CrowdStrike at Goldman Sachs Conference: AI Innovations in Cybersecurity

On Tuesday, 09 September 2025, CrowdStrike Holdings Inc. (NASDAQ:CRWD) participated in the Goldman Sachs Communicopia + Technology Conference 2025. CEO George Kurtz highlighted the company’s strategic focus on integrating artificial intelligence (AI) into cybersecurity, emphasizing both positive developments and existing challenges. Despite fluctuations in annual recurring revenue (ARR), CrowdStrike continues to innovate with AI-driven solutions, aiming to enhance security operations and expand into IT observability.

Key Takeaways

• CrowdStrike is integrating AI into cybersecurity strategies, focusing on AI for security and securing AI.
• The company reported a 95% increase in its AI Security Information and Event Management (SIEM) business.
• Strategic acquisition of Onum aims to enhance data pipeline capabilities.
• The Falcon platform now includes Next-Gen SIEM with 10 gigabytes free for customers.
• CrowdStrike is expanding into IT operations and observability, leveraging its existing agent footprint.

Financial Results

• AI SIEM annual recurring revenue (ARR) surpassed $430 million, with Q2 growth exceeding 95%.
• CrowdStrike delivered a record $221 million in ARR last quarter.
• CFO Burt noted a 40% reacceleration in ARR growth expected in the latter half of the year.
• A divergence between ARR and revenue is attributed to partner rebates, anticipated to normalize by Q3 and Q4.

Operational Updates

• The Onum acquisition enhances in-pipeline detection and data forking, accelerating Next-Gen SIEM adoption.
• The Falcon platform offers a built-in Next-Gen SIEM with 10GB free, and Falcon Foundry allows customers to create custom modules.
• New PAM module launched, with customers transitioning from legacy systems.
• Falcon Complete MDR leverages AI for increased automation in managed detection and response services.

Future Outlook

• CrowdStrike is advancing towards AI-driven automation in security operations centers (SOC) to improve efficiency.
• The company anticipates a surge in AI agents, requiring robust security solutions.
• Expansion into IT operations and observability is underway, utilizing the agent footprint for broader telemetry.

Q&A Highlights

• Customers are in the early stages of AI adoption, seeking secure methods to operationalize AI.
• R&D investments focus on innovation and single-agent architecture to address customer challenges.
• Falcon Flex licensing is seeing high utilization, with customers using more licenses sooner than expected.

Readers are encouraged to refer to the full transcript for a comprehensive understanding of CrowdStrike’s strategies and insights shared during the conference.

Full transcript - Goldman Sachs Communicopia + Technology Conference 2025:

Unidentified speaker, Interviewer: All right, fantastic. We will go ahead and kick it off. Day two of the Goldman Sachs Communications and Technology Conference. Thanks so much, everyone, for joining us at the CrowdStrike session. Delighted to welcome George Kurtz back on stage with me, Founder and CEO of CrowdStrike. Thank you for joining us.

George Kurtz, Founder and CEO, CrowdStrike: Great to be here.

Unidentified speaker, Interviewer: George, I know how much you pride yourself on being more than just a vendor to your customers. What I mean by that is you spend a lot of time having more strategic conversations about where a security strategy is going. Maybe to start, share with us some of those conversations on AI strategy in particular. With your largest, your most technology-sophisticated enterprise customers, how are they working with you and how are they thinking about what their security strategy looks like in an age of AI adoption?

George Kurtz, Founder and CEO, CrowdStrike: Yeah, I think when you look at customers and larger enterprises, everyone is in their early days of their journey of AI. It started in 2022 with, hey, this ChatGPT thing is pretty cool. It can give us some really cool results until you get something wrong and you have to correct it and it’s like, oh yeah, you were right. Yeah, sorry about that. I was wrong. As you get through that journey, then it’s like, okay, where can we operationalize AI and what does it mean for a business? I think, keeping my CEO hat on, it’s really about can it make you money or save you money? People are in that journey. Where can they use it? What areas? They start in legal, do they start in sales? Do they look in, they’re in financial services and in sort of trading and those sort of things.

How do you do that in a secure way? It started from we’ve got everybody using ChatGPT and it’s totally uncontrolled and data is going everywhere to we’re going to shut it all down and then we’re going to open things back up. We have to put guardrails around it. We have to manage the data. We have to manage the identity. That’s been a couple-year journey and we’ve been helping them with providing the guardrails, understanding the models, protecting the intellectual property. You really have to enable AI to allow people to get all the benefits from it. We’re such in the early innings, that’s what we’re seeing right now. I don’t think there’s a company that I’ve talked to where I talk to the people in the business and they go, we want to use more AI, but we can’t. It’s like, why can’t you?

Well, corporate doesn’t let us. Great opportunity for us.

Unidentified speaker, Interviewer: To what extent is it building on the existing security foundational elements that already exist versus maybe catalyzing an incremental step function in modernization or next-generation product and architecture?

George Kurtz, Founder and CEO, CrowdStrike: If you look at most companies, I don’t know how many companies in here think like their data is really good. I haven’t found one. If you think like your data is really good, show of hands, it’d probably be like zero because everyone’s like, oh, we have this data, it’s in Salesforce, it’s kind of a mess. Does that sound familiar?

Unidentified speaker, Interviewer: Absolutely.

George Kurtz, Founder and CEO, CrowdStrike: Right? I think there is this process now of like, okay, we’ve got to get our data architecture in line. We’ve got to make sure that we can put it in, you know, a Snowflake or a Databricks or what have you. We’ve got to train it and those sort of things. It’s just kind of a forced function into like, let’s start cleansing the data, let’s start labeling the data. How do we move data around the organization and begin to provide some level of governance around it, which some have? That needs to be in place so that you can actually get the training done on these models and then implement it in a secure fashion. It ties into identity, which I know we’re going to talk more about.

It all starts to come together and it’s just the next industrial revolution that we’re going to see around AI and all of the things that you’re going to need to actually get the full benefit of it. They’re all going to need security, all of it. If you believe in AI and you believe there’s going to be more AI in five years than there is today, then you’re going to believe in the security story that security has to be part of AI in order to enable it.

Unidentified speaker, Interviewer: Yeah, and it’s interesting because not all pieces of the security budget are created equal. What I mean by that is an analyst will break down, okay, here’s network, endpoint, identity, SIEM. The question for you is how do you think about where in the stack the value is going to accrue? You made a really interesting comment on the earnings report saying that AI is not a network problem. Maybe elaborate on that a little bit and how you think about the framework for what’s defensible versus what’s less important.

George Kurtz, Founder and CEO, CrowdStrike: I think you have to look at where AI originates from and how people use it. Certainly the data is a big piece of it. I talk about what CrowdStrike does in terms of our training for some of our AI models. We’ve become the Reddit of AI security data because we have all these annotated security events over the last 10 years. You have to look at in each company where the data is coming from, how it’s labeled, how you have this kind of human feedback loop that you’re still going to need. You have to look at who’s using it. At the end of the day, you have some autonomous actions that take place, but it’s for the benefit of humans. Humans are going to be guiding all these AI agents, right?

That’s why when I talked about on the earnings call, it was like you got to, you know, it’s at the endpoint, it’s at the workload, it’s at the data level. It isn’t like some network device that’s magically going to make AI secure. You have to look at how people use it and where it originates from. A lot of it starts around data and humans.

Unidentified speaker, Interviewer: In the city of data, we hear this argument that the offense has the data too, meaning you’ve got defenders using AI in their security architectures. You’ve also got the bad guys using AI to attack. My question for you is, could it actually be inverted this time around where the defenders can use AI to apply it to the data such that the defenses get stronger at a faster pace and the attackers can find holes in it? I’m curious how you think about that.

George Kurtz, Founder and CEO, CrowdStrike: The way we look at it at the highest level is, you know, you have AI for security, which is the way we started CrowdStrike. It was machine learning at the time, but it was using that to secure systems. You have securing AI, the two different things. When we think about the ability to actually secure companies, it really comes down to a time element. The window of exposure and how fast things can be exploited have moved from weeks to days to now minutes to sometimes seconds. In one of our threat reports, we talked about exploitation of 52 seconds. You’re going to need AI to be part of that solution. I just kind of give you an idea of the threat landscape. Maybe tell you one story. A week or two ago, our researchers found some malware.

It was really interesting because what it did is it would drop on a system and then it would gather a bit of information of what that system was. It would go out to a GPT and it would start querying it for like, hey, you know, write a script that allows me to get all the data off the system or, you know, write a script that allows me to move from one place to another or, you know, it went through a whole bunch of recursive sort of questions into a public GPT. Think about each time it dropped on a system, it gave a unique response back to what was on that system. It actually learned what the function of the system was. Was it a database? Was it an email server? Was it a desktop?

Based upon learning that, it would actually provide different actions for how it was going to exploit it and what data it was going to harvest from it. That’s kind of what we’re dealing with, right? The speed at which that’s happening is like unparalleled.

Unidentified speaker, Interviewer: Absolutely. The threat intelligence part of your business leads really nicely into discussion around security operations center. Your AI SIEM business was up more than 95% in Q2, ARR north of $430 million. One of my favorite phrases that you used, it’s like upgrading from a typewriter to a computer with moving from legacy solutions to a CrowdStrike solution. What do you see as the biggest impediment today in your customer base from getting people to make that upgrade cycle from typewriter to computer?

George Kurtz, Founder and CEO, CrowdStrike: There is always a level of inertia in what people are familiar with. When you have newer technologies, you have to really focus on what the outcome is. Sometimes you may talk to a customer and they’re like, well, we do it this way. It’s like, okay, but what is your outcome? You don’t really need to do those five steps when we can just go right to the step that you want and the outcome that you desire. That’s really what we focus on. I don’t know, I’m a simple guy. I like to just break it down into better, faster, cheaper. We can offer a solution that gives you better outcomes faster and we can reduce your costs. I mean, we’re taking costs from some of the big legacy SIEM vendors and we’re cutting it to a third of what people were paying.

There is a reason why people are moving to CrowdStrike. What’s important to keep in mind too is every Falcon platform customer has Next-Gen SIEM built in. It’s in the platform. The only thing we need to do is license it and we actually give them 10 gigabytes free so anybody can use it. The second critical piece, which sometimes I think gets often overlooked, is we actually don’t charge for first-party data. What that means is first-party data is CrowdStrike data, the data that we generate from our agents that people were taking from their legacy SIEM and paying to move it, yeah, sorry, taking from us and paying to move it into a legacy SIEM. You don’t have to do that anymore. You actually don’t pay for that. That’s vastly different than their old models and very disruptive.

Where we charge them is for ingest on the data that we don’t have. Now, when you combine that with Onum, that’s the acquisition we did last week or even a week or two ago, that’s like the railroads, right? We control the pipeline of where data originates and where it’s going to go. We can do in-pipeline detection with AI at the source of the data and the events, where it originates. Again, this is for third-party data. It’s very disruptive on the speed and the cost. We can go into a customer and basically say we can dramatically reduce your cost and give you a much better outcome.

Unidentified speaker, Interviewer: Maybe just crystallize this point on Onum and the data pipeline piece of this. When you approach customers in the pipeline today, or when your sales team does, and they say to you, we get this on paper, but this is not a priority for us. It’s going to take us X number of months to migrate. What is X in the number of months and what is it post-Onum?

George Kurtz, Founder and CEO, CrowdStrike: It depends on each customer. Let me just tell you through the sales cycle typically how it occurs, which is we’re at the point now of customers going, okay, we know your stuff works. We know it works at scale. You have plenty of reference customers. We tried it. We like it. We want to move from our legacy SIEM to you, which means we’re not going to renew something. We got to move it all over to you. Typically, the way that would work is you would run two systems in parallel and then you would cut over. What Onum allows us to do is not only can it do in-pipeline detection and really cool kind of features, but you can fork the data. Literally, you can have one event and send it to multiple places. It doesn’t matter.

You can keep your legacy SIEM running and then deprecate that over time. By the time the renewal comes up, you’re up and running on CrowdStrike. By the way, Charlie can help actually even in the migration process. That is going to dramatically accelerate the adoption of Next-Gen SIEM. That’s one. We just sort of talked about the security use cases when we announced it. Guess what? It’s an IT product. Any data in your environment in IT can be consumed by Onum. That then moves, continues to move us into different buying centers, into the DevOps buying center, into the IT buying center. You become much more strategic when you’re consolidating all these costs. It is a very strategic acquisition that we did. I think, you know, a year or two when we’re back here, we’re talking about it.

You can be like, that was a really good acquisition because it goes well beyond security into IT.

Unidentified speaker, Interviewer: Yeah, I’m curious because the problems in the SOC have been compounding for 10+ years now. Do you think there is an incremental stress function happening because of AI such that the scalability of log ingestion is increasingly at a breaking point because the complexity of being able to do AI logs is changing? A couple of different concepts in there. Maybe correct my technical knowledge.

George Kurtz, Founder and CEO, CrowdStrike: Yeah, I think people just in general are overwhelmed with the amount of data they have and sort of the noise that they have to deal with. One of the things that we developed is something called Signal, which is to separate the signal from the noise because you have so much data. That’s kind of an AI element that gets rid of all the noise. In general, SOCs are overwhelmed. They’re using legacy technologies. They’re using legacy workflows like SOAR. I think SOAR is going to be dead, right? We can talk about sort of agentic SOAR and what that looks like. These are all transforming the SOC. We work with lots of companies, lots of the companies in the room here, banks, etc. It’s not like you guys are piling on the headcount. I’m sure the conversation is how do you do more with less?

Unidentified speaker, Interviewer: Right.

George Kurtz, Founder and CEO, CrowdStrike: Right. That’s everywhere, not just in IT. When we think about the SOC, it has to transform and it has to become agentic. You’ve got to use AI for what it’s really good at. It can deal with lots of data very quickly, understand patterns very quickly, and it can take actions, even if it’s a guided action, which is going to dramatically reduce the cycle time to getting things done and separate the noise from the signal.

Unidentified speaker, Interviewer: Yeah, absolutely. It leads nicely into a question around agentic in the SOC. We know that security people are some of the most risk-averse people in the IT organization, yet you’re seeing success with Charlotte. One of the comments you made to me a couple of weeks ago was you’ve actually put enough guardrails on Charlotte to make it act deterministically within a set of frameworks. Tell us a little more about that. How do you put the right guardrails on the agents to get to a place of productivity?

George Kurtz, Founder and CEO, CrowdStrike: Yeah, that’s a good question. When we built Charlotte, it was built as an agentic technology from day one, actually before people were calling these things agentic, you know, AI agents. The whole idea was we wanted to go beyond just a kind of a chatbot, right? You can think about Charlotte as an orchestration layer with multiple models underneath it. We had to provide, to your question, guardrails. We had to build all this so that when you ask Charlotte a question, I’m sure when you use ChatGPT or, you know, Claude or what have you, ask a question three times, you get three different answers. You’re like, well, I just asked the question. Why can’t I get the same answer? In security, it’s not a great thing if you get three different answers to one security question.

We actually had to build the guardrails around that to give a deterministic outcome. Those are the kind of things that are maturing in, you know, technologies beyond Charlotte, where when you implement AI, you want to make sure you get the right answer one time. We built all of that in, and then we built all the workflows in. Charlotte has become more of an orchestrator of agentic workflows, which is really where we’re seeing a lot of activity. We’ve got over 30 million different unique workflows that customers are using per week across the platform, which is saving a lot of time and effort. You couldn’t get the right results. To your point around security, people don’t want to take action if you’re getting random results. We had to do a lot of work around that.

Unidentified speaker, Interviewer: Maybe let me ask you the flip side of that question, which is if you think about copilots versus truly autonomous agents, copilots tend to be more deterministic. With the guardrails, what levels Charlotte AI Agentic Response up from being more than just a copilot?

George Kurtz, Founder and CEO, CrowdStrike: I’m going to save that for Falcon because I’m going to talk about that. It is a good question. I think if you look at where a lot of the industry is at, they’re in the, you know, I still have to keep my hand on the steering wheel, right? You want to get to a point where, you know, the car can drive itself. In any big organization, again, you’re going to have a lot of resistance from a risk perspective where you don’t want these agents doing random things. That’s why having the right data to train it on, getting the right outcomes, having the guardrails, and then, you know, it’s going to be an evolution over time where you’re going to have that sort of autonomous piece.

Unidentified speaker, Interviewer: Yeah, the amazing thing about some of these concepts that you’re talking about, whether it’s in the SOC or in the CrowdStrike stack more broadly, is some of the connectivity you have with the agent into observability. When we’ve discussed in the past, I think you framed it as, look, there are five categories of observability. We can do two of those five categories. Maybe bring us up to speed. How are you thinking about your technical roadmap in observability and where do you see CrowdStrike’s right to compete?

George Kurtz, Founder and CEO, CrowdStrike: Yeah, we keep getting asked more and more for different data elements. If you look at Falcon for IT, which has allowed us to cross over into the IT world of gathering information, you have this sort of digital employee experience and these sort of things. We can gather a lot of that information. These are big categories that are out there that go beyond security. Why do we have a right to win there? I like to say we’re in the real estate business, right? We have beachfront real estate, which is our agents, whether they’re running on a laptop or they’re running in a cloud, whether it’s an ephemeral workload. They can pull telemetry beyond just security. What’s the health of the system? What is it doing? What’s the user doing? All the identity data associated with it. These become very interesting to companies.

We have something, it doesn’t get a lot of airplay, and it should, but it’s called Falcon Foundry, which is the ability to actually create your own module on our platform. I think that’s really the hallmark of a true platform, you can create your own stuff on it.

Unidentified speaker, Interviewer: Yeah.

George Kurtz, Founder and CEO, CrowdStrike: You can actually combine and mix and match IT and security data in your own application, and you can solve unique challenges. We have customers doing this and solving things like we didn’t even think about. That’s part of the ability to go out beyond just security. Our ability to go into IT, we’re already there in certain aspects, but I think there’s a huge runway ahead of us into solving more problems, beyond just security, but within our own, you know, within our own lane. You don’t want to go too far afield, but there are a lot of things that we can do that tie in nicely, yeah, that expand our TAM.

Unidentified speaker, Interviewer: Yeah, just on this lane concept. Clearly there are industry leaders in IT asset management, observability, etc. Do you envision a world where five years from now or ten years from now, how do you think about where CrowdStrike fits relative to those incumbents?

George Kurtz, Founder and CEO, CrowdStrike: I think there’s a huge market and lots of bleed over in, you know, observability wants to go in security, security wants to go in observability, and these sort of things. I think at the end of the day, it’s going to be a lot around the workflow and how do you get the data, and then how do you operationalize that and how does that impact sort of TCO and price. A lot of times if you can supply 80% of what somebody wants at a very good price point, they’re like, hey, that does what I need. Like that’s good enough and that does what I want, in some of these other maybe ancillary areas, right?

If you’re really specialized and you have companies that have spent a decade doing it, you know, that might be their niche, but it doesn’t mean that it sort of limits your opportunity because I think having the real estate as a strategic beachhead allows you to do many things, and there’s still a lot of TAM that you can capture.

Unidentified speaker, Interviewer: What are some of the most interesting, or maybe one or two most interesting examples of what customers are building on Foundry, and to what extent does that shape your own product roadmap?

George Kurtz, Founder and CEO, CrowdStrike: Yeah, I mean, we have customers that are building applications like, again, you can pull data in from anywhere and build it into the workflow. They’re looking at specific identity use cases, and then they’re tying into things like Workday. What’s the employee doing? Are they on a PIP, you know, into badge readers? Did somebody badge in? Are they really an employee? They want to get to this piece. They’re pulling from lots of different systems to solve sort of an identity use case. Is it really you? Compliance. They’re pulling data from a lot of different areas, and then they’re building compliance workflows around specific compliance needs that they have for their own industry, and they can load all that up in there. They’re looking at using Foundry for digital employee experience. Is your computer slow? Why is it slow? Is it about to fail?

Is the hard drive, like all these things that cost a lot of money, they’re actually using CrowdStrike to solve that. We didn’t really plan on it. We just have all this data, and then they’ve solved different use cases, and we’re like, that’s a pretty good idea.

Unidentified speaker, Interviewer: Yeah, really cool. Okay, let’s talk a little bit about the identity use case in particular. You’ve been investing in identity since 2020.

George Kurtz, Founder and CEO, CrowdStrike: Yep.

Unidentified speaker, Interviewer: How do you think about where it makes sense for CrowdStrike to compete across the identity swim lanes, and where do you sort of draw the line between being able to invest in specific identity solutions?

George Kurtz, Founder and CEO, CrowdStrike: We’ve been in identity since 2020. We saw it as a major threat vector and things that were really causing companies to be breached. The first thing that we did is we got into ITDR. We helped really, you know, pioneer a lot of that. Identity threat detection and response. We’ve got a tremendous amount of telemetry out of those systems. The key thing here is we already run it on the high ground, which is domain controllers. Right? This is the most sacred of systems in an environment, is to run on a domain controller. We had customers over the years say, okay, you give us all this rich telemetry. You’re already running on our domain controllers. We’re using legacy like PAM technologies. Why don’t you come out with something that can help us, and again, save time, money, and move to a more modern architecture?

With our PAM module, it’s more conditional access and just-in-time access than kind of just credential vaulting. We think that’s, you know, a more modern way to deal with identity. Now, you have governance. You know, I mean, there’s a lot of pieces to identity. We do a few of them. More we’re adding, more we’re coming out with, etc. It’s a big market. You know, again, the good news is we were there very early and we identified it. ITDR, I don’t know, we’re probably the biggest player in that whole market. We keep adding, like the PAM module we just launched a quarter ago. Why? Because customers said we want it. We launched it, and we already have customers on it moving from legacy technology. I think we have more than, you know, our fair share of opportunity to win in that market.

It’s a huge pool of dollars and a great growth opportunity for us.

Unidentified speaker, Interviewer: Just to be clear here, you mentioned you don’t have a vaulting product today. Do you envision a scenario where customers can use you as their PAM solution without needing a quote unquote legacy PAM solution as well, or is it more a comfort?

George Kurtz, Founder and CEO, CrowdStrike: I think customers want more just-in-time. The vaulting is, you know, it’s a glorified password manager. Most of that was created in 1999 to store Windows credentials. What people want is real-time access, you know, conditional access. Not to say you don’t need to store like certain passwords, but that would become more commoditized.

Unidentified speaker, Interviewer: Yeah, it’s interesting because we’ve talked about so many different adjacencies that sit around and in the CrowdStrike platform. It leads me to a question on R&D and how you think about prioritizing R&D. Scale is important in security. You have competitors that will say, hey, we’re out investing you two to one or four to one. We also know that not all R&D dollars are created equal. How do you think about incrementally investing R&D and how do you counter those claims on competitors saying, well, we invest more?

George Kurtz, Founder and CEO, CrowdStrike: They can say whatever they want. A lot of this is where did you actually allocate, in some accounting allocation like your R&D? I think the proof is in the pudding of like what do customers say? Where’s the innovation? How fast are you innovating? Are you one platform? Are you three or four platforms? This is the proof is in the cake that you’re baking, right? It’s not in saying that you spend a lot on the ingredients. There are a lot of ingredients that people spend money on and the product is crap. For me, that’s what it’s all about. It’s about driving innovation and it’s about the fact that we have a brand promise of the single agent architecture with one platform. Last I checked, customers want one. You look at ServiceNow, one. You look at some of these other work, one, one in CrowdStrike.

That costs actually a lot of money to do, and to do it right. That’s the way I would look at it. I don’t get hung up. We spend a lot of money on R&D. We drive a lot of innovation there. Innovation is our lifeblood. We’re focused on solving the customer problems. It’s very complicated and it’s a very convoluted process that we have to go through. Not really. We just listen to the customer. We build what they want.

Unidentified speaker, Interviewer: Yeah, well said. Let me ask you about Falcon Flex because by all the metrics that you’ve disclosed, it’s been a home run in making it easier for customers to buy across the platform. Talk to us a little bit about how durable the momentum you’re seeing with Falcon Flex. I’m sure we’ll get more updates at Falcon, but to the extent you’re willing to give us a little color now, how do we think about the durability of growth driven by Falcon and some of the ARR uplifts that you’re seeing?

George Kurtz, Founder and CEO, CrowdStrike: Falcon Flex?

Unidentified speaker, Interviewer: Falcon Flex, yeah. Thank you.

George Kurtz, Founder and CEO, CrowdStrike: I think Falcon Flex, you know, we pioneered this licensing model. As you’ve seen, everyone now has a quote flex model, one that we got that idea from. Again, driving innovation not only in the technology, but in the licensing world. We listened to customers. They basically said, we want to buy more from CrowdStrike. Make it easy. You got 30 modules. Like you guys can’t keep track of them. We can’t keep track of them. Make them all available to us. Make it easy for us to buy. You know, the only people that like going through procurement are the procurement people. Let’s go through it one time. We get a rate card and we want to add more. We do that. It’s been a total home run. Out of the thousand plus flex customers that we talked about, we got 10% of them reflexing.

Of sort of that pool, we’ve seen 75% utilization of the flex license. We’re seeing customers actually use more of their flex sooner than, you know, they anticipated and we anticipated. Someone might come back and say, geez, is that a problem? Are they going to get a big bill? No, because what we’re doing is we’re working with them on a demand plan to actually remove and consolidate the other products they have so they can buy more of CrowdStrike.

Unidentified speaker, Interviewer: The 75% utilization, maybe just benchmark that for us. How do you contextualize that?

George Kurtz, Founder and CEO, CrowdStrike: If there’s a pool of dollars, they’ve used 75% of it faster than you would on a monthly basis. If it’s they’re using more of it faster.

Unidentified speaker, Interviewer: Yeah, I gotcha. Okay. Talk to us a little bit about what the reflex and the renewal of motion is going to look like over the next 12 months. You have an elevated amount of Flex deals because of the customer commitment program for the last 12 months. What should we be looking for in the renewal cycle? Do you think you’ll see similar uplifts? You’ve already talked about customers tracking ahead of their demand plans.

George Kurtz, Founder and CEO, CrowdStrike: Yeah.

Unidentified speaker, Interviewer: Maybe just paint a picture of what you’re seeing.

George Kurtz, Founder and CEO, CrowdStrike: Just to reinforce, the Flex is the licensing model, right? It’s a commitment, not a consumption. You commit, it’s not a consumption. It’s very easy to track. It doesn’t have variability to revenue, those sort of things. The CCP was just a way that we were able to work with customers and give them a pool of dollars that they can spend. The byproduct of that, the benefit of that is we had to move everybody to Flex. If you wanted CCP, it was a customer commitment package. You had to have Flex. We vastly accelerated the move to Flex rather than just waiting for the natural renewal cycle. We have a lot of customers that are just on Flex and consuming it. CCP is the customer packages that burn off Q3, Q4.

Some of it runs multi-year type of thing, but you’re going to see those kind of run out. Obviously, the whole idea is in 95% of the time, someone’s going to renew that module if they got something for free.

Unidentified speaker, Interviewer: Yeah, absolutely. I know Burt and the team have spent time dissecting the delta between ARR and subscription revenue. Maybe I’ll ask you the higher level question. When do you think that begins to normalize, and how does that shape the way you’re thinking about the 2027 growth algorithm, understanding that it’s too early for us?

George Kurtz, Founder and CEO, CrowdStrike: Yeah, I mean, the key metric for us is ARR. If you looked at the $221 million that we delivered last quarter, it was a record for us. Reacceleration. Burt talked about the 40% reacceleration in the back half of the year, right? 40% growth on ARR. That’s the key metric. There’s a bit of a divergence now because we really have an accounting artifact between revenue and ARR, and that is the partner rebates. The reality is, when we gave away some free products, we had to pay the partners, right, on stuff that was free. That is actually a contra item. You would think it’s a sales expense. It’s not. It means you have revenue minus the contra. It gives you new revenue. It gives you your net revenue. That’s where you see the divergence.

When the partner rebates or when they’re abated over Q3 and Q4, then ARR and revenue converge back together.

Unidentified speaker, Interviewer: It’s interesting because you’ve seen so much success on the back of some of the "free" programs in terms of adoption. How do you think about, does it make sense for that to perpetuate for longer, or have you all as a management team drawn a line in the sand and said, look, this is the period of time in which we’re running this particular program?

George Kurtz, Founder and CEO, CrowdStrike: That was for a specific, you know, incident that we had to deal with. That’s in the rearview mirror, but we have the ability with Falcon Flex to be able to be very creative, you know, in work deals. Hey, if you have a legacy technology that you want to run out, we can be creative and put money in a pool. Like you want to move from your old SIEM to our SIEM, we can help you with that. There are a lot of levers that we can pull and we do. This is a normal part of running, you know, a software and technology business. This is what happens. You figure out where you are, what deal, you know, you’re trying to get through and who you want to replace.

You just kind of creatively come up with like how do you make it a win for the customer and how do you make it a win for them. With Flex, you only pay for what you use when you use it. It makes it really easy to ramp out of an old technology and ramp into ours without a whole bunch of extra cost. Those are the levers that we pull and that’s, you know, software 101.

Unidentified speaker, Interviewer: Yeah, absolutely. I wanted to ask a question about the economics because CrowdStrike has had consistently benchmarked best of class relative to security, relative to all the software. I’m curious, when you look internally throughout your operating structure, are there particular levers that you’re excited to pull because of AI applications internally? Maybe there’s a little bit of discussion here as well on you’re touching so many different points within the IT stack now that the CAC actually goes down relative to addressing some of these new categories. Maybe just holistically, how do you think about the durability of where your margins can go?

George Kurtz, Founder and CEO, CrowdStrike: We look at AI everywhere internally. You know, maybe just in general, like where can we be more efficient? You know, things like legal, things like sales, marketing, etc. Those are kind of ones you would expect. We’ve gotten tremendous efficiencies out of it. One of the big areas that we’re investing in, which actually drives Charlotte to be even better and better, is our Falcon Complete MDR service, right? Our managed detection and response. We have one of the largest MDR businesses in the world. By the way, we have to drive automation in it, right? I think there’s sometimes confusion of like, well, you have an analyst, how many customers can they handle? There is this weird, like, or I would say legacy mindset of like, you have one customer to, seven customers to one analyst. We don’t even think about it that way.

The platform does the work. It drives the automation. We continue to get more and more leverage in that business. The output in terms of the technology we build actually goes into Charlotte. What we use internally then gets commercialized and goes into Charlotte, and that becomes the basis for solving customer problems.

Unidentified speaker, Interviewer: Yeah, maybe just on this point with the customer exposure that you have as well. What I mean by that is earlier in the conversation, you touched on having more personas using CrowdStrike in DevOps, in IT observability, Falcon for IT, etc. How do you think about the way your breadth is expanding within customers? Does it actually end up changing your LTV to CAC? The incremental cost of those personas coming onto the platform is actually quite low.

George Kurtz, Founder and CEO, CrowdStrike: I think it can. I think it can change the CAC over time. You just have to keep in mind that there are some specialized centers, right? If you’re selling the DevOps, the same person who’s selling traditional sort of endpoint protection and related technologies may not be the same person that can talk cloud and DevOps and those sort of things.

Unidentified speaker, Interviewer: Right.

George Kurtz, Founder and CEO, CrowdStrike: There’s still a little incremental spend as you specialize. I think overall, we’ve been very efficient in our CAC. We’ve got in-app trials. We’ve got the ability to turn things on very quickly and license them and make it friction-free. All that accrues value to us and our shareholders. As we bring on these new technologies and we have new buying centers, we have the ability, again, to go out and be very efficient from a CAC perspective. Just keep in mind, though, there’s some specialization that’s needed in those areas.

Unidentified speaker, Interviewer: Yeah, right. Maybe we can leave the audience with a tease of Falcon. What are the milestones that people should be watching for next week?

George Kurtz, Founder and CEO, CrowdStrike: It is going to be, obviously, as you might expect, a big talk around AI, some of the things that we’ve already developed, what we’re doing in those areas, and I think how we’re really disrupting the industry. I think one of the things that I would leave you with is if you think about what we did in the sort of, you know, take cloud and Next-Gen SIEM and all those things out of the equation. If you think about what we did when we started the company, we had agents that ran on a computer that protected users with an identity and their data and where they went. If you think about the explosion of AI agents, you may have a 10,000-person company that has a million AI agents. They’re all going to need security. They all have identities. They all have access to data.

They all have access to workflows. By the way, you’re going to have to do introspection of what they did because you’re going to need it from a compliance standpoint. There is no way Goldman Sachs is going to release a whole bunch of AI agents without security and without compliance. That goes for every other company out here. That is the big opportunity. You’ll hear more about that at Falcon.

Unidentified speaker, Interviewer: Fantastic. George, thank you. Please join me in thanking George Kurtz for his time.

George Kurtz, Founder and CEO, CrowdStrike: All right. Thank you.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.