CRWD - NASDAQ

Hello, and thank you for standing by. Welcome to CrowdStrike's Fiscal Third Quarter 2023 Results Conference Call. At this time, all participants are in a listen-only mode. After the speaker presentation, there will be a question-and-answer session. [Operator Instructions] It is now my pleasure to introduce Vice President of Investor Relations, Maria Riley.

Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, President and Chief Executive Officer and Co-Founder of CrowdStrike; and Burt Podbere, Chief Financial Officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives, growth and expected performance, including our outlook for the fourth quarter and fiscal year 2023 as well as any assumptions for fiscal periods beyond that, are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call. While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements whether as a result of new information, future events or otherwise. Further information on these and other factors that could affect the company's financial results is included in the filings we make with the SEC from time to time, including the section titled Risk Factors in the company's quarterly and annual reports. Additionally, unless otherwise stated, excluding revenue, all financial measures disclosed on this call will be non-GAAP. A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our earnings press release, which may be found on our Investor Relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. With that, I will now turn the call over to George to begin.

Thank you, Maria, and thank you all for joining us. Let me start with a summary of our results. In Q3, we delivered 53% revenue growth year-over-year, 15% non-GAAP operating margin and record non-GAAP net income, all of which were ahead of our guidance. Additionally, we achieved record free cash flow of $174 million, or approximately 30% of revenue. There are many positive trends we see in our business, including strong competitive win rates, consistent ASPs, exceptional retention rates and the mission-critical nature of cybersecurity. However, I would first like to address the increased macroeconomic headwinds we saw in the quarter, which caused Q3 net new ARR to come in below our expectations. As we discussed on our last earnings call, organizations were starting to respond to macroeconomic conditions by adding extra layers of required approvals and extending the time it took to close some deals. As Q3 progressed and fears of a recession grew, this dynamic became more pronounced. In our smaller, more transactional non-enterprise accounts, we saw customers increasingly delay purchasing decisions with average days to close lengthening by approximately 11% and net new ARR contribution decreasing $15 million from Q2. This also impacted our net new logo additions in the quarter, even though our quarter-over-quarter POV win rates increased meaningfully over more complex vendors that require more headcount to manage. While sales cycles lengthen, we believe the vast majority of these deals are not lost, just delayed. In the enterprise, sales cycles or average days to close remain consistent with last quarter's modestly higher level. In Q3, these larger customers continue to prioritize their CrowdStrike investments, but some also had to manage timing issues related to OpEx budgets and cash flow amidst the rapidly evolving macro. To achieve this, some customers signed contracts that have multi-phase subscription start dates, which pushes their expense and CrowdStrike's ARR recognition into future quarters. While every quarter, we have some deals with multiphase subscription start dates, in comparison to last quarter, in Q3, we saw approximately $10 million more ARR deferred into future quarters. We expect these macro headwinds to persist through Q4. Additionally, given the increased scrutiny on budgets, we're not going to expect a typical Q4 budget flush, leading us to adjust our Q4 net new ARR expectations, as Burt will discuss in more detail. But this caution does not deter our confidence in the long-term market position of CrowdStrike or the resiliency of the cybersecurity market. We see strong inherent demand for our products, and we entered Q4 with a record pipeline. Pipeline expansion is even more important in times of an evolving macro and elongated sales cycles. We are working to stay out in front of pipeline creation. With Jennifer Johnson, our recently appointed CMO, now with the marketing helm, we are realigning our marketing initiatives and increasing our focus on ramping more top-of-funnel initiatives and brand awareness to drive pipeline to even greater heights. We also gained significant leverage from our partner ecosystem, with partner-sourced ARR growing 55% year-over-year. There were many positives in this quarter highlighted by the record number of customers contributing at least $1 million in net new ARR in the quarter. Additionally, ending ARR for the $1 million-plus cohort surpassed the $1 billion milestone in Q3 with a 67% year-over-year growth rate. These larger customers are standardizing on Falcon, consolidating vendors and prioritizing expansion projects that represent sizable cross-sell and up-sell opportunity that are moving forward even under uncertain macro conditions. Marquee brands that are new to our $1 million-plus cohort included a Global 500 manufacturer that landed with 10 modules, providing unprecedented visibility and protection to all areas of their environment and allowing them to consolidate four agents and vendors with their initial deployment of Falcon. Two Global 500 financial institutions who chose Falcon for its ability to replace multiple legacy security products and bolster their security posture through a single agent, a Global 500 consumer goods manufacturer that is now leveraging Falcon Complete for a fully managed approach to protecting its critical infrastructure and a Fortune 500 luxury brand, leveraging Falcon to protect both its traditional end points and cloud workloads. In the third quarter, we also delivered strong results in the public sector, driven by a Falcon Complete LAN with one of the largest US federal agencies now standardizing on the Falcon platform and a strong quarter for our SLED business with the US state government standardizing on CrowdStrike in the quarter, as well as wins and expansion across multiple US state and local government agencies and educational institutions. To date, 40 US state governments are CrowdStrike customers, of which 21 in the District of Columbia have standardized on Falcon. Additionally, we secured a win with one of the largest federal systems integrators that will be using Falcon to protect its internal estate, as well as integrate it into its MSSP offering. Moving to our expansion and retention performance. Our dollar-based net retention rate was well above Q3 of last year and consistent with our Q2 performance, which was at the highest level in seven quarters. Our best-in-class gross retention rates remained at record levels above 98%. We are also seeing more customers standardizing the Falcon platform and adopt more modules. Q3 subscription customers with five or more -- six or more and seven or more modules were 60%, 36% and 21%, respectively. This represents a 55%, 66% and 81% year-over-year increase in these respective module adoption cohorts. It was another record quarter for our emerging product category, which includes our Discover, Spotlight, Identity Protection and LogScale modules. Our Identity Protection solutions are the largest contributor to ARR within the emerging category, and Q3 was another record quarter. Net new ARR for Identity Protection solution grew to a new all-time high, and the attach rate on net new logos continue to grow rapidly. With close to 80% of cyber attacks leveraging identity-based tactics to compromise legitimate credentials and use techniques like lateral movement to evade detection, Identity Protection is core to stopping breaches. Our Identity Protection capabilities are a game changer and shoring up active directory as well as stopping ransomware and lateral movement. To punctuate the value of our Identity Protection capabilities, I'd like to share a recent seven-figure expansion with a leading global brand. This customer has a very capable security team that spent years building a dedicated identity and access management team and implementing a Privileged Access Management solution, or PAM. Even with these efforts, shortly after turning on Falcon's Identity Protection in the POV, we identified several misconfigurations, including dozens of domain administrator accounts that were not being managed by their PAM solution, a multitude of accounts without password expirations, thousands of users with compromised passwords and a potential attack path from unprivileged accounts to privilege launch. With Falcon Identity, this customer is shutting down routes to illegitimate access and significantly hardening their defenses. Q3 also marked another record quarter for LogScale as we secured wins across multiple verticals, including financial services, insurance, technology, retail, energy and telecommunications. Notable wins included a statewide insurance provider in the US and previously mentioned new Global 500 financial institution, where Falcon LogScale has enabled both organizations to log more data, retain it longer and reduce the cost of their existing log solutions, resulting in better security and more visibility across their environments. During the quarter, we acquired external attack surface management, EASM vendor, Reposify, to help our customers identify and eliminate risk from vulnerable and unknown assets before an attacker can exploit it. The acquisition closed in early October, and we expect to launch our external attack surface management module this quarter, which will bring us to 23 modules available across the Falcon platform. On the public cloud front, we continue to build momentum with ending ARR for modules deployed in a public cloud setting growing over 100% year-over-year. Our CNAPP solution continues to gain industry recognition, including winning Best Cloud Security and CRN's 2022 Tech Innovators Awards. Falcon Complete continues to shine with net new ARR growing close to 20% quarter-over-quarter as customers embrace our extended lineup of complete services, including Identity Complete and Cloud Complete. Additionally, we launched Falcon Complete LogScale during Q3 and already secured several wins. In a more challenging economic environment, there is appeal for a solution like Falcon Complete that allows companies to decrease headcount or hold headcount stable. The significant advantages of CrowdStrike's Falcon Complete offering were showcased in the first MITRE ATT&CK evaluation for security service providers. Out of 16 participants evaluating, the Falcon platform's integration of industry-leading technology and human expertise enable us to deliver the highest coverage. This was MITRE's first closed door test, which means the participants did not have prior knowledge of the adversary, and retesting was not allowed. We believe this evaluation demonstrates why CrowdStrike is the clear leader in EDR and XDR, whether our capabilities are delivered as a fully managed service from CrowdStrike or through our network of MSSP partners or operated independently by our customers. The Falcon platform also won SE Labs EDR ransomware detection and protection test. This well-regarded third-party testing firm involved 270 ransomware variations and deep attack tactics. Falcon achieved 100% ransomware prevention with zero false positives. Let me repeat, zero false positives, which we believe reflects our superior AI and machine learning models and the data mode advantage we derive from our unique graph technology in Threat Graph. Falcon's exceptionally low false positive rate represents a tremendous operational win for our customers as it enables them to significantly increase their speed to triage, investigate and remediate a verified alert. Based upon our business value assessment and realized analysis, we estimate that, on average, enterprise customers observed a 68% increase in operational efficiencies with the Falcon platform, equating to an offset of approximately 3.5 full-time employees. We believe today's macro pressures on businesses and the escalating threat environment make Falcon's value proposition as a consolidator more important today than at any other time in CrowdStrike's history. In order to solve agent bloating complexity within the security and IT stack, while also protecting the business from cyber adversaries and reducing operating costs, companies need to consolidate on a truly integrated platform, not acquired technologies stitched together by an invoice. CrowdStrike Falcon continues to be the gold standard and the security platform of record. While the cybersecurity market is not immune to macro pressures, it is a mission-critical technology. The adversaries don't stop. As detailed in our latest threat hunting report, OverWatch observed a nearly 50% year-over-year increase in interactive intrusion campaigns. We believe cybersecurity investments is resilient and is prioritized, especially among the world's largest organizations as represented in our $1 million-plus customer cohort and best-in-class retention rates and module adoption rates. With the escalating threat environment, expanding attack surface and accessibility of the Falcon platform, it is our belief that we are still in the early innings of CrowdStrike's growth journey. We believe the early and rapid success of our identity protection solution best demonstrates our ability to leverage our unique and vast threat intelligence to create and dominate new and legacy markets. We intend to continue our disruptive innovation, expand our technology leadership and bring new modules to market. Even with these investments, we are responding to current macro conditions and plan to balance growth with profitability and free cash flow, as Burt will discuss in more detail. We remain steadfast in our vision to grow ending ARR in $5 billion by the end of fiscal year 2026 and reach our target operating model in fiscal year 2025. With that, I will turn the call over to Burt to discuss our financial results in more detail.

Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers, except revenue mentioned during my remarks today are non-GAAP. Before we get started, I will note that the results we are reporting today include the acquisition of Reposify, which was de minimis to revenue and ARR, contributing less than $1 million to Q3 ARR. In the quarter, ending ARR grew 54% year-over-year. Net new ARR grew 17% year-over-year to $198.1 million. Given the elongated sales cycles due to macro pressures in smaller non-enterprise accounts that George discussed, the composition of net new ARR in Q3 was weighted more heavily toward our $1 million-plus customer cohort with no outsized contribution from any one deal. Our dollar-based net retention rate was above our benchmark and consistent with Q2, maintaining the highest level since Q3 in fiscal 2021. Gross retention also maintained its record level, demonstrating our strong commitment to stopping the breach, delivering value to customers and restoring trust to the security posture of companies worldwide. As George mentioned, we are also seeing more customers standardize on the Falcon platform and adopt more modules. We believe these trends will create an enduring business opportunity for the years to come. Moving to the P&L. Total revenue grew 53% over Q3 of last year to reach $580.9 million. Subscription revenue grew 53% over Q3 of last year to reach $547.4 million. Professional services revenue was $33.5 million, setting a new record for the ninth consecutive quarter and representing 46% year-over-year growth. In terms of our geographic performance in Q3, we continue to see strong growth in the US at 46% and international revenue growth at 72% year-over-year. Third quarter total and subscription non-GAAP gross margins remained relatively consistent at 75% and 78%, respectively. Total non-GAAP operating expenses in the third quarter were approximately $348.6 million or 60% of revenue versus $239.0 million last year or 63% of revenue. In Q3, our Magic Number was 1.2, reflecting the continued efficiency of our go-to-market engine. We believe a Magic Number in excess of 1.0 indicates very favorable go-to-market efficiency and supports our current investment plan. As George mentioned, we are focusing marketing investments on specific initiatives with the goal to drive an even bigger pipeline in response to the macroeconomic environment, while at the same time maintaining our disciplined approach to unit economics. Third quarter non-GAAP operating income grew 77% year-over-year to reach a record $89.7 million, and operating margin improved by 2 percentage points year-over-year to reach 15%. Looking at the first nine months of fiscal year 2023. Non-GAAP operating income grew 125% year-over-year to reach $260.1 million and 16% of revenue. Non-GAAP net income attributable to CrowdStrike in Q3 also more than doubled over the prior year, growing to a record $96.1 million or $0.40 on a diluted per share basis. Our weighted average common shares used to calculate third quarter non-GAAP EPS attributed to CrowdStrike was on a diluted basis and totaled approximately 240 million shares. We ended the third quarter with a strong balance sheet. Cash and cash equivalents increased to approximately $2.47 billion and reflects the approximately $19 million payment net of cash acquired for the acquisition of Reposify. Cash flow from operations grew 53% year-over-year to a record $242.9 million. Free cash flow grew 41% year-over-year to a record $174.1 million or approximately 30% of revenue. Before I move to our guidance, I'd like to provide a few comments about how we view the ongoing impact of the current macro climate on our business. We are maintaining our revenue guidance for fiscal year 2023 while raising our bottom line guidance. As George mentioned, even though we entered Q3 with a record pipeline, we are expecting the elongated sales cycles due to macro concerns to continue, and we are not expecting to see the typical Q4 budget flush given the increased scrutiny on budgets. While we do not provide net new ARR guidance given the current macro uncertainty, we believe it is prudent to assume that Q4 net new ARR will be below Q3 by up to 10%. Looking into FY 2024, assuming an approximately 10% year-over-year headwind in the first half of the year on net new ARR, and for the full year, net new ARR would be roughly flat, to modestly up year-over-year. This would imply a low 30s ending ARR growth rate and a subscription revenue growth rate in the low to mid-30s for FY 2024. Similar to how we partnered with customers during the height of the COVID-19 pandemic, we are exercising more flexibility with new contract payment terms as organizations navigate macroeconomic conditions. We also expect more multiyear deals converting to one year renewals than in previous quarters. As a result, we expect free cash flow as a percent of revenue to be in the range of 28% and 30% for FY 2023. Throughout fiscal year 2023 to date, we have taken advantage of market dynamics and brought on superb talent in key functions at an accelerated pace. At the same time, employee retention rates have increased. As of the end of Q3, we have grown our team by 40% in FY 2023, putting us in a really good position to execute on our plan for next year. This allows us to shift our near-term focus to enablement and productivity, while significantly slowing the pace of new hires needed to execute our plans. Assuming the macro environment does not materially weaken from current levels, we see a path to free cash flow margin of 30% of revenue in FY 2024, and we plan to generate modest incremental non-GAAP operating margin leverage in FY 2024 as we continue to march toward our target operating model. For the fourth quarter of FY 2023, we expect total revenue to be in the range of $619.1 million to $628.2 million, reflecting a year-over-year growth rate of 44% to 46%, with subscription revenue being the dominant driver of growth. We expect non-GAAP income from operations to be in the range of $87.2 million to $93.7 million and non-GAAP net income attributable to CrowdStrike to be in the range of $109 million to $107.5 million. We expect diluted non-GAAP net income per share attributable to CrowdStrike to be in the range of $0.42 to $0.45, utilizing a weighted average share count of 241 million shares on a diluted basis. For the full fiscal year 2023, we currently expect total revenue to be in the range of $2,223.0 million to $2,232.0 million, reflecting a growth rate of 53% to 54% over the prior fiscal year. Non-GAAP income from operations is expected to be between $347.2 million and $353.8 million. We expect fiscal 2023 non-GAAP net income attributable to CrowdStrike to be between $357.6 million and $364.4 million. Utilizing 240 million weighted average shares on a diluted basis, we expect non-GAAP net income per share attributable to CrowdStrike to be in the range of $1.49 to $1.52. George and I will now take your questions.

Thank you. [Operator Instructions] And our first question comes from the line of Saket Kalia with Barclays.

Okay. Great. Hey, guys. Thanks for taking my questions here. A lot to unpack. George, maybe for you, I was wondering if you could dig just one level deeper into any competitive data that you've reviewed kind of looking back in the quarter. Do you feel like any big competitors here like Microsoft or perhaps even smaller next-gen competitors are having an impact? Burt, if I could squeeze a housekeeping question in as well. Clearly, ARR is the metric that you manage to. But maybe for everybody's benefit, can you also talk to how RPO and ARR growth might have different drivers?

Yes. Thanks, Saket. So again, if you look at what we've seen and what we've commented on, the inherent demand for our products remain strong. Obviously, there's an increase in the macro headwinds. We talked about some of the smaller customers having elongated sales cycles. We saw 11% increase in days to close. And those are delayed deals, not lost deals. And on the enterprise, again, we're seeing consistent win rates. They remain high. And in fact, in the smaller customers, we've actually seen them significantly improved quarter-over-quarter. So from our standpoint, and we look at this very closely, as you might imagine, the landscape remains favorable to us. I really don't see another true consolidator like Falcon. And customers are looking for technologies that reduce costs, reduce complexities, actually work and stop breaches, and that's what we're delivering. So again, when we look at the competitive landscape, it remains favorable to us. And as we pointed out, we saw increased macro headwinds, and that's what we talked about. So I'll turn it over to Burt.

Thanks, Saket. So first, big picture, when we think about CRPO, we think that as a noisy metric. And it's really not designed to match or correlate with ARR given the fact that ARR is a normalized annual number. And what do I mean by a noisy metric? Well, what I mean by that is there are several positive trends in our business that can create headwinds on duration relative to prior periods and not necessarily fully captured in CRPO. Some examples would include, for us, more one year deals compared to prior periods. In software, it's difficult for multiyear lands to renew as one year deals. And as renewals become a bigger portion of the business, which for us it is, this creates a headwind to CRPO. And given where we are with respect to our high gross retention rates, one year deals provide us the opportunity to expand within the customer to drive bigger bundles. Two, with the expansion and cross-sell sold co-terminus to existing contracts, these are often less than one year in duration. So our expansion business has been -- as our expansion business has been increasing, as evidenced by our net new retention rate, this would have pressure on our CRPO. And finally, on duration, we do have some usage-based deals. It could be MSSPs, the vast majority of MSSPs or uses based, and those are built monthly. And as MSSPs become a more rapidly growing part of our business, that's going to impact cRPO as well as noncommitted consumption billings in cloud. And then finally, just to comment on ARR. You pointed out that's how we run our business. ARR, though, is really an X-ray into the contracts themselves. And as we view that as the most important -- or most transparent metric into the outlook for our business, that's the one where we're focused on. So, hopefully, that gives some more clarity on how we think about cRPO and ARR.

Thank you. And our next question comes from the line of Rob Owens with Piper Sandler.

Good afternoon. Thanks for taking my question. Wondering if you guys could compare and contrast what you saw domestically versus internationally. And a little surprising to see international actually strengthen based on growth rates and the US fall off. So if you could provide a little clarity there, that'd be great. Thanks.

Hey, Rob, this is Burt. Thanks for the question. So, in general, we saw the macro hit all the geos. But as we think about our split between United States and internationally, obviously, the United States is the biggest portion overall of our business. So any impact to ARR will generally be driven from that sector.

Thank you. One moment, please. And our next question comes from the line of Sterling Auty with MoffettNathanson.

Yes. Hi, guys. And thank you for the extra commentary on macro and next year, in particular. My question is really, how do you think about those macro headwinds manifesting themselves in terms of net dollar retention or expansion rates versus the growth rate in new customers? Is one side going to be more particularly hit versus the other as it unfolds over the next several quarters?

Thanks, Sterling. So, for us, the good news is that we have a very healthy installed base. And we feel that we've got great opportunities in that traditional land-and-expand model. And we saw that in the ratios that we saw. Having said that, we still feel that there's a tremendous opportunity in new logos. We think that the opportunity for us to go and capture some of those new logos really has that -- goes to our model that we started and talked about since day one. So today, we still think about tremendous opportunity in the land-and-expand model, as evidenced by our dollar-based net retention rates, but also in terms of the net new logos that we have the opportunity to go capture. We talk about the TAMs that we've seen ever increasing from IDC and the fact that we've just been able to add new modules at a nice clip. We feel that we have a great opportunity to go after those new logos as well.

Thank you. And our next question comes from the line of Joel Fishbein with Truist.

Hi. Thanks for taking my question. George, you bought Reposify, external tax service management. A lot of customers were talking about it positively at the Analyst Day, or the user conference. Love to hear -- you said, this is going to be launched this year. Wanted to see if there's any initial indication of interest there. And how do you think that'll trail or attract in terms of demand?

Yes. We've seen tremendous interest since the acquisition. We announced that at Fal.Con. Customers are looking to understand their exposures externally. And as they move more and more to the cloud, a lot of their exposures are really configuration and policy-driven. So it's a fantastic add for us. It fits very nicely within our platform. It ties into what we're doing on the vulnerability management and risk side. And overall, we're really excited about it. And customers are not only looking at it for themselves, but also looking at it from a third-party risk perspective and leveraging it across their supply chain in terms of making sure that their suppliers are secure and not putting customers at risk. So, so far, very positive feedback and we're excited to get the product launched and bring it to market.

Thank you. And our next question comes from the line of Hamza Fodderwala with Morgan Stanley.

Hi. Good evening. Thanks for taking my question. George, a question for you. I think it's pretty clear that, the macro is going to impact pretty much every company, security not excluded from that. I'm curious how you're thinking about balancing sort of growth and profitability from here because on the one hand, clearly, growth has been slow for CrowdStrike and for everybody else. But on the other hand you've got this big market opportunity in front of you as an emerging consolidator in cybersecurity. Do you feel like this is a time to maybe continue to invest as maybe others are going to struggle more, they don't have that free cash flow generation that you do, or do you feel like this is a time to maybe show a little bit more leverage? Just curious, how you're thinking about that?

Well, great question, Hamza. And it's always been a balanced growth approach, and it's never been a growth at all costs. And I think we've shown that with our performance and track record. And we continue to play the long game. But if you put things into perspective, we're a Rule of 83 last quarter. I mean, you think about the growth and the cash flow generation at scale at $2 billion plus ARR is pretty remarkable. We actually see this as a great opportunity for CrowdStrike as we go forward as smaller competitors fall by the wayside, as private companies look for exits we think it's a very attractive opportunity for us with our balance sheet, almost $2.5 billion in cash. And at the end of the day, as these macro trends evolve, we see a great opportunity for us now into the future to continue to consolidate customers as well as other technologies that might fit within our platform. So that's the way we look at it, balanced investment and, again, a focus on making sure that we're delivering cash flow for our shareholders.

Thank you. And our next question comes from the line of Andrew Nowinski with Wells Fargo.

Great. Thank you for taking the question this afternoon. So total ARR of $2.3 billion, growing 54% is still absolutely amazing, I was – and it's at scale. But I was wondering, were you surprised that the net new logos that you added were down 9% this quarter?

Thanks, Andy. So when we think of the net new logos, it really corresponds to what we talked about in terms of what we saw in that SMB space. The SMB space is the one that drives the velocity of our net new logos. And as we talked about, we saw an 11% increase in our sales cycle in the SMB space. And that actually equated into $15 million in terms of deals in that space that could push out. And so when you think about 15 million in that space and what it means in terms of logos, where you can do the math, it's a pretty big number. So that's how we think about net new logos corresponding to what we saw in net new ARR from the SMB space. So from that perspective, we weren't surprised at the end of the day when we saw that what happened with respect to the increased sales cycles and the amount of money that got pushed out in the SMB space.

Thank you. And our next question comes from the line of Jonathan Ho with William Blair.

Jonathan, are you there? Operator, maybe we can move to the next question.

Certainly. And our next question comes from the line of Matt Hedberg with RBC Capital Markets.

Great. Thanks for taking my question. George, for you. You've obviously been running -- you've been in sort of the security industry for a long time. When you see macro headwinds like this pop up, are there things that you all can do from a sales perspective to accelerate cycles, like going at customers sooner than you'd normally do? Just anything tactically that you do in times like this? And has anything changed competitively in the assets kind of the smaller side of the business that you play in?

Sure. So let me take the latter question first. As I mentioned, we actually saw our win rates go up in the down-market SMB space. So I think we continue to do well there. And as Burt talked about, deals getting pushed out from that segment, we saw the impact of that. But when we think about what we can do and what we continue to focus on, obviously, execution is really important to us. And getting ahead of the lengthy sales cycles that you see like in the enterprise with all the various approvals and legal that you have to go through compliance, privacy, and it's just making sure that you have all of those checked off to try to fit the deals in the kind of a normal cycle that you would expect. And it just -- it takes more work and effort, and we continue to focus on full reviews of the pipeline and making sure that we're working with not only our internal sales teams, but also our partners in leveraging that vast partner network that we have. And that's been the focus. So again, as you pointed out, I've been through multiple sales cycles, economic cycles, if you will, in security. And as I said in an earlier question, I do think it's a great opportunity long-term as we push through the macro headwinds.

Thank you. And our next question comes from the line of Tal Liani with Bank of America.

Hi. I hope for better news today after the win in soccer, but it's okay. We'll take what you have. I want to ask about budgets. So we're working off 2022 budgets now, and we see lengthening sales cycle in the low end of the market. The question is as we go into 2023 and the new budgets are set, which is around January, what's the risk that we're going to see similar behavior or larger companies work off budgets and are less sensitive to kind of quarterly fluctuations? And if you don't mind, just to touch on, no one asked about pricing and about quarter linearity, which are two important trends? Thanks.

Yes. Sure. I'll take the first part of that. When we think about budgets, again, all the feedback that we've seen is that budgets are not in the enterprise getting cut. There's so many mandates around security. And just as customers move to the cloud, what they are looking to do, though, is optimize that spend and consolidate. So they may not be spending as much money with a whole bunch of vendors, and they're looking to consolidate with companies like CrowdStrike. We spent a lot of time on selling the value. And when we think about this, and we talked about this in the past, Tal, is the consolidation of agents. It's a huge pain point for customers, the complexity of the cost. So all the conversations that I'm having with CEO, all the way down, has been around how do we help consolidate the cost, because they're going to spend the money, they'd rather spend it with fewer vendors, and how do they get a better outcome. And that's, I think, where CrowdStrike shines. And in some cases, that may take a little extra work, because we're upsizing some deals, and we've got to go through more approvals and go through more of the value selling. But again, that's what we're focused on. So, obviously, we'll monitor the environment and see if there's any changes. But in all the conversations that I've had, security remains still top of mind and top of budget for enterprise customers.

I'll take the second part, Tal. So, first, on pricing, what I can comment on is that a couple of things. So one is, we see that discounting is consistent with Q2. We didn't see any change there. There were no additional escalations, to George and I, for outsized discounting on deals. Number two is, we've seen ASPs be consistent. So -- and that drives the point home about just our overall platform play and our ability to sell value. And I think that enterprise sales cycles increased a bit in Q2, and Q3 was consistent with that level. So I think that, when you think about linearity, to the second part of your question, I think that's how I think about that. We did talk about on -- for pricing anyway. When we do talk about net new ARR, I did talk about in the prepared remarks about how we think about up to 10% headwinds going into Q4 from Q3, and that's just to coincide with some of the headwind activity that we saw accelerated at the end of this quarter. So that's how we think about that.

Thank you. And our next question comes from the line of John DiFucci with Guggenheim.

Thanks for taking my question. You said in the prepared remarks -- you talked about large customers pursuing multiphase subscriptions. Just maybe if we can dig into that a little bit. How long do you expect that ramp period to be? And do you have commitments for the ramp parts of the deal or just verbal intentions?

Thanks, John. So I'll take the second part first. So we do have commitments from those deals. They're signed deals. Just that when we think about structure, we have this phase start date with respect to the subscriptions. So that's how we think about those multiphase deals. And then, I think that, when we think about those multiphase deals and the patterns that we've seen, I think that we're going to see something consistent with what we've seen in Q3. I think that more of those larger enterprise deals, they're going to sign those deals. They're going to look at their budgets. So they're going to look at their OpEx, and they're going to say, okay, well, this makes sense if we turn it on at this point, which could be a date post the quarter end. But the deals then -- I think the most important part about your question is that, the deals are locked in, and that's what we saw in Q3, and we anticipate that in Q4.

Thank you. And our next question comes from the line of Brad

Well, great. Thank you so much for fitting me in, guys. Burt, your comment saying that you expect no budget flush this Q4 is like telling a kid Santa Claus isn't coming for Christmas. And I think you guys are the only ones explicitly saying this, and I'm guessing it's because you're being more prudent and maybe more transparent than others. But I'm also wondering how much of it is pipeline versus conversion rate assumptions that inform your perspective. And I guess, maybe asked a little bit differently, how is your forecast methodology adapting to the environment and the assumptions that you're inputting into it in Q4? Thanks.

Yeah. So really, I want to attack that question from the standpoint of – it starts from the fact that, we did see record pipeline again going into the quarter. So I think it goes back to what we've seen this quarter both on the SMB and in the enterprise space. I think we're going to see the consistent themes that the macro is driving. I think we're going to see the SMB space. We're going to see deals continue to be pushed out. And on the enterprise, we're going to see more multiphase deals. So that's how I think about the quarter. And I guess the one thing that I want to add is that it is important that we are continuing to drive top of the funnel. And we've got a lot of programs that are focused in on that, and it's just going to be one of those things that we have to just overcome the macro.

Thank you. And our next question comes from the line of Fatima Boolani with Citi.

Good afternoon. Thank you for taking my questions. Burt, to your prepared commentary around some of the flexibility that you're introducing with respect to contract negotiations, particularly on the invoicing front, wondering if you can share a little bit more detail with respect to how some of those engagements are becoming more flexible and sort of the implications on collections activity. I can appreciate you shared preliminary fiscal 2024 guidance with us on a number of those fronts, but just to get a little bit more detail as to how some of these changes in business activity behavior from customers is influencing how you're doing negotiations? And on a related matter, as the business does become more and more renewal, does some of the leverage in the model start coming from maybe changed incentives to your sales team around renewal business maybe getting a lower threshold of quota payment versus net new business, which is clearly becoming a little bit more challenging to do in this environment? Thank you.

Fatima, good questions. So I'll take them both. So with respect to structure, there are two things that come to mind. One is obviously on the enterprise deals and the phased subscription start dates that will obviously impact billings and cash. The second one is flexibility on when those payments become due. So we're working with our customers to meet their budgets, to meet their time lines, and we've been flexible with respect to that. And of course, that will have an impact on cash as well. But overall, I still see – because of our business model and our strong business model and consistent Visma hasn't changed. I think that we've got this great opportunity to be comfortable in terms of what I talked about on the prepared remarks. And from a cash flow standpoint, we see a path to 30% free cash flow margin next year. And I think that just goes back to the strength of the model and the fact that we've got this business that is really durable. And with respect to how I see the big picture, I think that the things that we're doing with respect to structure really talks to the partnering with respect to our customers. And that was well appreciated well back in the – when the pandemic forfeit. It's being appreciated now in a macro with the headwinds that we all have. So, we think we're still very excited about the opportunity to be able to partner with our customers. And then second, with respect to how we think about compensating our sales team and in light of our renewal business becoming larger and larger, I think that the good news there is that when you think about renewal business, the actual cost that it is to continue to generate net new ARR from an existing client is definitely lower than to go out -- with respect to going out and getting a new logo. So I think there is some leverage to that. So that's why I think that we're in a really good spot with respect to me talking about leverage for next year. But thanks for the question.

Thank you. And our next question comes from the line of Alex Henderson with Needham & Company.

Great. Thanks. I was hoping if we could talk a little bit about the cloud segment of the market not necessarily in terms of your rate of growth per se, but rather what you're seeing in terms of company's willingness to accelerate or decelerate their progression to the cloud workloads. And within that context, what kind of share do you think you're picking up, or are you gaining share in that -- in those workloads that are moving? Thanks.

Yes. Thanks. Obviously, customers are going to flex what they put in the cloud, and sort of the cloud growth is what it is in terms of the macro cloud growth. In terms of what we see in our cloud workload protection, we continue to win in those areas. We win because we've got a combination of both workload protection as well as cloud security posture management and a full suite of protection capabilities. And we have more and more customers that continue to leverage our technologies as they migrate to the cloud. So they're still migrating to the cloud. They're leveraging our technologies as it's all integrated. And in terms of our cloud workload protection across the board, it's certainly been very, very strong. So that's what we've seen in our business. And obviously, there's a broader cloud theme in the environment, and customers are going to choose when and how they migrate. But we are there for them, and we continue to win in those environments.

Thank you. And our next question comes from the line of comes from the line of Roger Boyd with UBS.

Great. Thanks for taking my questions. Burt, just to follow-up on multi-phase subscription start dates. I just want to unpack the behavior there a little bit. It sounds like it's mostly a cash flow consideration by customers, but are there any other factors driving this behavior, whether it's resource constraints, timing of road maps or just practice more care on aligning the end and then start dates of third-party solutions being consolidated on the Falcon platform? And just a follow-up. I think you mentioned that these are confirmed deals. So I just want to make sure that that is showing up. Those deals are showing up in RPO. Thanks.

Yes. Thanks, Roger. So to answer your -- the first part of your question, so I think the biggest driver is that OpEx. They're looking at starting those subscription dates at staggered times, what makes sense for them. They've got to align their resources on their end and making sure that they have the right folks looking at it. And I think for us, the good news is that those deals are confirmed. They are locked in. We signed the deal. Some might be deployed now, some might be later. And they will be in the RPO calculations. Thanks for the question.

Thank you. And our next question comes from the line of Joe Gallo with Jefferies.

Hey, guys. Really appreciate the question. George, appreciate your comments on F 3Q and 4Q macro. Based on your conversations with customers, what is their view on 2023 cyber budgets as they start to think about them? Are they expecting near-term alleviation with a quick Band-Aid rip-off, or is this more of a long-term new normal that we might see for the next year or so?

Well, as I mentioned earlier, we haven't seen any customers come back and say, hey, our budgets are cut next year. We just haven't seen it. And as I mentioned, they're looking to consolidate. They're obviously looking to deploy those resources wisely and do it with fewer vendors and get better outcomes. So, again, that's an area where I think we have tremendous strength. But nothing in my conversations -- and as you might imagine, I talked to a lot of customers all over the globe and prospects. Nothing has come back that said they're spending less on security next year. They're deploying to the cloud. They're adding capabilities. There is a whole slew of compliance requirements that are coming in around the globe that will drive additional spend. And, again, they want to do it in a way that they get the most bang for their buck in a consolidated fashion. And that's exactly what we've seen, and we haven't seen anything to deviate from that.

Thank you. And that concludes our question-and-answer session. I would now like to turn the call back over to George Kurtz for any closing remarks.

I wanted to thank all of you today for your time, and we certainly appreciate your interest and look forward to seeing you at our upcoming investor events. Thank you, and have a great day.