical and geography, CrowdStrike is the security operating system.
It’s CrowdStrike that’s on the screen. When talking about the threat landscape, CrowdStrike pioneered commercial threat intelligence that governments and companies of all sizes depend on. It’s CrowdStrike that delivers billions of new threat detections every month to stop the breach. It’s CrowdStrike that is the search bar of security, where analysts complete millions of XDR queries daily.
It’s CrowdStrike that created cybersecurity’s first dedicated gen AI stock assistant to make every user a power user. It’s CrowdStrike where more than half a million cybersecurity defenders log in every day to protect society by stopping breaches. The technology, the crowd, the mission, this is what makes CrowdStrike’s cybersecurity definitive platform. With that, I’ll turn the call over to Burt.
Burt Podbere — Chief Financial Officer
Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today, are non-GAAP. CrowdStrike delivered an exceptional fourth quarter and a record finish to the year, highlighting our outstanding execution, growing market leadership, and accelerating adoption of the Falcon platform. For the full fiscal year, we achieved 34% and 36% ending ARR and revenue growth, respectively, while delivering significant leverage on the bottom line.
Operating income grew 86% year over year to reach a record $660.3 million, or 22% of revenue. And net income attributable to CrowdStrike and EPS more than doubled to reach a record $751.8 million, or $3.09 per diluted share. Free cash flow grew 39% year over year to reach $938.2 million, or 31% of revenue, exceeding our target for the year. Additionally, we are very proud to have achieved the important milestone of GAAP profitability for the past four quarters and full fiscal year in less than five years following our IPO.
Our achievements in fiscal year 2024 represent another high watermark for CrowdStrike. Through our consistent focus on execution, we have efficiently scaled the business, growing ending ARR by over 10x from our IPO in fiscal year 2019, delivering significant operating leverage and growing our free cash flow margin profile to above 30%. We continue to aggressively invest in our innovation engine and flight the company to achieve its vision of reaching $10 billion in ARR over the next five to seven years. Moving to the specifics of the fourth quarter, we achieved record net new ARR of $282 million, up 27% off of last year’s record Q4, representing our second consecutive quarter of accelerating growth.
And we finished the quarter with $3.44 billion in ending ARR, up 34% over last year. Demand in the quarter was broad-based, and we have a record Q1 pipeline as we executed on our platform strategy, closed many large consolidation deals, and extended our leadership across the market from large enterprises to small businesses. While companies may be fatigued with other vendors, they have embraced CrowdStrike’s platform strategy and want to buy more of the Falcon platform. This is evidenced by, first, the number of deals with eight or more modules more than doubling year over year in Q4.
Second, subscription customers were five or more, six or more, and seven or more modules growing to 64%, 43%, and 27% of subscription customers, respectively. Third, the number of customers with greater than $1 million of ending ARR growing to more than 580. And finally, the growth of deals with total value exceeding $1 million accelerated to over 30% and reached an all-time record at over 250 in Q4. We finished the year with 29,000 subscription customers, which excludes smaller customers served through our MSSP partners.
We are landing bigger with new customers on average adopting 4.9 modules out of the gate, an increase over last year. Our gross retention rate remained high at 98%, and our dollar-based net retention rate was consistent with last quarter at 119%, which is slightly below our benchmark, as the mix of net new ARR from new customers has remained above our expectations and we continue to land bigger deals. For the interim FY ’24 quarters, net retention was 119% in Q3, 119% in Q2, and 122% in Q1. Looking into FY ’25, we expect our dollar-based net retention rate to fluctuate within plus or minus a few points of 120% as the business scales to even greater heights and customers continue to land bigger and with more modules.
Moving to the P&L, total revenue grew 33% over Q4 of last year to reach $845.3 million. Subscription revenue grew 33% over Q4 of last year to reach $795.9 million. Professional services revenue was $49.4 million, representing 26% year-over-year growth. The geographic mix of fourth quarter revenue consisted of approximately 68% from the U.S.; 16% from Europe, Middle East, and Africa; 10% from the Asia-Pacific region; and 6% from all other markets.
Total gross margin increased by 282 basis points year over year to reach 78%. And subscription gross margin was above 80% in the fourth quarter, an increase of 291 basis points over the prior year. Our strong gross margin performance was driven by our ability to command stable pricing, supported by the exceptional customer value delivered by the Falcon platform, as well as our continued investments in data center and workload optimization. Total non-GAAP operating expenses in the fourth quarter were $448.1 million, or 53% of revenue, compared to 60% of revenue in the prior year.
Our strategic investments in talent and innovation underpin our ability to scale the business and deliver profitable growth. In the fourth quarter, non-GAAP operating income grew 123% year over year to reach a record $213.1 million. And operating margin increased by 10 percentage points year over year to reach a record 25%. Non-GAAP net income attributable to CrowdStrike in Q4 grew to a record $236.2 million, or $0.95 on a diluted per share basis, each more than doubling year over year.
Our weighted average common shares used to calculate fourth quarter non-GAAP EPS attributable to CrowdStrike was on a diluted basis and totaled approximately 248 million shares. We ended the fourth quarter with a strong balance sheet. Cash and cash equivalents and short-term investments grew to a record $3.47 billion. Cash flow from operations was a record $347.0 million.
Free cash flow reached a record $283.0 million, or 33% of revenue, achieving a rule of 66 on a free cash flow basis. Before I move to our outlook, I’d like to provide a few modeling notes. First, we are encouraged by the momentum in the business, including larger deal sizes, increased win rates, and a record Q1 pipeline. However, we continue to maintain a consistent and prudent approach to our outlook amid a macro environment that remains challenging.
And therefore, the guidance we are providing today assumes a consistent, challenging macro back. Second, while we do not specifically guide to ending or net new ARR, given the incredible performance of Q4, I will share our current seasonality assumptions with respect to net new ARR in Q1, which calls for Q1 net new ARR year-over-year growth to be at least double digits up to the low teens. Third, given our strong momentum in the market, we are increasing our pace of hiring in FY ’25 as we continue to invest in our innovation engine and go-to-market functions to scale the business to $10 billion of ARR and beyond. As a result of increased hiring in the first half of the year, changes to the timing of our merit cycle and the timing of certain marketing programs, we expect operating leverage to be more weighted to the back half of FY ’25.
Next, we are raising our free cash flow target for FY ’25 from between 30% and 32% to between 31% and 33% of revenue. Our assumptions on interest, income, and expense, capex and cash outlay for taxes will be included after this call in our earnings presentation available on our investor relations website. Moving to our outlook. For the first quarter of FY ’25, we expect total revenue to be in the range of $902.2 to $905.8 million, reflecting a year-over-year growth rate of 30% to 31%.
We expect non-GAAP income from operations to be in the range of $188.1 to $190.8 million and non-GAAP net income attributable to CrowdStrike to be in the range of $220.4 to $223.1 million. We expect diluted non-GAAP net income per share attributable to CrowdStrike to be approximately $0.89 to $0.90, utilizing a weighted average share count of 248 million shares on a diluted basis. For the full fiscal year 2025, we currently expect total revenue to be in the range of $3,924.9 to $3,989.0 million, reflecting a growth rate of 28% to 31% over the prior fiscal year. Non-GAAP income from operations is expected to be between $863.6 and $913.0 million.
We expect fiscal 2025 non-GAAP net income attributable to CrowdStrike to be between $940.3 million and $989.7 million. Utilizing 250 million weighted average shares on a diluted basis, we expect non-GAAP net income per share attributable to CrowdStrike to be in the range of $3.77 to $3.97. George and I will now take your questions.
Questions & Answers:
Operator
[Operator instructions] Our first question comes from the line of Saket Kalia of Barclays. Your question please, Saket.
Saket Kalia — Barclays — Analyst
OK, great. Hey guys, thanks for taking my question here, and congrats to the team on a strong finish to the year.
George Kurtz — Co-Founder, President, and Chief Executive Officer
Thanks, Saket.
Saket Kalia — Barclays — Analyst
George — sure thing. George, maybe for you. I think the number that sticks out the most to me from the quarter is the $850 million in ARR from maybe what I’ll call platform products. So, the question is, can you just talk about the competitive landscape in a couple of those areas like cloud security and SIEM? I mean, definitely a rising tide in some of those markets, but also some good competitors.
What do you think is giving CrowdStrike a right to win in those markets?
George Kurtz — Co-Founder, President, and Chief Executive Officer
Well, thanks, Saket. Obviously, a key part of our success has been that all of the modules are platform, which is really key driver. And when I started the company, it was really about creating this data platform that allowed us to ingest data at scale and then create multiple use cases. And really, what you’re seeing is many, many years of hard work that allow us to solve use cases beyond just core endpoint protection.
So, when we think about cloud security, customers are really looking to rationalize the alphabet soup of cloud products that are out there. And they’re looking not only for posture management but runtime protection, and they want it all integrated into a data platform. So, I think given what we’ve done and some of the acquisitions, including now Flow, we are obviously a — well-positioned in that area and a lot of interest from our customers, and we’ve seen a lot of success. When we think about the SIEM market and maybe more importantly the legacy SIEM market, customers are just frustrated with the existing technologies, the cost structure around those.
And what they’re looking for really is a data platform like CrowdStrike and now LogScale natively integrated into the product. It’s a better way to give them the outcome they want, which is faster results, better overall outcomes, and a lower TCO. So, I think it’s this data concept that we’ve been talking about for many years that everyone now is starting to see the fruits of our labor and how we can solve use cases well beyond just endpoint protection. Burt?
Burt Podbere — Chief Financial Officer
Yeah, so I would agree, George. I think at the end of the day, for us, when we’re thinking about, you know, the different products that are in our portfolio, it’s really about the platform. We sell the platform, regardless of what are the products that are in the platform. They all kind of work off of each other.
And we’re just out there solving as many outcomes as we possibly can.
Saket Kalia — Barclays — Analyst
Great, thank you.
Operator
Thank you. Our next question comes from the line of Brian Essex of JPMorgan. Please go ahead, Brian.
Brian Essex — JPMorgan Chase and Company — Analyst
Great. Good afternoon. Thank you for the question — for taking the question, and great to see the strong results from the team. George, you articulated a few thoughts on consolidation and pricing in your prepared remarks.
But I wanted to ask a little more directly and maybe follow up to Saket’s question, both for you and Burt, you know, one of the other vendors in the space just talked about a strategy of platformization. So, maybe with that in context, how does this impact your go-to-market and pricing?
George Kurtz — Co-Founder, President, and Chief Executive Officer
Well, thanks, Brian. As you might imagine, I heard a lot about platformization over the last week. To me, it’s kind of a made-up fugazi term. But what I believe our competitors are talking about is bundling, discounting, and giving products away for free, which is nothing new in software and security software.
It’s been done for the last 30 years. So, when we think about what we’ve seen in the past with other competitors, we know free isn’t free. And what customers are saying is more consoles, more point products masquerading as platforms create fatigue in their environment. And one of the things, again, that we’ve been focused on is that single-agent architecture, single platform,single console that allows us to stop the breach, but more importantly, drive down the operational cost and supply many use cases — or solve many use cases that are out there.
So, I’ve been around the block for a bit. I’ve seen this movie of wrap-and-roll and bundling together with multiple products that were acquired. And, you know, last time I saw that I was at McAfee. So, I don’t know, Burt, you have anything to add to that?
Burt Podbere — Chief Financial Officer
Yeah. I think, George, look, at the end of the day, we sell on value. And we’ve never been a company that’s done deep discounting. We’ve never been a company that has increased our prices to get more ARR.
That’s not us. And at the end of the day for us, you know, we’re here to help customers get the greatest amount of outcomes at the lowest TCO. Period. And to George’s point, free is not free, and good is not good enough.
Brian Essex — JPMorgan Chase and Company — Analyst
Thanks, Burt.
Operator
Thank you. Our next question comes from the line of Rob Owens of Piper Sandler. Please go ahead, Rob.
Rob Owens — Piper Sandler — Analyst
Yeah, good afternoon, and thanks for taking my question. I was wondering if you could address the modest step-up in billings duration. After a year of compressing durations, your total billings outgrew your short-term billings. And it does appear that customers are committing for longer contracts.
I’m wondering if that’s a function of your consolidated platform or another dynamic in the market? Thanks.
Burt Podbere — Chief Financial Officer
So, hey, Rob, so I think it’s a couple of things. One, for sure it’s about the platform. But second, Q4 is, historically, we’ve seen a lot more of the multiyear deals. We also see more renewals in Q4 as well.
But billings in general, remember, it’s a noisy metric, right? It’s heavily influenced by duration and timing of deals within the given quarter. But — and having said that, at the end of the day we do manage the business to ARR. And that’s the one that we focus in on. Billings for us is just an aftermath.
You’re right, it was a strong billing quarter, but that that’s not really how we run the business
Operator
Thank you. Our next question comes from the line of Joel Fishbein of Truist. Please go ahead, Joel.
Joel Fishbein — Truist Securities — Analyst
Thank you, and congrats on the great execution as well. George, just a follow-up for you on the data market or the DLP market, and congrats on the acquisition of Flow. Just curious how that will be integrated. You didn’t really mention how big that is for you guys, but obviously, a very big market that is right for disruption.
And maybe talk about the competitive dynamics of that market as well.
George Kurtz — Co-Founder, President, and Chief Executive Officer
Sure, well, we’re excited about this because not only do we get the classification of data, but we also get the runtime protection in the cloud, so it’s a perfect fit for our data protection module. And again, what I talked about in prepared remarks was that there’s a lot of similarities to what I saw when I started the company in legacy AV to legacy DLP. I don’t even like the term DLP. We call it data protection because it’s really about how data flows and data in motion, not only in a company’s organization, but through all of their cloud and all of the applications.
So, I think it’s a perfect fit. We’re excited about the team. We’re excited about the technology. That will be integrated, of course, as part of our platform.
We spent a lot of time on that, making sure the customer’s got the right user experience. And, you know, we’ll get this acquisition closed out in the next couple of weeks, and then we’ll be heads down with the integration. But so far so good on our data protection module. We’ve got some wins there and a tremendous amount of interest in replacing the legacy DLP technologies.
Operator
Thank you. Our next question comes from the line of Andrew Nowinski of Wells Fargo. Your question, please, Andrew.
Andy Nowinski — Wells Fargo Securities — Analyst
Thank you for taking the question. It was just a really amazing quarter again, particularly in light of some of the noise that’s been in the market. So, I wanted to ask about the expanded partnerships with Dell that you announced today, and also about the, I think, the Pax8 partnership that you announced at your user conference last year. I guess, first, how did both partners contribute to results in the quarter relative to your expectations? And then, second, have you factored in a contribution from those partners into your FY ’25 outlook?
George Kurtz — Co-Founder, President, and Chief Executive Officer
Yeah, I’ll take the first part, and I’ll turn it over to Burt. So, we obviously are very excited about the Dell partnership. I’ll start with them. I talked about that earlier.
And really, we’re in the early innings. We’re winning deals, large enterprise all the way down to SMB, taking advantage of their reach and their go-to-market motion. So, still early days, and we’ve already put up some big numbers from that partnership. When we look at Pax8 and the like, again, it’s still early days, but we’ve seen tremendous success, particularly down market in the SMB.
And what customers are looking for, even the smaller customers are looking to solve big problems. They can’t be hit by ransomware. They can’t have an impact to their business. So, it’s a perfect model for us to get to those SMBs and, you know, it’s like I said, early days but tremendous results so far.
Burt?
Burt Podbere — Chief Financial Officer
Yeah. So, I think that we’re very excited about both the partnerships, both Dell and Pax8. They represent, you know, additional routes to market, but it’s still early days on both of them, as George had mentioned. But they’re one of many routes to market.
We do believe that they’re going to bring deals to us, and we’re excited to have them on board as partners.
Operator
Thank you. Our next question comes from the line of Tal Liani of Bank of America. Please go ahead, Tal.
Tal Liani — Bank of America Merrill Lynch — Analyst
Hi, guys. So, we had discussions this past few weeks about the pricing environment of the XDR market and the ability to offset this with add-on modules. And the question is, you touched on it, but I want to ask, do you feel the contribution of Microsoft and Cortex from Palo Alto and others, do you feel their impact on pricing of individual components of your package? And is there a story about price compression of each individual component offset by the bundle, or that you just don’t see the XDR pricing pressure that Palo Alto was talking about?
George Kurtz — Co-Founder, President, and Chief Executive Officer
Well, again, I mean, I can — I try to focus on what we’ve been able to do. And as the leader in the space, we’ve been solving problems for a long time. And when we look about — we look at the impact that ransomware and some of these very prominent breaches have had, you’re talking about hundreds of millions of dollars for companies. So, to buy a platform that has the capability to stop breaches is really what customers are looking at.
And when we think about sort of one-off modules or things of that nature, you know, for us, we’re looking at the total package and the solution of what we put together. And of course, it’s a competitive environment, but you have to have a competitive product, you have to have the right level of innovation, and you have to have the right go-to-market motion, which we talked about in some of the prepared remarks. So, it has been competitive. It will be competitive.
But at the end of the day, what we’re finding is that customers want the right outcome. And we’ve seen the free is not free, and we see that good enough is not good enough. And I think customers are smart enough to realize the difference between price and total cost. And that’s what we’ve been able to show with every dollar spent on CrowdStrike is a $6 return on their investment.
And, you know, we’re going to continue to deliver value and outcomes for customers.
Operator
Thank you. Our next question comes from the line of Alex Henderson of Needham. Please go ahead, Alex.
Alex Henderson — Needham and Company — Analyst
Great, thank you so much. So, first thing you ever said to me, George, was that you’re a platform, not an endpoint company. I think you’ve been proving it, you know, with high alacrity over the last year. With the conference coming in about platformization, it sounds like the response that you’re having here is that the companies that are trying to do that are really just offering bundles of products, but they’re not truly integrated.
Your platform is based on cloud-native microservices, API-driven. And I think if you were to talk to the degree to which you integrate any acquisition into that platform, it would be radically different than what we’re hearing or seeing from some of the other players. So, can you talk about why the microservice cloud-native architecture in a single platform integrated upfront is the way to go and how hard it is for companies that are trying to merge disparate packages into a platform that wasn’t designed as a platform from the get-go? Because I think, ultimately, that’s the key differentiator here. And I would think that with the acquisition of Flow, you’ll be able to integrate it much more rapidly because it’s API-driven, because it’s microservice-based.
Can you talk to that?
George Kurtz — Co-Founder, President, and Chief Executive Officer
Yeah, sure I can. Thanks, Alex. It’s a great question. And I do remember our early conversation, finally, and you’re absolutely right about being the platform for cybersecurity when I started the company.
So, when we think about architecture, architecture does matter. And really, what we’ve created is a very data-centric architecture that allows us to get data at scale into our platform, leverage our AI, and then create the outcomes. It’s that collect once, reuse many. We have a single platform.
Our competitors have many other platforms, as they call them. We have a single agent. Our competitors, you know, have five, six, seven, eight, eight, depending on the competitor. So, when we look at our architecture, it was really designed from the beginning to solve the problems of today and the future problems.
And the result of that is ease of use, the outcome that a customer is looking for, stopping breaches and lowering the cost, and future-proofing what they want. I’ve — in a prior life, you know, I’ve been involved in companies that acquired a lot of products. And I can tell you, it is near impossible to stitch all this stuff together, particularly at the agent level, unless you’re very diligent about it. And I can tell you from a CrowdStrike perspective, we’ve been very diligent about our acquisitions, as you’ve seen, and thoughtful on the pricing.
But also, what’s important to realize is that we’ve bought products, and we really haven’t sold some of them for the better part of 18 months because we wanted to focus on the integration, things like identity. And now we see the fruits of our labor. So, it’s this focused, long-term, diligent approach to our acquisitions, I think, that have helped us because we started with a very innovative cloud-native platform from the beginning.
Operator
Thank you. Our next question comes from the line of Roger Boyd of UBS. Please go ahead, Roger.
Roger Boyd — UBS — Analyst
Great. Thanks for taking the question. And again, congrats on a really strong end of the year. I wanted to talk about Charlotte.
The customers that we’ve spoken to that were part of that early access program sound pretty positive on both what the product can do today, as well as the pipeline and where it could go in the future. George, you said a couple of positive stats around automation. Any updated view on your ability to monetize the Charlotte product or the timeline to monetization from here? Thanks.
George Kurtz — Co-Founder, President, and Chief Executive Officer
Well, yeah, that is the goal. We already have paying customers in Charlotte, and we just released it. So, the good news for us, and I think the good news for our customers, is they see the value and they’re willing to pay for it. Obviously, you know, we’re in the early innings of this.
But the way we’ve architected it as a foundational component of our platform, it allows us to create expertise around different areas of the platform, as well as automation, leveraging the native automation capabilities that we have. So, our overall goal again is, how do you drive automation in a SOC? How do you modernize a SOC? And how do you take the collective wisdom of CrowdStrike and its years of knowledge in vast categories and bring that to bear for customers, big and small? And so far, we’ve gotten the response from customers where they understand the time savings and the value that it can bring. So, more to come on this. Obviously, we just [Inaudible] it over the last week or so.
But overall, I’m very encouraged by what we’re hearing and seeing from customers.
Operator
Thank you. Our next question comes from the line of Matt Hedberg of RBC. Please go ahead, Matt.
Matt Hedberg — RBC Capital Markets — Analyst
Great, thanks for taking my question. I’ll offer my congrats as well, guys. Burt, your ARR — your net new ARR commentary was helpful for Q1. I’m curious, this time last year, I believe you talked about flat net new ARR growth for fiscal ’24.
And obviously, I think you guys did about 6% this year. Any just sort of like directional guardrails you could give us from a full year perspective in terms of — you know, sort of what you’re thinking about from a net new perspective?
Burt Podbere — Chief Financial Officer
Hey, Matt. Thanks. So, with respect to ARR, obviously, we don’t guide to it, but we have talked about in the past where we’ve, you know, started the year in Q1 and built from there. And that’s kind of really all I can really comment on, on ARR.
You can kind of infer where we’re going with our guide. But at the end of the day, our guide, the methodology has remained consistent. And that’s how we think about it.
Matt Hedberg — RBC Capital Markets — Analyst
So, it sounds like Q1 — it sounds like your commentary on linearity, you’d expect Q1 to be sort of the low point for net new growth — or net new dollars per year?
Burt Podbere — Chief Financial Officer
Yeah, that would be accurate.
Matt Hedberg — RBC Capital Markets — Analyst
Excellent, thanks guys.
Operator
Thanks very much. Our next question — actually, pardon me, our last question comes from the line of John DiFucci of Guggenheim. Please go ahead, John.
John DiFucci — Guggenheim Partners — Analyst
Thanks. Thank you for taking my question. Listen, guys, as everybody said, these are really impressive results no matter how you look at it, but especially as compared to others out there. I’d like to ask another question about, you know, the past is, I know, George, you think that the past is the past.
It’s great. It’s great to see. But I’d like to ask another question about the future. I know Charlotte AI is the sexy new product.
It’s everybody, are you an AI winner or are you a loser? I mean — and we’ll see how that develops. But given your lightweight agent and all the data you collect or even could collect, it just seems that Falcon for IT could be a whole new world for you, which might make it harder, given it might, perhaps, be a different buyer but certainly worth it. I guess, how should we think about the development of this product going forward, given your — you know, I know it just was generally available, too, but I’m sure you’ve had early conversations with customers.
George Kurtz — Co-Founder, President, and Chief Executive Officer
Well, I’ve got to tell you that the customer excitement around Falcon for IT is off the charts when we talked about it at Falcon and now that it’s generally available. Customers are looking for a better solution in this area. And one of the things that we found is that the security team has been solving a lot of IT problems and challenges for IT for a long time. And we really needed to carve out a home for IT.
So, when you look at some of our competitors in that market, it’s — you know, obviously it’s a pretty big market. But having a single agent and the ability to actually solve IT problems, which many of our customers were doing already, is fantastic. So, again, early days, but the feedback and the interest is off the charts for Falcon for IT. And it goes to the heart of how we built the platform.
To collect data, it doesn’t have to be security data. It can be almost any data related to either our agent first-party data, or now third-party data we can ingest. And that solves many use cases beyond what we originally came to market with. So, I think the sky’s the limit there.
Operator
Thank you. I would now like to turn the conference back to George Kurtz for closing remarks. Sir?
George Kurtz — Co-Founder, President, and Chief Executive Officer
So, I want to thank all of you for your time today. We appreciate your interest and certainly look forward to seeing you at our upcoming investor events. Thank you so much.
Operator
This concludes today’s conference call. Thank you for participating. [Operator signoff]
Duration: 0 minutes
Call participants:
Maria Riley — Vice President, Investor Relations
George Kurtz — Co-Founder, President, and Chief Executive Officer
Burt Podbere — Chief Financial Officer
Saket Kalia — Barclays — Analyst
Brian Essex — JPMorgan Chase and Company — Analyst
Rob Owens — Piper Sandler — Analyst
Joel Fishbein — Truist Securities — Analyst
Andy Nowinski — Wells Fargo Securities — Analyst
Tal Liani — Bank of America Merrill Lynch — Analyst
Alex Henderson — Needham and Company — Analyst
Roger Boyd — UBS — Analyst
Matt Hedberg — RBC Capital Markets — Analyst
John DiFucci — Guggenheim Partners — Analyst
More CRWD analysis
All earnings call transcripts
This article is a transcript of this conference call produced for The Motley Fool. While we strive for our Foolish Best, there may be errors, omissions, or inaccuracies in this transcript. As with all our articles, The Motley Fool does not assume any responsibility for your use of this content, and we strongly encourage you to do your own research, including listening to the call yourself and reading the company’s SEC filings. Please see our Terms and Conditions for additional details, including our Obligatory Capitalized Disclaimers of Liability.
The Motley Fool has positions in and recommends CrowdStrike. The Motley Fool has a disclosure policy.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.
>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Nasdaq – https://www.nasdaq.com/articles/crowdstrike-crwd-q4-2024-earnings-call-transcript