Last week, Company: CrowdStrike Holdings, Inc. (NASDAQ: CRWD) gave initial guidance based on the reading of the global service disruption caused in July. The cybersecurity specialist lowered guidance, but the market welcomed the limited impacts on the business so far. My investment thesis remains ultra-bearish on stocks trading at extreme valuations, and clients are already reluctant to sign new deals.
Focus on FQ3 orientation
On July 19, CrowdStrike caused a global outage that affected at least 8.5 million devices of customers who use Microsoft (MSFT) via a Channel File 291 incident. Most customers were back online within hours and some within days, but CrowdStrike is currently facing a $500 million lawsuit against Delta airlines (DAL) due to a disruption that lasted all weekend and caused the cancellation of 7,000 flights.
The cybersecurity company has The quarter ends in July, so clearly the disruption was going to have a limited impact on Q2 results. The real key to the investment story is the ripple effects in subsequent quarters.
CrowdStrike reported the following results for the quarter ended July 31:
The first key is that the company beat consensus targets by more than $5 million, similar to previous quarters. On the Q2 2025 earnings call, CEO George Kurtz talked about customer contracts being delayed as follows:
As the incident on July 19 occurred in the last two weeks of the quarter, when a significant portion of our sales are normally closed, it delayed transactions until subsequent quarters. The vast majority of these transactions are still in progress.
CrowdStrike closed some very large deals at the end of the quarter, indicating that existing customers were less hesitant, but the CFO continued to provide more details about the deals that had been struck. According to the executive, none of these deals had closed as of the close of the results on August 28, or nearly a month after the quarter ended:
The July 19 incident had a significant impact on the final two weeks of the quarter as we quickly mobilized teams to assist customers but continued to close deals, including a nine-figure expansion in deal value. While deals can increase in any quarter, this quarter we experienced elevated levels of More than 60 million dollars in agreements that we had line of sight for the quarter and that we were still open as of Monday. We expect these deals to close in the coming quarters.
These delayed deals impact future results to the extent that these customers eventually sign up with CrowdStrike. If the cybersecurity specialist loses customers, such as Delta Air Lines, in the process, the numbers could quickly get worse.
CrowdStrike expects third-quarter revenue of $979 million to $984 million, representing growth of approximately 25%. The growth rate is expected to decelerate by 7 percentage points from the 32% growth rate reported in the recently reported quarter.
More importantly, CrowdStrike missed consensus estimates of $1.01 billion by nearly $20 million. It’s also important to note that the company only expects revenue to increase by about $20 million sequentially, leading to limited growth in the coming quarters.
For example, CrowdStrike just added nearly $63 million in sequential revenue, and in the third fiscal quarter, sequential revenue increased by nearly $55 million on a revenue base of about $230 million less. Management suggests that the remaining two quarters have a reduction in subscription revenue of about $30 million due to customer incentives to extend Falcon platform subscription commitments, seemingly unrelated to the outage and at an odd time.
The key is whether CrowdStrike can convince new customers to sign up for the services or, conversely, existing customers to expand the services. Although Elon Musk has suggested that his companies, Tesla (TSLA), SpaceX, and Twitter/X have all removed CrowdStrike products, most companies are unwilling to aggressively remove services knowing a replacement must be added, so any retention incentive would make sense for existing customers.
Sentinel One (S) recently reported its quarterly results with expectations of gaining market share from CrowdStrike due to the outage. The cybersecurity peer did not report any major revenue increases, but management did make the following statement on the recent earnings call:
A few weeks ago at Black Hat, we heard from several companies that they want to diversify their cybersecurity technologies and mitigate the risk of another global service outage. SentinelOne generated a lot of excitement and interest.
Companies aren’t making hasty decisions. They need to figure out how to make the transition, but this change is a positive for SentinelOne in the broader enterprise security landscape. This will continue for years to come as companies investigate the web of liabilities and risks that this historic disruption uncovered.
Cybersecurity sales cycles can last between 9 and 12 months, so the after-effects will extend into July of next year.
Overlooked impact
The stock was already falling before July 19, when CrowdStrike failed to break above $400 just weeks earlier and closed at $343 on July 18. The stock fell to a late 2023 low around $200, but CrowdStrike has already aggressively rallied to $275, where there is now strong resistance.
Market capitalization is back at $68 billion, with a market value of $65 billion based on a net cash balance of $3 billion. Investors have quickly overlooked the effects of the supply disruption and are already paying a premium price for the stock.
CrowdStrike is approaching $1 billion in quarterly revenue, while the stock has a market value of $65 billion. The stock now trades at a forward EV/S multiple of 16x, while Palo Alto Networks (PANW) is trading below 13x and SentinelOne at 9x.
Even if an investor believes CrowdStrike will stabilize with growth rates in the mid-20% range, the stock should trade much closer to the valuations of its peers in the cybersecurity space.
Furthermore, the ultimate outcome of any litigation is not known. CrowdStrike suggests that contractual obligations and insurance should limit any financial impact, but one should not pay a premium for a company with unknown litigation and slower growth rates.
The company is clearly suggesting that new deals are likely to require CEO and, in some cases, board approval, which will delay deals for likely quarters. In reality, customers may not be willing to switch to CrowdStrike until up to six months of uneventful operations remove executive restrictions.
The risk is that growth slows further in the fiscal fourth quarter, and the market doesn’t seem to understand that weak revenue guidance is entirely due to lower revenue from additional customer engagements. Even if growth rates remain around 20%, CrowdStrike should trade more in the range of 7 to 10 times EV/S targets, similar to where SentinelOne already trades despite having even higher sales growth targets.
Carry
The key takeaway for investors is that the ripple effects of the global service outage are only now starting to impact CrowdStrike's quarterly expectations. The current quarter will see the biggest impact, as investors continue to pay huge premiums for the stock. CrowdStrike still has considerable room to fall.