CrowdStrike: Recent Exuberance Creates An Excellent Selling Opportunity (NASDAQ:CRWD) | #microsoft | #hacking | #cybersecurity


-lvinst-/iStock via Getty Images

Editor’s note: Seeking Alpha is proud to welcome John J Henry as a new contributor. It’s easy to become a Seeking Alpha contributor and earn money for your best investment ideas. Active contributors also get free access to SA Premium. Click here to find out more »

Investment Thesis

Since closing at $156.77 on March 8, 2022 CrowdStrike (NASDAQ:CRWD) has rallied over 33% to its April 22, 2022 closing price of $209.85, which represents an astronomical 35x TTM sales multiple. Despite its extremely high valuation, CRWD faces a challenging operating environment with rising costs, intense product competition, and macroeconomic headwinds as broader financial conditions tighten.

We believe any top-line growth surprises for CRWD are likely to be to the downside. And, as we’ll show in the valuation section, there is a long way to fall if growth disappoints.

For current shareholders, we think the recent rally creates an exceptional selling opportunity.

Valuation

Speculation on the stock exchange has spread to all ranks of the population and shares rise like air balloons to limitless heights.

– Frau Eisenmenger, Austria, December 1919

CrowdStrike’s valuation has been defying gravity for quite some time. Let’s do a quick survey of the company using a range of valuation methodologies. We’ll look at its sales multiple, FCF multiple, and EBITDA Multiple. We also analyze CRWD’s rising operating costs (and lack of operating leverage) over the past two years. This is a very concerning trend for growth investors who have bid up the stock in the past 6 weeks.

Sales Multiple

At the time of this writing (4/21/2022), CrowdStrike is trading at an enterprise value of $51.56bn. This is 35.5x TTM sales of $1.45bn. As of Jan 2022, CRWD had $1.73bn in ARR, so we could also say it’s valued at ~30x ARR. There are only a handful of companies in the public markets that trade at such a lofty multiple (Bill.com (BILL), Datadog (DDOG), and MongoDB (MDB) to name a few). A valuation like this is usually matched with exceptional revenue growth projections, very high margins, and a dominant competitive position in an industry. We will see shortly that this is not the case for CRWD.

FCF Multiple and Stock-Based Compensation

Analysts covering CRWD also use FCF as the basis for its valuation – currently, CRWD trades at an implied ~59x EV/FCF, or ~1.3x EV/FCF/growth. This is somewhat in line with high-growth, large-cap software companies in today’s heady market. These analysts take CRWD’s reported FCF at face value. However, CRWD’s reported cash flows are inflated and not directly comparable to other software businesses valued using the same methodology. First, there is the issue of stock-based compensation (SBC). CRWD relies heavily on SBC to pay not just their top executives, but also front-line employees across engineering, sales, operations, etc. Over the past year, SBC has grown 108%, expanding from ~17% of total revenue in 2020 to over 21% of total revenue in 2021. That is expected to continue increasing into the mid-20s as CRWD’s revenue growth decelerates.

These FCF-based valuation metrics, as well as CRWD’s reported non-GAAP earnings figures, ignore SBC as a major cost of doing business in an industry where labor demand is strong and talent is scarce. If you back out SBC and maintenance cap-ex from operating FCF, CrowdStrike is trading at an outrageous ~348x trailing EV/FY’21FCF multiple, based on Q4 2021 results.

Systemic Risks Due to SBC

The trend-line in CRWD’s stock-based compensation (SBC) costs reflect the competitive nature of the enterprise cybersecurity space. The company relies on extremely high SBC to attract and retain talented engineers and salespeople, and to incentivize them to stay. In lieu of this, they would have to offer much, much higher salaries, which would wipe out nearly all of the company’s current FCF. Further, excessive SBC is not just dilutive to shareholders, but it presents a systemic risk in the event of a bear market or stock price re-rating. As it’s multiple falls, employee SBC would fall proportionally, likely prompting an exodus of talent from the company. This could trigger a “death spiral” – key employees leaving the company across all functions at once, which slows growth in the short-term, causing the stock to fall further, resulting in more employees jumping ship due to reduced comp, etc. The only way to prevent this would be to continually raise SBC proportionally as the stock falls, diluting ordinary shareholders to a significant extent.

SBC has grown 108% YoY, far outpacing revenue growth.

Chart of SBC - up 108% YoY

SBC Growth (Seeking Alpha)

EBITDA Multiple

We cannot value CRWD based on TTM EBITDA or EPS, because it is losing significant amounts of money on a GAAP basis. Its net income in 2021 was -234.8mm.

Rising Costs and Decelerating Rev Growth

I acknowledge that CRWD has experienced impressive top-line growth over the past several years. But, in the highly competitive enterprise cybersecurity space, its revenue growth has not been easily won. In fact, it has been “purchased”, as seen not just by its SBC trend-line, but its overall SG&A and R&D costs. SG&A and R&D have risen to $1.2bn in 2021, which represents ~83% of revenue over the same period (it was also ~83% in 2020, so moving up with revenue). And, despite its aerial valuation, its top-line growth is descending rapidly – CRWD saw 81% revenue growth in 2020, 65% in 2021, and is guiding to 48% in 2022.

Intense Industry Competition

The fundamental reason why CRWD needs to spend so much on SBC and SG&A is its competitive environment. The market is saturated with enterprise cybersecurity vendors that are fighting over the same corporate budget. In this competitive arena, CrowdStrike is up against both established rivals from above – most notably, Microsoft (MSFT), a juggernaut in the space – as well as next-gen, rapidly improving cybersecurity companies from below, including SentinelOne (S). To illustrate these competitive pressures, here’s a brief overview of a couple of products in the market, one from an established player and another from a next-gen, purely AI-driven vendor:

Microsoft

Defender for Endpoint is a very competitive cybersecurity product that Microsoft has invested billions of R&D into. It’s considered easy to deploy and manage due to native integration with the Windows operating system. Importantly, it’s included in some of the Microsoft bundle licenses, but still has support for non-Windows operating systems, such as MacOS and Linux. They leverage their own hyper-scale cloud infrastructure (Azure) and so have tremendous cost advantages over CrowdStrike, which has to pass its own cloud costs onto customers. And it’s easy to sell – there is minimal career risk for IT leaders to select Microsoft as their vendor.

SentinelOne

SentinelOne’s Singularity XDR platform is entirely AI-driven and does not rely on human analysts (unlike CrowdStrike’s Falcon product). It blends together on-site appliances, cloud-based services, and AI, which they say allows it to respond more quickly to threats than a cloud-native service like CrowdStrike. Overall, it advertises very similar capabilities overall to CrowdStrike but is less expensive.

Objective Third-party Comparisons (S vs. CRWD)

How can we, as non-experts, understand the relative merits of all of these products? Luckily, there are trusted third parties that evaluate cybersecurity vendors – including the well-respected MITRE Engenuity ATT&CK Evaluations program. How has CrowdStrike performed in these assessments? Well, not bad, exactly. But, 3 years running, SentinelOne’s more cost-efficient Singularity Platform has outperformed in those evaluations. Notably, Singularity is fully AI-driven (unlike CrowdStrike’s Falcon product). The results are detailed here. SentinelOne is still an early stage, next-gen competitor that is improving its AI/ML detection capabilities over time.

In addition to SentielOne, other competitors in this space include: Microsoft, Cylance, Palo Alto Networks (PANW), Symantec, McAfee, Carbon Black, and many others.

The market is saturated with well-funded, cybersecurity vendors.

Recent Press

There have been a couple of partnerships announced recently that has gotten some positive press. Let’s take a look at each and see if they can justify CRWD’s recent 43% bounce.

Cloudflare Integration

Cloudflare (NET) announced a plan to deepen integration between Cloudflare’s Zero Trust offerings and CrowdStrike’s Falcon product. These types of partnerships are positive, as they will make it easier for Cloudflare-native customers to deploy CrowdStrike’s solution. Broadening their partner ecosystem is a good thing for CRWD – however, this partnership is over-hyped and does not change the realities of their competitive positioning. Cloudflare already has similar integrations with SentinelOne, and as Cloudflare’s cloud offerings mature, they will continue to integrate with more of CRWD’s competitors. These types of integrations are necessary for CrowdStrike to remain competitive, but they are not a major differentiator from its competitors.

CIDP

The second partnership is the so-called Critical Infrastructure Defense Project (CIDP). It includes Cloudflare and Ping Identity (PING) and is set-up to provide cybersecurity solutions to critical infrastructure (hospitals, energy utilities, etc.) in the U.S. CRWD is providing the endpoint protection component of this offering, the other identity management and zero-trust offerings come from Ping and Cloudflare. This is a bullish development long-term if it results in deeper public-sector relationships. However, it will not bring in revenue in the near term, as they are offering these services for free. Overall, while these partnerships are positive for the company, the market has overreacted.

Conclusion

CrowdStrike is expensive and due for a re-rating. The competitive environment and CRWD’s rising costs will make it very difficult for CRWD to grow its margins, and justify its multiple, in the coming quarters. Shareholders are set-up for disappointment.

Beyond CRWD’s own operational issues, there are also macroeconomic headwinds. As a high-flying growth stock, CRWD is very sensitive to the rate environment. As rates rise and financial conditions inevitably tighten, the present value of CRWD’s (very) distant cash flows is set to dramatically fall. We recommend that investors “don’t fight the fed.”

For current owners, CRWD’s recent rally presents an excellent opportunity to exit the stock.



Original Source link

Leave a Reply

Your email address will not be published.

three + four =