CRWD - NASDAQ

Hello, and welcome to CrowdStrike Holdings, Inc.'s fourth quarter and fifth fiscal year 2025 financial results conference call. At this time, all participants are in a listen-only mode. After the speaker's presentation, we will conduct a question and answer session. Please be advised that today's conference is being recorded. I would now like to hand the call over to Maria Riley, Vice President of Investor Relations. Maria, please go ahead.

Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, Chief Executive Officer and Founder of CrowdStrike Holdings, Inc., and Burt Podbere, Chief Financial Officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives, growth, including projections, and expected performance, including our outlook for the first quarter and fiscal year 2026, and any assumptions for fiscal periods beyond that, are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call. While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements, whether as a result of new information, future events, or otherwise. Further information on these and other factors that could affect the company's financial results is included in the filings we make with the SEC from time to time, including the section titled "Risk Factors" in the company's quarterly and annual reports. Additionally, unless otherwise stated, excluding revenue, all financial measures disclosed on this call will be non-GAAP. A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our earnings press release, which may be found on our investor relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. With that, I will now turn the call over to George.

Thank you, Maria, and thank you all for joining us today for our Q4 2025 earnings call. I'm extremely proud of the engagement we've had with customers, partners, and prospects in the market, navigating a year that tested CrowdStrike Holdings, Inc. Q4 showcases the fruits of our labors, giving me strong conviction in our AI-native single platform, excellent execution, and accelerating market opportunity. Q4 and FY 2025 highlights include Q4 net new ARR of $224 million, well ahead of our expectations, closing FY 2025 at $4.24 billion in ending ARR. FY 2025 ending ARR for cloud security, identity protection, and next-gen SIEM of over $1.3 billion, growing nearly 50% year over year. Gross dollar retention of 97% as customers remain firmly committed to the Falcon platform. Q4 free cash flow of $240 million, and for the full year, we delivered free cash flow of $1.07 billion, or 27% of revenue, setting a new record and for the first time exceeding $1 billion in annual free cash flow. CrowdStrike Holdings, Inc. is the first cybersecurity ISV to cross $1 billion in deal value on AWS Marketplace in a single calendar year, setting a new standard for ecosystem execution. And record and accelerating FY 2025 total contract value of $6 billion, the first and only pure-play software cybersecurity company reported to achieve this metric, which increased 40% year on year, showcasing the scale and commitment of customers' long-term cybersecurity consolidation on the Falcon platform. Everyone loves a comeback story, and that's exactly what we've started experiencing in Q4 as we've closed out the year. The results tell our story. One, we've never been closer to our customers and partners with market-leading customer satisfaction levels. Two, we're playing best-in-class defense as well as offense with our Falcon Flex subscription model, and three, our innovation engine hasn't missed a beat. The Falcon platform has never been more market competitive, whether that's winning new logos or third-party analyst research. We find ourselves placed at the epicenter of a rapidly evolving demand environment. A new administration, a new wave of technology, and a new threat landscape necessitate all businesses to evolve their cybersecurity programs. Consolidation, cost reduction, and automation are now the accepted enterprise and federal priorities. These priorities are accelerating the shift from ineffective, narrow, or duplicative point products. I'd like to share AI-specific trends on the broader demand environment and how these trends relate to CrowdStrike Holdings, Inc. First, AI experimentation is just starting to evolve into AI outcomes. Second, we're in the midst of a rapidly accelerating geopolitical AI arms race. And third, winning the AI war requires the very best data and a battle-tested innovation engine. Commenting on the shift from AI experimentation to AI outcomes, we're still in the early but rapidly evolving innings of the AI revolution. Businesses and governments across the globe are looking for their AI investment to yield both improved efficiencies and novel outputs. At CrowdStrike Holdings, Inc., we're requiring every team and function to leverage the power of AI. We expect these investments to play critical top and bottom line roles on our path to $10 billion in ARR. In the broader market, businesses are equally grappling with how to secure their environments in this AI age. Here's my take on what this means. First, more AI everywhere needs more data, more access, and more processes, services, and products requiring cybersecurity. The locales of AI adoption are either in cloud workloads, data centers, or even on edge devices, all of which we are market leaders in securing with AI-native technology that stops the breach. Second, more access to more third-party and in-house agentic applications and services requires rethinking identity and data protection. Who is accessing data and where is it traveling matters more now than ever before. And third, securing AI starts a broader enterprise data discussion. I'm seeing CISOs, CIOs, and CEOs going to the drawing board to reinvent their technology stack with AI-powered platforms of record for their next decade and beyond. And for security, it's even more pressing. For our customers, Falcon has quickly become their AI-native SOC. Charlotte, our generative AI security analyst, is a SOC analyst's best friend and already driving tangible AI outcomes. Charlotte AI detection triage accelerates SOC operations and threat response times. Across more than 100 Q4 Charlotte AI deals, customers are seeing outcomes, sharing feedback like what we've received from a European financial services firm, which stated Charlotte AI has been very useful for us. It's done summarization of activity on host and users in 10 to 15 seconds, which would have taken us 20 to 30 minutes to do manually. Returning to my second point on the geopolitical AI arms race, our threat intelligence practice sees nation-state cybercraft proliferation at all-time new highs. A new wave of nationalism and threat actors is creating adversary stockpiling akin to the Cold War era. In our recently released annual global threat report, we exposed China nexus adversaries escalating state-sponsored cyber operations by 150% with targeted attacks in financial services, media, manufacturing, and industrial sectors soaring up to 300%. And with tools such as deep seek making AI access easier and cheaper, the pace and prevalence of adversarial AI adoption is only accelerating. It is in this intensifying threat landscape that CrowdStrike Holdings, Inc. and our threat intelligence expertise shine. Q4 was our largest threat intelligence quarter in company history. Governments and enterprises increasingly turn to CrowdStrike Holdings, Inc., especially in a competitive environment where M&A activity has subsumed many existing threat intelligence vendors. We're the market's leading threat intelligence authority, discovering and naming the adversaries to unite cyber defenders and stopping them. The democratization of destruction AI in the hands of more adversaries intensifies the market need for CrowdStrike Holdings, Inc. And lastly, my third point, CrowdStrike Holdings, Inc. is manufacturing the instruments to win the AI war. We have the innovation engine and the security data to fuel it. Finally, in this AI-fueled demand environment, the point product vendors and those that have failed to deliver open and native single platforms increasingly fall short. CrowdStrike Holdings, Inc. is cybersecurity's AI-native SOC. Our greatest asset is our role as the creator of cybersecurity's richest data. We've curated this dataset with millions of Falcon Complete analyst annotations, making threat data contextualized and actionable. No one else has this. Our data is liquid gold for creating new, agentic models for continuously improving protection. Falcon is purpose-built to win the AI war with market-leading protection. As the first call for organizations large and small to stop the breach, we see where others fall short. We saw an uptick in incident response engagements in Q4. Thematically, these organizations were using a next-gen EDR vendor's technology, where we saw one of our strongest competitive displacement quarters, a logistics software vendor, a national packaging and marketing firm, and a security software provider, to name a few. Falcon's efficacy and rapid ease of deployment is why CrowdStrike Holdings, Inc. is the first call to stop the breach. We've also innovated in devising the most effective model for customers to adopt the Falcon platform, Falcon Flex. Falcon Flex is a subscription model that enables customers to adopt the modules they want across their subscription term. This model deeply resonates with prospects and customers as well as our ecosystem partners. Following the summer's incident, we worked with impacted customers to offer them customer commitment packages, CCPs, largely in the form of additional product and Falcon Flex subscriptions. The CCP program was a Falcon Flex accelerant. In Q3, we shared accounts that adopted the Falcon Flex model representing more than $1.3 billion of total deal value. In Q4 alone, we added over $1 billion of total account flex deal value, with accounts that adopted Falcon Flex soaring to $2.5 billion in total deal value, growing 80% quarter over quarter and growing more than 10 times year over year. Our ability to close Falcon Flex deals at size and scale shows customers' long-term commitment to CrowdStrike Holdings, Inc. and was a key contributor to our TCV acceleration. This commitment is supported by action, deploying more Falcon modules and consolidating on the platform. With more than 60% of Falcon Flex deal value already deployed by customers to date, we are pleased with the deployment stats. Falcon Flex is a game changer, accelerating module adoption and making it easier and faster than ever to consolidate on Falcon. With the summer now several quarters behind us, we're ending our customer commitment package program. The CCP program was an excellent proactive measure, which not only built our relationship with impacted customers but also resulted in significant platform adoption. This uptake gives me confidence in our second half net new ARR reacceleration as products are deployed, one-time discounts drop off, and contracts are upsized and renewed. And one of the biggest beneficiaries of Falcon Flex is the accelerated adoption of our rapidly emerging platform solutions. In the past, we've discussed three core solutions: cloud, identity, and NextGen SIEM. This quarter, I'd also like to provide an update on our exposure management business, which is displacing legacy vulnerability management products and has swiftly become a meaningful contributor to the business with line of sight to $300 million in ARR. Starting with cloud, our cloud security business delivered a strong Q4, growing more than 45% with ending ARR more than $600 million. The cloud is central to the AI revolution, providing the core infrastructure to enable enterprises to harness the power of AI across their businesses. Cloud security has never been more important. We're seeing two core trends emerge in the cloud security market. First, the core mechanism for protecting the cloud is runtime protection, where CrowdStrike Holdings, Inc. is uniquely positioned to deliver the best and most comprehensive workload protection in the industry. We are the cloud runtime security vendor. While others are trying to catch up, CrowdStrike Holdings, Inc. has delivered frictionless CWP for years, battle-tested to stop cloud breaches. And second, the market for cloud security is rapidly consolidating, with customers looking for an integrated end-to-end platform where the sum of the parts is greater than the individual pieces. This is the promise on which Falcon Cloud Security delivers. By securing the entirety of the AI infrastructure, CrowdStrike Holdings, Inc. is enabling enterprises to harness the power of AI securely. A key win in the quarter was an eight-figure Falcon Flex transaction for a major global financial services holding company, where we displaced a network security vendor's multi-platform cloud offering. CrowdStrike Financial Services made it even easier to go all in with Falcon, committing to a large multiyear deal. Too many consoles got in the way of seamless SOC operations. Falcon Cloud Security was far easier to manage in a single console and provided all the right security controls to stop cloud breaches. Moving on to our identity business, which grew to more than $370 million in ending ARR. Our identity business continues to benefit from several key trends, including the rapidly growing identity attack surface. In addition, our vision for the recently acquired Adaptive Shield business, now called Falcon Shield, secures identities everywhere, whether on-premises, in SaaS applications, or within hyperscale or infrastructure. A key identity win was a large state university hospital system that consolidated on Falcon in a seven-figure deal. The CISO secured independent budget for Falcon because of the operational superiority of our identity protection module. Specifically, this university had enough of a competitor's identity protection bolt-on product that produced too many false positives. Moving on to our next-gen SIEM business, which grew more than 115% year over year, finishing the year at more than $330 million in ending ARR. Next-gen SIEM is rapidly breaking out as a foundational cornerstone of the integrated Falcon platform, offering unmatched speed, scalability, and cost efficiency compared to legacy SIEMs. We believe the coupling of next-gen SIEM alongside our native first-party data and the agentic power of Charlotte AI gives CrowdStrike Holdings, Inc. a unique advantage to continue leading the AI security revolution. This is why CrowdStrike Holdings, Inc. is uniquely delivering the AI SOC of the future today. A key seven-figure next-gen SIEM win from the quarter was a major US airline, which also ranks as one of the top global airlines by passengers carried. This airline selected CrowdStrike Holdings, Inc. to replace legacy AV in the fall and then turned to us to replace their legacy QRadar SIEM. Falcon Next Gen SIEM's ease of use, incident workbench, and ease of data ingestion prevailed over a network security vendor and hyperscaler SIEM. In total, our cloud, identity, and NextGen SIEM businesses represent more than $1.3 billion in ending ARR, growing nearly 50% year over year. While each of these businesses can stand on their own, it's the combination of these technologies, when delivered together alongside the broader Falcon platform, that continues to propel CrowdStrike Holdings, Inc. forward as the only true single platform on the market today. And finally, for the first time, I'm excited to discuss our exposure management business, which has quickly become a market disruptor. CrowdStrike exposure management offers both native vulnerability management for devices and applications, coupled with integrated attack surface management. This enables features like attack path analysis and dramatically improved vulnerability prioritization. Our customers are already replacing legacy vulnerability management products at scale. Exposure management wins are easy module attaches to Falcon Flex deals, and we're closing them with regularity as we consolidate out legacy vulnerability management vendors. Representative wins include a large digital radio station, a multinational shipping line, and a large healthcare provider in Asia Pacific. Cybersecurity's leading partners see CrowdStrike Holdings, Inc. as a generational opportunity. Our ecosystem is a key growth lever on our $10 billion ARR journey, already returning significant dividends. From a deal origination standpoint, partners source 60% of our new business in the fiscal year, validating our partner-first strategy and ecosystem investments. In particular, next-gen SIEM has attracted the interest of the GSI community, given their experience configuring the SIEMs of yesterday and the market opportunity to displace these legacy products. In addition, the Falcon Flex subscription model fits the GSI selling motion with incentives for customer flex utilization. Our GSI business neared the billion-dollar milestone in FY 2025, growing north of 40% year over year. Leading GSIs like Accenture, Deloitte, HCL, Wipro, NTT, TCS, Infosys, and Cognizant are investing in their Falcon Services practice, and I expect us to see continued growth from these partners this fiscal year. Our MSSP go-to-market continues to expand at a hyper-growth pace, addressing the needs of small to medium businesses who want their cybersecurity program fully managed. MSSP contributed nearly 15% of our new business in FY 2025, signifying a route to market which has quickly grown and scaled over the past two years. All of our go-to-market partners benefit from our deep investment and strategic focus on cloud marketplaces. We recently announced being the first cybersecurity ISV to achieve more than $1 billion in sales on the AWS marketplace in one calendar year. We also had a noteworthy year with Google Marketplace, where in our first year of partnership, we did over $150 million in deal value out of the gate. We've aligned our partner ecosystem around hyperscaler marketplaces, where we see larger deal sizes and faster deal cycle times. In closing, we are cybersecurity's AI-native agentic platform that stops the breach. Our innovation engine enables us to be a consolidating force for secure AI. Our platform wins. Seven modules are each now individually over $300 million in ending ARR, demonstrating the power of our innovation in driving record adoption and Falcon's multi-act platform opportunity that continues to drive growth. And our go-to-market execution momentum is unprecedented. Businesses are speaking with their wallets, investing in CrowdStrike Holdings, Inc. to secure their futures today, including our end customers and those of our MSSPs. CrowdStrike Holdings, Inc. is trusted by more than 74,000 organizations as their cybersecurity platform of choice, growing more than 30% year over year. And in Q4 alone, we've closed new records in every total deal value segment. Over 20 deals greater than $10 million, over 350 deals greater than $1 million, over 2,300 deals greater than $100,000, and that was all in Q4. It tells me that customers trust CrowdStrike Holdings, Inc. Partners trust CrowdStrike Holdings, Inc. And the market trusts CrowdStrike Holdings, Inc. I open with everyone loving a good comeback story. Ours was forged by the trust of our customers, the dedication of our team, and the loyalty of our partners. For that, I am truly grateful. One thing is certain, in our AI-evolving world, cybersecurity will be an increasingly essential ingredient for life in the AI era. And now, more than ever, the world needs CrowdStrike Holdings, Inc. I'll now turn the call over to Burt Podbere, CrowdStrike Holdings, Inc.'s CFO.

Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP. CrowdStrike Holdings, Inc. delivered a strong fourth quarter and finish to the year, achieving results above our stated expectations across all guided metrics and demonstrating our ability to adapt to unexpected challenges and emerge stronger. Several key areas from our performance and outlook demonstrate the strength and resilience of our business, including, first, the strength of our results demonstrates the power of our business model and sales execution, highlighted by our record total contract value reaching $6 billion in FY 2025, with growth accelerating to 40% year over year. Second, the successful completion of our customer commitment program, which accelerated platform adoption and deepened customer relationships. Our success is demonstrated by Falcon Flex customers adding over $1 billion in Q4 account value and our strong gross retention rate of 97%. And third, as we look ahead, our visibility is improving. We expect net new ARR reacceleration as well as operating margin and free cash flow margin expansion in the second half of FY 2026. We believe this momentum will set the stage for further acceleration in FY 2027 over FY 2026 and position us well to achieve our long-term targets. For the full fiscal year, we achieved 23% and 29% ending ARR and total revenue growth, respectively. Operating income grew 27% year over year to reach a record $837.7 million, 21% of revenue. Net income attributable to CrowdStrike Holdings, Inc. and EPS grew 31% and 27%, respectively, to reach a record $987.6 million or $3.93 per diluted share. Free cash flow grew 14% year over year to reach a record $1.07 billion or 27% of revenue. For the fourth quarter, we achieved net new ARR of $224 million, and ending ARR grew 23% over last year to reach $4.24 billion. Our fourth quarter results showcase the success of our go-to-market and single platform strategies. Falcon Flex momentum is increasing, accelerating platform adoption, and our strong sales execution positions us to extend our market leadership with the AI-native Falcon platform. Additionally, we entered the new fiscal year with a healthy pipeline as we continue to see robust demand for both prospective and existing customers. In Q4, we completed our very successful customer commitment program. We estimate that the ARR value of customer commitment packages provided in Q4 was approximately $56 million, bringing the estimated value for the fiscal year to approximately $80 million. While this exceeded our expectations in Q4, as we concluded the program, the majority of deals that closed with customer commitment packages in the quarter included additional product or flex dollars, rather than extended time and professional services. We view this as a positive for the business as it demonstrates customers' trust in our long-term partnership and, importantly, drives bigger deals and increased levels of platform adoption as customers further consolidate onto the Falcon platform. And as George stated, the success of the program combined with the strong uptake of Falcon Flex gives us confidence in future net new ARR reacceleration as products are deployed, one-time discounts expire, and contracts are upsized and renewed. This dynamic also limited the impact on Q4 revenue, which was de minimis and well below our $30 million expectation, contributing to our strong revenue beat for the quarter. As mentioned earlier, we are seeing substantial increases in Falcon platform adoption, accelerated by our Falcon Flex subscription model. In Q4, subscription customers with six, seven, and eight or more modules grew to 48%, 32%, and 21% of subscription customers, respectively. Notably, customers with five or more modules reached an all-time high of 67%, and on average, new customers are landing with at least five modules. Given this new heightened level of platform adoption on a broad scale, we will discontinue the five or more metric. Our Falcon Flex program fueled an acceleration in platform adoption in FY 2025, with Falcon Flex customers adopting more than nine modules on average. Flex is our future. Additionally, in Q3 of FY 2025, we announced the launch of CrowdStrike Financial Services, or CFS, and have already closed deals worth over $140 million through the program in FY 2025. CFS enhances our customer's ability to do larger and longer-term deals with us, further enabling future platform adoption and strategic Falcon Flex deals. As our growing module adoption demonstrates, customers are purchasing the Falcon platform for strategic long-term single platform standardization and increasingly leveraging Falcon Flex as the vehicle for these purchases. In addition to accelerating module adoption, our strong customer relationships underpin our exceptional customer retention. Gross retention in Q4 remained high at 97%, and our dollar-based net retention rate was 112%, reflecting the impact of customer commitment packages. Given the size and scale of our business, we're very pleased with our net retention. Moving to the P&L, total revenue grew 25% over Q4 of last year to reach $1.06 billion, ahead of our expectations. Subscription revenue reached a new milestone of over $1 billion in quarterly revenue, growing 27% year over year to $1.01 billion, while professional services revenue was $50.2 million. Total gross margin was 78%, and subscription gross margin was over 80% of revenue, both in line with last year's Q4 performance. Total non-GAAP operating expenses in the fourth quarter were $607.8 million compared to $448.1 million in the prior year. In Q4, we continued our disciplined approach to investing, prioritizing investments in platform innovation and resiliency. Our customer-first mindset is central to our approach to innovation and the driving force behind the success of our single platform strategy and industry-leading retention rates. In the fourth quarter, non-GAAP operating income grew to $217.3 million, and operating margin was 21%, well ahead of our guidance. Our investments in AI are driving significant internal efficiencies, enabling our teams to focus on high-value activities across the business. In Q4, we saw strong employee adoption of AI capabilities, with average reported time savings per employee of over one full workday a month, equating to more than 24,000 work weeks saved if annualized across our entire workforce. We are also leveraging AI to automate key sales processes and streamline reporting and workflow. By automating the hours of manual work involved in these tasks, we can deliver new efficiencies in the business while continuing to execute on growth initiatives. GAAP net loss attributable to CrowdStrike Holdings, Inc. was $92.3 million and included $49.9 million of tax expenses related to acquisitions and $21 million of incident-related expenses, with the remaining loss related to the ongoing impact of one-time programs for employees and one-time incentives for the sales team. Non-GAAP net income attributable to CrowdStrike Holdings, Inc. grew 10% over Q4 of last year to $261.0 million or $1.03 on a diluted per share basis, well ahead of our guidance. Cash and cash equivalents grew to $4.32 billion. Free cash flow was $239.8 million or 23% of revenue. Incident-related expenses impacted Q4 free cash flow by approximately $22 million. The $93 million in deals financed through CrowdStrike Financial Services in Q4 had a de minimis impact on the quarter's free cash flow as expected. Moving to our outlook and modeling notes, the fundamentals of our business remain strong, and we remain committed to our long-term target model. We are encouraged by first, best-in-class customer retention rates and the success of our concluded customer commitment program. Second, continued strong and rapid adoption of Falcon Flex, which is accelerating module adoption rates, helping drive deeper strategic relationships with our customers, and positioning us for long-term growth. And third, a robust demand environment across multiple large and growing markets, including next-gen SIEM, where we are in the early stages of disrupting a large legacy market, and newer markets such as agentic AI for cybersecurity, where our unique data advantage positions us as the natural innovation and category leader. Visibility is improving as we move further from the sun. While we do not guide to net new ARR, our assumptions include a typical Q4 to Q1 seasonal decline of approximately 21% to 23% quarter over quarter. The net new ARR acceleration we expect in the second half of FY 2026 sets the foundation for further acceleration in FY 2027 over FY 2026 as we scale the business to our goal of $10 billion of ending ARR by FY 2031. It also sets the stage for operating and free cash flow margin improvement in the back half of the year, particularly in Q4. Our operating margin guidance reflects the upfront investments we're making in key areas of the business, which we expect to yield clear ROI by the back half of FY 2026, fueling our growth and innovation. The high end of our guidance implies a fiscal year 2026 non-GAAP operating margin of approximately 21%, and we plan to return to GAAP profitability in Q4. Looking beyond this year, we plan to deliver a 23% non-GAAP operating margin in FY 2027 as we quickly ramp to our target non-GAAP operating model by fiscal 2029, which includes a free cash flow margin target between 34% and 38%. Please note, in Q1 of FY 2026, we expect cash impacts of approximately $73 million for outage-related costs, including incremental sales compensation, as well as $43 million due to the impact of flexible payment terms provided under customer commitment packages for deals closed in the back half of FY 2025. We expect to exit fiscal year 2026 with Q4 free cash flow margin at approximately 27% and to return to 30% or more free cash flow margin on an annual basis in FY 2027. Moving to our guidance, for the first quarter of FY 2026, we expect total revenue to be in the range of $1,100.6 to $1,106.4 million, reflecting a year-over-year growth rate of approximately 20%. We expect non-GAAP income from operations to be in the range of $173.1 to $180.0 million, and non-GAAP net income attributable to CrowdStrike Holdings, Inc. to be in the range of $162.1 to $167.5 million. We expect diluted non-GAAP net income per share attributable to CrowdStrike Holdings, Inc. to be approximately $0.64 to $0.66, utilizing a weighted average share count of approximately 254 million shares on a diluted basis and a 22.5% non-GAAP effective tax rate, which is a $0.19 impact to EPS at the midpoint. For the full fiscal year 2026, we currently expect total revenue to be in the range of $4,740 to $4,805.5 million, reflecting a growth rate of 20% to 22% over the prior fiscal year. Non-GAAP income from operations is expected to be between $944.2 and $985.1 million. We expect fiscal 2026 non-GAAP net income attributable to CrowdStrike Holdings, Inc. to be between $851.2 and $883.0 million. Utilizing approximately 256 million weighted average shares on a diluted basis and a 22.5% non-GAAP effective tax rate, which is a $0.98 impact to EPS at the midpoint, we expect non-GAAP net income per share attributable to CrowdStrike Holdings, Inc. to be in the range of $3.33 to $3.45. Please refer to our earnings release and earnings presentation for additional details regarding our changes in presentation of non-GAAP measures related to tax and presentation and additional modeling notes. George and I will now take your questions.

Operator, we are now ready for questions.

Thank you. If you would like to ask a question, please click on the raise hand button, which can be found on the bar on the bottom of the

Okay. Great. Hey. Good afternoon, folks. Thanks for taking my question here, and nice finish to the year. Thank you, Saket. Sure. George, maybe for you. You know, we heard on the call that Falcon Flex is the future. I was wondering if you could just talk a little bit about how Falcon Flex is driving better value for customers and any examples you have of maybe how current customers are growing their existing spending with CrowdStrike Holdings, Inc. through Falcon Flex.

Sure. Thanks, Saket. And as we've talked about for some time, Falcon Flex was really born out of customer demand, wanting to consolidate more with CrowdStrike Holdings, Inc. and wanting to create a flexible way to procure more modules. So when we think about Falcon Flex, again, it opens the entire product catalog up to our customers, and then they can add new modules without necessarily going through a procurement cycle. They commit. The more they commit, the better the discounts, and they can basically use that very seamlessly in their environment. So let me just give you one example. Last quarter, we had a large transportation company where we consolidated three vendors: cloud, SIEM, and multiple endpoint vendors, and we moved them to a flex. And in this particular case, large enterprise, we increased the ARR by 67%. That's just one of many examples that we've seen. And in general, what we're finding is that customers, as we go through the demand plan, they're ahead of schedule in their demand plan in consuming the flex, which is a great stat for us. And we called out some of those in the earnings script. So excited about Falcon Flex, and it's our really market-leading way to engage with customers as we go forward.

We are ready for our next question.

Our next question will come from Brian Essex with JPMorgan. Please unmute your line.

Okay. Hopefully, you can hear me. Thank you for taking the question. I guess I want to talk about emerging products, and if I look at the growth rate, it seems as though cloud and identity decelerated at a faster rate than log scale. Is that a function of the incentives and how customers may have spent it in cloud and identity as opposed to log scale, which may have more on how your customers are consuming those so you could understand the sustainability of those emerging segments.

Yeah. Good question. So I just recently, as you may have seen in our threat report, we talked about identity and how critical it is to customers. Since 2019, as an example, 40% of the attacks were identity-based or non-malware based. And, in the current report, 79% are non-malware based. A lot of it is around identity. So what we've seen as part of the CCP packages is that identity and cloud have been a big driver of what people have been taking because they know it's so critical for their protection going forward. So, you know, when we look at that and as we talked about the back half of the year, CCP sort of elements will be burning off. And obviously, it's a great opportunity to be able to renew what they're already using and how we're already protecting them. So we view it as a net positive and seeding the customer base.

And we're ready for our next question, please.

Our next question will come from Gabriela Borges with Goldman Sachs. Please unmute your line.

Hi. Good afternoon. Thank you. Burt, I wanted to ask you a little bit about how you thought about guidance for the year because we had the pause in the external demand gen around the July time frame. We had the enterprise sales cycles pushing out by, I think you said, 15%. Maybe just talk us through how did you think about the puts and takes to the back half of the year as some of those dynamics reverse and then Brian's earlier question, you also have the CCP contracts renewing. Maybe just walk us through how you thought about some of those dynamics. Thank you.

Yeah. Sure, Gabriela. Thanks for that. So I think George touched on some of it already. With respect to, you know, the CCP programs, the one-time incentives with respect to those, you know, coming due in the back half next year, gives us confidence that we're gonna be able to have, you know, take advantage of the opportunity to upsell, you know, and our customers. They're already using it. They're already loving it. Gonna be easy for them to renew. And, of course, as we continue to think about new products that we're coming to market with, it's a great discussion to have. We've already gone through, as George said, the demand plan in terms of drawing down from their flex pools. So this gets us excited about our ability to actually go and have that reacceleration in the back half. And I think that it really talks to not only the emerging products that we, you know, that we've had great success in, but even, you know, the rest of our products. We have 29 modules to sell to our customers. We have this opportunity to upsell them, to take out costs and show the value of CrowdStrike Holdings, Inc. That's why we get excited about the reacceleration of net new ARR in the back half.

And we'll move to our next question, please.

Our next question will come from Tal Liani with Bank of America. One moment, please. Tal, your line is now open. Please feel free to unmute.

Thank you. I have two questions, so I'll choose one. Contribution from existing customers. If I look at your GRR and NRR, and I calculate contribution from existing customers versus new customers, your performance on new customers is very consistent. You're growing between 10% to 11% a year from new customers. But the growth from existing customers had gone down, which means there is a decline in the growth in upselling to existing customers. So you started the year when Q1, it was 21% growth coming from existing customers, and you ended the year with 15%. And every quarter, it goes down. Can you talk about your ability to take NRR back up, which is the function of sales to existing customers or upsell to existing customers?

Sure, Tal. Thanks. So, you know, there's a few dynamics that are impacting, obviously, dollar-based retention. Obviously, you know, our CCP had an impact. But remember, you know, DBNR is a noisy metric for us. You know? As you know, we don't manage to it. In any given quarter, we can land bigger, longer deals, which does put pressure on our dollar-based net retention. George talked about what flex does to that environment. Flex gives us the opportunity to enter into larger, longer deals, which could impact DBNR, but that's a good thing for us. We want customers to engage with us with bigger deals, longer deals. That's exciting. Conversely, we now have a bigger base to sell into. We have this opportunity to go after more logos. So, you know, in any given quarter, we're gonna get different dynamics and different pressures, but I think the good news is we've got a lot of room with respect to new logos, and we've got this ever-expanding base where we can sell into and upsell and cross-sell. So that's how I look at that dynamic.

And we are ready for the next question.

Next question will come from Joel Fishbein with Truist Securities. Please go ahead.

Thanks for taking the question. Hey, George. Thanks for the color around AI and AI strategy in Charlotte. Would just love to get a little bit more color around pricing and competitive environment around the AI security, that'd be really helpful.

Thank you. So yeah, I mean, when you look at Charlotte AI and what we've been able to do from an agentic AI perspective, we talked about some of the efficiencies in terms of hours saved. We've talked about taking a level one analyst, turning into a level three. And with Falcon Flex, we have a lot of attach of Charlotte in these deals, and we continue to wire it into our workflows, which is a key part of being agentic. So I think overall, we're getting feedback from customers. They like it. They're using it. And, one of the interesting facts that has come out since we released this is that we certainly geared it towards that level one analyst, but actually finding that the level three analysts are using it even more because they understand how to prompt it and get information out of it. So overall, it's, I think, been very encouraging, the uptake. And, certainly, it continues to perform and save our customers a tremendous amount of time and effort. So we'll have updates on Charlotte, but full steam ahead. And as you and I have talked about in the past, you know, it's still early innings in this agentic world, and we continue to lead the way.

And we're ready for the next question.

Our next question will come from Matt Hedberg with RBC. Unmute your line.

Great. Thanks for taking my questions, guys. George, for you, you know, exposure management is near and dear to your heart. And it I could you could sense the enthusiasm with some of your early wins. I'm just curious to put a finer point on that. Are we talking about full, like, net endpoint replacements there? I just just wanna make sure that I understand, like, the competition of your platform versus some of the PurePlays.

Yes. We are. When we look at our technology there, whether it's exposure management, vulnerability management is an element of exposure management. We've done some acquisitions. We've had some capabilities for a while, particularly on the agent side. And we have released the ability to actually scan over the network, which was a missing element that we didn't have in the past. So that really allows for fuller replacements in a competitive environment. And, you know, our customers have been asking for it. We focus on the agent first. Of course, that's where we know, where our strength is. And now with the ability to scan, it really has unlocked the potential to replace a lot of the competitive products in that market. So we remain excited. It's fully integrated. It leverages, you know, the full base of data that we have in our AI and workflow infrastructure, and we'll continue to give you updates on it because we think it's a real added element to the repertoire of the modules that we have, and we're proud to tell you about the success.

And we're ready for the next question.

Our next question will come from Andrew Nowinski with Wells Fargo. Please go ahead.

Great. Thank you, and congrats on a really strong recovery quarter here. I'd like to just dig a little bit deeper on your net new ARR. If you could just clarify how much the Adaptive Shield acquisition contributed this quarter in Q4, and then if, you know, if you add back the $56 million you talked about in CCP, it looks like net new ARR was still down about 1% year over year. But gross retention was unchanged. You know? So it doesn't look like churn increased at all. I'm just I'm wondering if you think customers might still be holding back on spending as a reason why net new is still down 1%. Thanks.

Hey, Andrew. So let me take the churn and contraction question first. So, basically, for us, what we saw for CCP, any churn and contraction with respect to CCP was really de minimis. There was not much there at all. And with respect to churn and contraction overall, it was really in line with what we've been seeing. There's been no anomalous behavior with respect to churn and contraction. So we're actually really excited about where we're headed with respect to net new ARR. And certainly with the reacceleration in the back half. You know, with respect to Adaptive Shield, it was a very small number with respect to ARR, so it's diminished from our perspective. But when you think about the opportunity, that's a very different story, and I'll turn it over to George to talk about the opportunity with Adaptive Shield.

Yeah. This is one where our customers are really excited. The day it was announced, all of our flex customers asked when they can have it, and, you know, 20 days later, it was part of their rate card. So we've seen amazing adoption of it in the early days here. Obviously, we'll continue to give you updates, but it's a fantastic technology and something that's really needed in the environment today.

We're ready for our next question.

Next question will come from the line of Fatima Boolani with Citi. Please go ahead.

Good afternoon. Thank you for taking my question. George, you referenced the staggering in-period deal value that you would contracted for Falcon Flex specifically. I specifically wanted to ask you about the Falcon Flex dollars that you have given in kind to some of your CCP customers. I wanted to get an understanding of how quickly they're burning through those in-kind flex dollars that you've given them, such that it is triggering earlier renewal, earlier upsell events. And if that was a contributing factor to how robust the in-quarter deal value was for Falcon Flex. Thank you.

Sure. Well, what we've seen, as we've moved to Falcon Flex and certainly CCP is just leveraging the licensing model of Falcon Flex to provide some value back to our customers. But as Burt and I have talked about, the back half of the year, we certainly, you know, look towards that as where those Falcon Flex CCP dollars would burn off. A lot of our sellers now, again, are focused not on just selling new modules, but demand planning with our customers. And we're seeing the demand plans be ahead of schedule. Right? So that's a good thing. And, obviously, the more they can consume within a shorter period of time, the better for us. And, obviously, we want to be there to provide value in any of the modules we have or, you know, some of the newer ones like Shield. So any other comments on that, Burt?

Yeah. Look, I think, you know, we have this great opportunity in front of us. I think remember, the one thing that really gives us more excitement about the back half that George is referring to is we still have a lot of customers, you know, to talk about flex with. Right? We have, you know, a subset we've already dealt with, but we've got a whole lot more that we can go after that are still, you know, coming up for renewal or, you know, talking to them about their demand plans. So we're excited about that opportunity that's in front of us.

And we'll take our next question. Our next question will come from Greg Moskowitz with Mizuho. Please go ahead.

Okay. Thank you very much for taking the question. George, exceeding a billion dollars in sales through AWS marketplace in a twelve-month period, I mean, that's really stunning. And I'm not sure everyone remembers that you, quote unquote, only eclipsed a billion in lifetime sales on AWS in October of 2023. So clearly, the growth rate that you're showing here is still very high, but you know, given that we're running into the law of larger numbers, would just be helpful to get your perspective on the growth outlook for CrowdStrike Holdings, Inc. on AWS marketplace over the next two, three years. Thanks.

Well, certainly, you remember it, so thanks for calling that out. And AWS has been a tremendous partner for us. Not only do we work with them, but we work with our other partner network in conjunction with them. Right? So it's important to make sure that we've got all the partners, you know, moving in the right direction. I only see it going up. I mean, it is the way customers want to consume. And you have to look at the cloud environments and the hyperscalers right now. The larger enterprises are committing more into these marketplaces and cloud providers. And the beauty of the marketplace is that customers can use those dollars to burn down on it and procure CrowdStrike Holdings, Inc. So we only see opportunity in this marketplace. And we see it certainly outside of the US. A lot of it has been focused in North America, but I think the rest of the world really opens up, particularly when you look at some of the cloud environments in different nations and sovereign data requirements, things of that nature. So we're very optimistic with our partner. And not only AWS. Right? You we talked about GCP and others that have been fantastic routes to market. I think it is really one of the future ways that customers will continue to procure through CrowdStrike Holdings, Inc.

And we're ready for our next question.

Next question will come from Joseph Gallo with Jefferies. Go ahead.

Hey, guys. Thanks for the question. It was awesome to see the $600 million of cloud ARR growing 45%. You just talk through that competitive landscape? Has that stabilized? One of your biggest cloud competitors noted on their earnings call that customers are gravitating towards workflow protection and agent architecture. Is that something that you're seeing as well? And then, you know, given your strength and workload protection, when, if ever, do you expect customers to consolidate on a cloud solution? Thanks.

Yeah. I think that's absolutely right. When you look at the market, and you've got CSPM and you've got workload protection. I mean, CSPM is a great technology, but it's more of a reporting and compliance as opposed to stopping the breach. So if customers are looking to stop the breach, you're going to need workload protection. And, of course, that is our DNA. We've been working on that for, you know, the better part of a decade, and it's very well refined. And we've earned a trusted spot in running in the most critical infrastructure on these workloads. So we continue to see consolidation in these areas. We certainly have expanded our CNAP capabilities across, you know, whether it's CSPM or ASPM or DSPM, etcetera. Lots of PMs in there, but we have all of those, and we're routinely consolidating customer spend in that area. So we're excited about the $600 million milestone and the success that we're having in the cloud environments with our customers.

Great. And we're ready for our last question, please.

Our last question will come from Patrick Colville with Scotiabank. Please go ahead.

Alright, guys. Thank you so much for taking my question. And I guess I want to ask about the bottom line. You never had any questions on the bottom line. So, you know, guiding to 20% operating profit margin in fiscal 2026, I guess, can you just talk us through the puts and takes there? You know, is that because of the drag on the first half before the reacceleration in the back half? And then did you soft guide, Burt, to 23% op margins in fiscal 2027? So I guess a snap back from next year.

Yeah. Thanks, Patrick. So let me start with being that, you know, we had a very successful CCP program, and our profitability guidance, you know, reflects some of the sales and marketing costs of FY 2025 CCP packages amortized over the entire year. So that's gonna impact, you know, our margin. We also have some, you know, one-time upfront investments in key areas of the business that we need to bolster our, you know, increasing scale. Some of those could be related to the fact that we are fully reigniting our marketing initiatives, you know, post the outage. We've got innovation across high-growth and emerging products across areas including cloud security, identity protection, next-gen SIEM, and AI. We also have ramping investments in our internal use of AI tools. We feel that we can get significant savings, you know, in the out periods. The investments that we're gonna make today. We also have been increasing our investments in our platform resiliency, which we believe will be a competitive advantage for us when we're going up against some of our competitors with respect to our, you know, being the best in not only best in class in terms of security, but the resilience behind that as well. And then finally, I want to end by saying we expect operating margin and free cash flow margin to expand in the second half of FY 2026.

Thank you all for joining. Please, I just wanted to make one reminder to please refer to our earnings presentation, which is posted on our investor relations website, and for additional modeling notes as well as the details on the changes in presentation. With that, I'll turn the call over to George for closing remarks.