CrowdStrike Holdings, Inc. (CRWD) Q4 2020 Earnings Call Transcript
Published at 2020-03-19 00:00:00
Ladies and gentlemen, thank you for standing by, and welcome to the CrowdStrike Holdings Fourth Quarter and Fiscal Year 2020 Financial Results Conference Call. [Operator Instructions] Please be advised that today's conference is being recorded. [Operator Instructions] I will now hand the conference over to your speaker today, Maria Riley, Investor Relations for CrowdStrike.
Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, President and Chief Executive Officer and Co-Founder of CrowdStrike; and Burt Podbere, Chief Financial Officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives and expected performance are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call. While we believe any forward-looking statements we have made are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements, whether as a result of new information, future events or otherwise. Further information on these and other factors that could affect the company's financial results is included in filings we make with the SEC from time to time, including the section titled Risk Factors in the company's quarterly and annual reports that we file with the SEC. Also, unless otherwise stated, excluding revenue, all financial measures discussed on this call will be non-GAAP. A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our press release, which may be found on the Investor Relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. Now I will turn the call over to George to begin.
Thank you, Maria, and thank you all for joining us today. We hope everyone is staying healthy. Our thoughts are with everyone affected by the coronavirus. Our top priority is ensuring the health and safety of all our colleagues, customers and partners around the globe. We have implemented necessary safeguards to help protect them, which includes hosting this call remotely. We have a lot of ground to cover today, and I will start by summarizing 3 key points: First, the dynamics of the competitive landscape are the best I have seen in my 27-year career. We believe this is the beginning of a multiyear trend as being driven by the industry consolidation that took place last year, along with the seismic shift to cloud technologies. Second, customers and partners are increasingly choosing CrowdStrike as their security cloud platform and partner of choice. As a result, we are landing bigger with more modules and increasing the number of new customers that start with ARR over $1 million. And third, regardless of the spending environment, cybersecurity is not a discretionary purchase for organizations. Cybersecurity is mission-critical to both the public and private sector. End point or workload security is also essential to protecting a remote workforce. While the impact to the macro economy from the coronavirus is unfolding in real time, we know it is forcing companies to conduct business differently and rapidly shift to a remote workforce. With our cloud-native platform, our lightweight agent that is easily deployed at scale and our frictionless go-to-market engine, CrowdStrike is uniquely positioned to meet their cybersecurity needs. Now let's discuss our results and get into these topics in more detail. Across the board, we delivered another exceptional quarter at CrowdStrike with record results well exceeding our expectations. During the quarter, we added a record $99 million in net new ARR. And year-over-year, we increased the number of net new subscription customers by 116%, achieving 90% subscription revenue growth and 89% total revenue growth, which was above the high end of our guidance. The fourth quarter tops off a historic year for CrowdStrike in which we delivered exceptional growth at scale, significantly improved our margins and achieved positive free cash flow for the year. We ended the year at $600 million in ARR, up 92% over last year and revenue of $481 million, up 93%, making us one of the fastest-growing SaaS companies at scale. Subscription revenue grew even faster, up 99% to reach $436 million. We believe our robust results this year speak to our relentless commitment to stopping breaches, our growing leadership in the Security Cloud category and our frictionless go-to-market engine. All of this is made possible by the exceptional execution of the CrowdStrike team. We have an amazing company and I would like to personally thank every CrowdStriker for their unwavering dedication to protecting and empowering our customers. I couldn't be more pleased with everything we've accomplished together or more excited about our future opportunities. The seismic shift to cloud-native technologies and cloud workloads, including containers, has created an environment with massive greenfield opportunities. While our competitors are distracted trying to integrate acquired technologies, rationalizing their workforce or retooling their on-prem offerings, CrowdStrike's mission, platform and brand are clearly resonating with customers and partners. Furthermore, as Broadcom began integrating Symantec, we saw an increase in inquiries among both customers and partners. We believe these dynamics have contributed to an expansion in our pipeline and acceleration in our overall customer adoption and increased engagement with our partners. More specifically, on the partner front, we have seen significant demand as they look to protect customers who are left searching for better alternatives as Symantec abandons large segments of the market. Several partners in the United States and abroad have launched Symantec replacement campaigns. We are closely collaborating with them to put together robust solutions at compelling price points. One of our partners submitted a list of several thousand of their customers that will be migrating away from Symantec in the next year, and we found that there was very little overlap between these prospects and our existing customer base. This year, we more than doubled our customer base and now protect 5,431 customers. We added 870 net new customers in Q4, which is up 136% year-over-year. This is our eighth consecutive quarter to add a record number of net new customers. CIOs and CISOs are looking for a strategic partner to help them bridge the skills gap and simplify their operations while at the same time reducing cost. They're also looking for ways to leverage enhanced automation in their security operations to increase efficacy and free up resources. These organizations are increasingly turning to the Falcon platform to protect an array of workloads, stop breaches and restore system performance. Our platform strategy is gaining momentum. We hear this from the many conversations we've had with customers, prospects and partners every day, and we see it in our metrics. Within new enterprise customers, we are landing bigger with more modules. In this quarter, we more than doubled the number of new customers starting out with greater than $1 million of ARR compared to Q4 of last year. Additionally, across all new customers, we saw the average number of modules increase in every quarter this past fiscal year. We also continue to expand module adoption within our existing customer base. This quarter, the percentage of all subscription customers with 4 or more modules once again increased, and those that adopted 5 or more cloud modules grew to 1/3 of our customer base. As customers adopt more modules that span a wide array of workloads, we believe it strengthens our customer relationship and increases our strategic value with the customer. Let me share a few customer examples that demonstrate how the power of the Falcon platform translated into strategic customer wins and provided immediate value to the customer. The first customer win is with a leading online marketplace, where we displaced an autonomous next-gen antivirus vendor. The security team at this company was frustrated by the incumbent's product due to the large volume of false positives, insufficient end point fidelity to triage and remediate alerts and limited functionality across operating systems on top of that lackluster customer support. While the lead for this opportunity came from the AWS Marketplace, this organization was initially looking for a platform that encompassed EDR and AV to protect their enterprise workstations and servers in a Phase 1 rollout to their cloud assets. In the customers' words, CrowdStrike "crushed" the competitive bake-off against both next-gen and legacy players and won the business. Additionally, this customer quickly realized the value our platform provides by consolidating functions with our intelligent single agent and AI-powered Threat Graph. Expanding this deal beyond the initial RFP of EDR and next-gen AV, this new CrowdStrike customer adopted 6 modules, which included Discover for IT operations and Falcon X for intelligence. Additionally, we still have the opportunity to expand further into the AWS production environment. The next one I will share with you showcases how the Falcon platform helped a Global 2000 manufacturer enhance and streamline its security posture as well as bridge the security resource gap. This new CrowdStrike customer was previously using an operating system's ATP service and 2 next-gen vendors for EDR and AV. This patchwork of disparate vendors was ineffective and a burden on their resource-constrained security team. Because a large percentage of the customer's environment was not on the latest build of Windows, they could not update to newer versions of their ATP solution. Additionally, the EDR vendor did not provide the user-level visibility on alerts or provide advanced remediation features. This resulted in a cumbersome, manual remediation process and often require the security team to reach out to users directly. With 1 year left on the next-gen EDR's vendors contract, this customer kicked off a reevaluation and called in CrowdStrike. They replaced all 3 end point security solutions with the Falcon platform and adopted 7 modules, providing them with comprehensive protection and visibility in their environment and freeing up internal resources. The next customer win I will share with you was also looking to consolidate its legacy end point security stack and gain better protection and visibility across its full environment. This global manufacturer chose to evaluate CrowdStrike because we are viewed as the market leader with a reputation of deploying across large, complex environments quickly. During the sales process, their existing legacy vendor failed and they fell victim to malicious activity, shutting down production at one of their major international facilities. The customer rushed to deploy the CrowdStrike solution to more than 90,000 end points over a weekend and was able to quickly identify and contain the adversary. The ability to deploy this solution quickly saved the customer millions in manufacturing line productivity losses. Beyond the immediate value provided by remediating the breach, this customer realized additional value by significantly streamlining their security stack. With the Falcon platform, they eliminated 7 legacy tools and considerably improved their visibility and security posture. The final customer win I would like to share with you is Splunk. They were using an autonomous next-gen vendor and were frustrated with the fidelity of alerts and the difficulty of ongoing maintenance and upgrades. Splunk kicked off a competitive evaluation of other next-gen solutions, ultimately consolidating on the CrowdStrike platform. Splunk chose the Falcon platform for its ease of use, low false positive rate and single agent. Splunk adopted multiple modules across the platform, including Spotlight, Discover for IT operations as well as Falcon X for integrated threat intelligence. To summarize, we are winning with customers across diverse industries, geographies and size because of our proven efficacy in stopping breaches; our cloud-native platform and lightweight single agent that is easily deployed at scale across public, private and hybrid cloud environments; our ability to provide security and visibility across all workloads end to end; the predictive power of our AI-driven Threat Graph that gets smarter the more data it consumes. In real time, our Threat Graph now processes over 3 trillion events per week. Each new end point joining our crowdsourced network increases our data moat and long-term competitive advantage. And we enable customers to consolidate agents, increase workload performance and bridge their security skills gap as a force multiplier, all of which helps our customers realize immediate time to value and reduce cost. Before I turn the call over to Burt, I would like to make a few comments on the current environment as it relates to the impact from the coronavirus outbreak. We have implemented several measures to ensure the safety of the CrowdStrike family, and given we are a company built to thrive with a remote workforce, we do not expect these measures to lead to a disruption in our workflow. On a regular basis, approximately 70% of our employees work remotely. From inception, the company was designed to accommodate a remote workforce that is geographically dispersed and highly nimble. As it relates to the demand environment, at this point in time, we have not experienced an impact in our ability to close business due to the coronavirus. As many of you on this call would agree, we are in an uncertain macroeconomic environment and the situation is fluid. However, there are 4 key facets to our business that we believe are important to investors to remember. First, while coronavirus is having an impact on the global economy, it will not stop cyber adversaries. Cybersecurity has and will remain essential and mission-critical to organizations as it provides business resiliency and meets compliance requirements. In times of crisis, adversaries will try to exploit the situation, preying on the public's fear, and escalate new attacks. I know it's difficult to imagine but we've already seen nation-state adversaries and e-criminals launch phishing campaigns using coronavirus as bait. We allow our customers to stay ahead of these threats whether they are at home, in the office or in the cloud. To further protect and aid the CrowdStrike community, we launched a coronavirus surge relief plan that allows our customers to surge the number of end points for up to 60 days. This will enable existing customers to quickly onboard new remote workers without having to worry about a procurement cycle. Additionally, we launched a Falcon Prevent for Home Use program that allows company administrators to install Falcon Prevent on their employees' home systems. These free of charge programs have been well received by customers in their time of need. Second, as organizations move their workforce outside of physical offices, their threat landscape grows exponentially. They need to rapidly provision fleets of new end points, such as laptops and mobile devices, and spin up new cloud workloads while ensuring that every workload everywhere is protected with real-time security even when the user is off-line. To put this in perspective, I will note that one of our large enterprise customers recently rushed to buy 12,000 laptops for newly remote employees and we'll be protecting those with Falcon. The security challenges associated with a remote workforce are best solved by a cloud-native security platform. Because CrowdStrike Falcon platform is cloud-native and does not require physical infrastructure, it allows customers to easily and remotely deploy, manage and protect their workloads at scale irrespective of where their employees are located. Third, when organizations are pressured to reduce cost, they will look for the security platform that not only provides them with the highest level of protection visibility but one that also consolidates agents, reduces hardware and operating cost and streamlines operations. This is exactly how CrowdStrike routinely helps customers save money, with some customers citing a 3x return on their CrowdStrike investment. Fourth, with Falcon Complete, our fully managed end point protection offering, we virtualize security operations and protect customers when they do not have the resources or ability to do so. In a time when customer security teams may be short-staffed or working from home, Falcon Complete is a force multiplier for customers as it enables them to significantly increase their security resources and broaden their expertise across all time zones on a 24/7 basis. While we are unable to predict what will happen in the macro economy, we believe these elements and the fact that security is mission-critical to organizations give us significant advantages in any environment. We are aligning our resources to reach customers in light of the current environment, which includes shifting marketing investment more towards our digital channel for the near term. Additionally, Mike Carpenter, CrowdStrike's President of Global Sales and Field Operations, and I are kicking off a new 100 by 100 international tour, where we will meet with 100 of our customers and prospects in 100 days, all remotely via Zoom. It is our view that during times like this, the best companies continue to innovate, focus on customer success and emerge stronger than ever before. And when we look past the short term, we believe the powerful combination of our cloud-native platform and frictionless go-to-market engine, which includes trial to pay and in-app trial offerings as well as emerging channels such as AWS Marketplace, position us well as the fundamental end point platform of the future. We will continue to focus on driving customer success and expanding our lead over the competition. With that, I'll turn the call over to Burt.
Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP. We delivered another outstanding quarter with strength in multiple areas of the business, including records in net new ARR, net new customers and free cash flow. In the fourth quarter, we delivered 92% ARR growth year-over-year to reach $600.5 million. We added $98.7 million in net new ARR, setting a new record for the fourth consecutive quarter and representing 69% year-over-year growth. The growth in ARR was driven by another strong quarter for new local acquisition and expansion business coupled with low contraction in churn within our existing customer base. We have been very pleased with the success we have seen with our land-and-expand strategy and with our continued best-in-class gross retention rate of 98% for Q4 and FY '20. Our dollar-based net retention rate, which is intended to measure expansion in existing customer subscriptions over a 12-month period, exceeded the 120% benchmark we set at the beginning of the year. Net retention came in at 124% as of the end of FY '20, which compares to 147% in FY '19 and 119% at the end of FY '18. For the interim to FY '20 quarters, net retention was 131% in Q3, 133% in Q2 and 142% in Q1. As you may recall, in Q4 of FY '19, we had an outsized expansion deal that contributed 11 percentage points to our net retention in that quarter. While we once again expanded within this account in Q4 of FY '20, the impact was smaller than the prior year as we have expected. As George mentioned, we are seeing strong success with our strategy to land bigger with more modules, and we are also seeing an acceleration in new logo business, which further accelerated in Q4 as the dynamics in the competitive landscape shifted in our favor. We view these 2 trends as positive developments and very healthy long-term indicators for our business, but they have a natural trade-off on expansions in the near term. Moving to the P&L. Total revenue grew 89% over Q4 of last year to reach $152.1 million. Subscription revenue grew 90% over Q4 of last year to reach $138.5 million. In terms of geographic breakdown, approximately 73% of fourth quarter revenue was derived from customers in the U.S., 14% from Europe, Middle East and Africa markets, 9% from Asia Pacific and 4% from other markets. We remain focused on building a long-term business with sustainable growth and compelling margins. In Q4, we continued to recognize operating leverage in our SaaS model and the benefits of scale even as we increased investments in our global reach and cloud platform. Fourth quarter non-GAAP gross margin improved to 73% from 67% a year ago. Our non-GAAP subscription gross margin increased to 77%, a 700 basis point increase from Q4 of last year. Total non-GAAP operating expenses in the fourth quarter were $118.4 million or 78% of revenue versus $81.8 million last year or 102% of revenue. Scaling our business efficiently is a top priority, which is why we focus on our unit economics, including Magic Number. In Q4, we ended with a Magic Number of 1.2, which we consider to be very strong and represents an improvement in our sales and marketing efficiency. We reported a non-GAAP operating loss of $6.7 million. As a result of our rapid top line growth, expanding gross margin profile and continued disciplined approach to investing in our business, we drove strong operating leverage in the quarter. Our non-GAAP operating margin improved 31 percentage points year-over-year. Q4 represents our fifth consecutive quarter of improving non-GAAP operating loss on both a dollar and a margin basis. We have a proven history of disciplined investing and remain committed to maintaining a thoughtful balance between generating top line growth and achieving operating leverage. Non-GAAP net loss in Q4 was $3.9 million or $0.02 on a per share basis, which compares to a non-GAAP net loss of $28.0 million or $0.60 per share in Q4 of last year. The weighted average common shares used to calculate fourth quarter EPS was 207.6 million shares in Q4 fiscal 2020 and 46.4 million shares in the Q4 fiscal 2019 period. Turning now to the balance sheet. Cash, cash equivalents and marketable securities increased to $912.1 million. Our execution this quarter led to strong cash flow. Cash flow from operations was positive $66.1 million, and free cash flow was positive $50.7 million, reflecting improved operating leverage, growth in deferred revenue and strong collections. Before moving to our guidance, I will provide several modeling points: First, as we have previously noted and is typical for enterprise software companies, we expect to see seasonality in net new ARR generation moving from Q4 to Q1. We would also like you to keep in mind that we see operating margin seasonality in the first half of the year given a step-up in payroll taxes, new hires and annual events, including sales kickoff and RSA. And as you'd expect, these factors will impact the timing of operating cash and free cash flow, with Q2 experiencing the biggest seasonal impact. This year, we expect to see negative operating and free cash flow in the second quarter, and we are maintaining our guidance to be operating cash and free cash flow positive for the full year. We implemented our employee stock purchase plan in July of 2019. As a result, we saw a benefit to free cash flow of approximately $8 million in Q3 of FY '20 and a net decrease of approximately $4 million in Q4 of FY '20 as we made the first purchase. Looking into FY '21, we currently expect to accrue between $10 million and $11 million per quarter for this benefit, with the corresponding offset of approximately $20 million reflected in both Q2 and Q4. In summary, we expect to see benefits from employee contributions in Q1 and Q3 and net outflows for purchases in Q2 and Q4. Moving to our guidance for the first quarter and full year fiscal 2021. We continue to remain optimistic about the demand for our offerings. We have powerful secular trends fueling our growth, including a growing threat landscape, a favorable competitive dynamic and the proliferation of cloud workloads combined with an increasing remote workforce. While the full impact of the macro economy from the coronavirus is still unfolding and we continue to closely monitor the business environment, we believe our guidance is appropriately prudent based on what we know today. For Q1. Total revenue is expected to be in the range of $164.3 to $167.6 million, reflecting a year-over-year growth rate of 71% to 74%, with subscription revenue being the dominant driver of growth. We expect non-GAAP loss from operations to be in the range of $16.2 million to $13.9 million and non-GAAP net loss to be in the range of $14.0 million to $11.7 million. Utilizing weighted average shares used in computing non-GAAP net loss per share, basic and diluted, of 211.3 million, we expect non-GAAP net loss per share, basic and diluted, in the range of $0.07 to $0.06. For the full fiscal year 2021. We currently expect total revenue to be in the range of $723.3 to $733.5 million, reflecting a growth rate of 50% to 52% over the 2020 fiscal year. Non-GAAP loss from operations is expected to be between $37.1 million and $29.9 million. Additionally, we continue to expect to achieve non-GAAP operating income breakeven in the fourth quarter of fiscal year 2021 while at the same time continuing to aggressively invest in our market opportunity. We expect fiscal 2021 non-GAAP net loss to be between $29.3 million and $22.1 million. Utilizing weighted average shares used in computing non-GAAP net loss per share, basic and diluted, of 212.5 million, we expect non-GAAP net loss per share to be in the range of $0.14 to $0.10. We are pleased with the strong results we are reporting today and believe we have the capacity and resources to continue driving the business forward over the long term. George and I will now take your questions.
[Operator Instructions] Our first question is from Sterling Auty with JPMorgan.
So wondering amidst the COVID-19 situation that we're in, you touched upon some of it, but I just want to make sure I put a finer point. How are the sales processes and even more specifically the implementation process impacted? And is there any concern -- while maybe CrowdStrike is used to working remote, perhaps your customers are not. So how do you mitigate some of those factors in terms of sales cycles?
Sure. Thanks, Sterling. Well, as you mentioned and as we pointed out, we've done a good job for many years working remotely, but we need to make sure that we can get ahold of the customers. I think there are a couple of things that are working in our favor: Number one, there's lots of folks that are actually home and working remotely. And I think we've been big fans and users assume that we've been able to move our sales operation to fully remote. We've been able to actually increase our first business meetings by 13% just by doing this because people are around in home and we're able to get in front of them. So from our perspective, whether it's the inside sales team or whether it's the field sales team, I think we've done a good job of reaching out, plus we've combined that with additional advertising, digital trial to pay, and we continue to work the inside sales motion. So from that standpoint, I think we've been able to fully keep the machine operationalized. And in many cases, where people have been busy during the day, they're sort of at home and we actually have their focus. So those first business meetings have taken place, and we are leveraging all of the remote technology that we have to get to our customers.
Great. And then one follow-up for you, Burt. You mentioned that the guidance is prudent in light of what you've seen, but just again to make sure, would the guidance have actually been higher if COVID-19 had not broken out into this pandemic that we've seen?
Sterling, thanks. So just to reiterate, we do believe that we've appropriately derisked our guidance, but as you know, it's a fluid situation. We believe our guidance is appropriately prudent based on what we know today, including coronavirus. As of today, we haven't seen a change in our ability to close business. Our pipeline is at record levels. We've talked to our sales leaders and the theaters and we like where we're at. But we want to be prudent in light of the current macro situation, and out of abundance of caution, we derisked our guidance.
Our next question is from Saket Kalia with Barclays.
George, maybe just to start with you. Definitely hearing the customer displacement opportunities here with competitors like Symantec, for example. But I guess I want to ask about the competitive opportunity from a different angle and I think you touched it on your prepared remarks. Is there an opportunity to really grow your share of the channel while others like Symantec are seeing disruption? So not the customer share but actually customer -- rather share of the actual channel out there.
Well, thanks, Saket. And absolutely, as I mentioned in the prepared remarks, we are seeing many, many partners come our way particularly from the Symantec channel. They realize that in today's environment, their customers are demanding solutions that can easily be deployed frictionless to a remote workforce as well as on-premise or cloud workloads. And there's a strong demand from the partners. There's a lot of inbound from partners looking to move their customer base to us as Symantec and Broadcom abandoned many of the customers that are out there. So they want to make sure their customers are taken care of. And obviously, we've continued to evolve and mature our partner program. And whether it's a managed service provider, whether it's a traditional reseller, whether it's any number of partners that we have, they're certainly looking to be with a market leader and someone who can solve their problem. And just given today's environment with the remote workforce, it's hard to set up these on-premise systems and accept service and things of that nature remotely. So we've definitely seen an uptick in the remote workforce being provisioned and rolled out to organizations who -- their workers are actually at home. And I think we're in a perfect position to do that.
Makes sense. Maybe for my follow-up for you, Burt. Nice job hitting positive operating cash flow, I think faster and greater magnitude than most of us thought. As the business continues to scale, how do you think about cash flow vis-à-vis ARR or revenue? Are there any sort of rules of thumb that you'd have us think about with respect to either operating cash flow or free cash flow as that recurring revenue base kind of continues to grow?
Saket, first, let me remark just on your comment about hitting positive cash flow faster than most of you thought. I think -- the first thing that I just want to comment on that is the fact that we did have a strong over-performance in the quarter. Other things that kind of related to that, we had strong gross margins, we had strong operating leverage, and we also had a strong collections in the quarter. So it all contributed to reaching cash flow positive than originally thought. As it goes to with -- as your comment goes to how do we think about it in the future, I think I want to just reiterate the fact that, hey, we've said to the world that we're going to be free cash flow positive next year. On a quarterly basis though, there are going to be some quarters where we have negative cash flow, specifically Q2. So as we think about seasonality, it is in the business from both cash flow as well as ARR. With respect to ARR, Q4 going into Q1, we had commented on the fact that we're going to see a dip which is consistent with what we've seen historically. So as we think about cash flow and as we think about where we're going to end up, right now, we feel that we're in a really good spot with respect to our cash position. We've got $912 million on the balance sheet and we have an additional credit facility of $150 million as well. So combined, we're over $1 billion in available cash. So I think we're in a pretty good spot and I think that we've got a good handle on where we see the cash flow going from here, as I've just remarked.
And our next question is from Brad Zelnick with Crédit Suisse.
Congratulations on a really nice finish to the year. My question, I know -- I hate to keep piling on to this but as it relates to COVID-19 and the impact of the business. Specifically, I wanted to ask about small businesses because I mean the headlines are passing all of our screens in real time. We're seeing certain sectors of the economy just getting the obliterated, whether it be restaurants, airlines, lodging, et cetera. They seem to really be hurting right now. How does this change your thinking, if at all, about investing down market for growth at this point?
Well, thank you for your comments. And I don't think it changes our investment at all. We've seen an acceleration in the SMB market, obviously, with a trial to pay and a sales motion that just encourages organizations to come to us and try it out. We've been very successful. And in fact, we've seen definitely an uptick in smaller businesses coming our way because they just -- they're not prepared for what's happening. Obviously, with COVID-19, it's a serious situation for them. And at the same time, they still need to keep this running. And I think one of the big drivers that we've seen is ransomware. There are so many small businesses that have been just obliterated by ransomware because they continue to use traditional, signature-based AV. So I think we've been very successful in helping companies migrate away from that and deal with that problem. At the same time now, they're struggling with just keeping open. And I think as a company, we've done a good job in helping organizations see the value and basically provide the outcome they're looking for, keep up and running, not have to worry about security. In many cases, they don't actually have the personnel to deal with it. And with our Falcon Complete, it's been an absolute home run in the SMB and the corporate market because we're able to deal with kind of a human issue for them as a force multiplier. So we continue to invest there. I think from a security perspective, it really is a foundational element. They can't do without it, they can't keep their businesses up and running, and we're going to continue to support them in any way we can.
And maybe one for Burt. Burt, in your prepared remarks, you talked about seasonality in ARR from Q4 to Q1. Can you maybe put a finer point to that of how we should think about ARR seasonality throughout the year and if at all we might expect COVID at least here in Q1 to be exceptional as we think about what it otherwise would have looked like if we were talking a month ago?
Sure. So as you know, we don't guide to ARR, but we do talk about revenue in the guide. We feel that we've appropriately guided for Q1, taking into consideration everything including coronavirus. I think about the seasonality in ARR being fairly consistent with prior periods. Again, the dip that we see -- that we're likely to see in Q1 is consistent with what we've seen in prior periods, and then there's an uptick as we go through the year.
Our next question comes from Joel Fishbein with SunTrust.
Congrats again on a great quarter. I have a quick question on fed. Just in this environment, I know it might be a little premature, but the fed ramp and how the fed is adopting. I'd expect -- I would love to hear George. How that's going? You didn't really call it out. And then I have a follow-up quickly for Burt.
Sure. It's going really well. Fed is part of our overall state, local and fed operation. And in general, just the fed piece is up over 200% year-over-year. Customer acquisition is up. And when you look at the concern in the federal government, you look at the various hacks that have been out there, the fed government is increasingly calling on CrowdStrike to seek guidance and understand the threat level and certainly adopting our technology to help protect against those many persistent threats that are out there. So it's still a relatively small business for us as we just got the FedRAMP certification a while back, I guess a short time ago, over the last 18 months or so. And we continue to grow that. So that's a great market for us. And then as you expand that out into state, local, we've got many states that are CrowdStrike customers. They continue to adopt us. Again, ransomware is a big issue for some of these small municipalities or even some of the larger state governments, and CrowdStrike has been a real critical part of their overall operation.
And Burt, real quick follow-up for you. The message has been, look, you guys are growing very, very fast. You're gaining big customers at a very fast clip. I think that one concern out there is for companies that aren't cash flow positive, and you've actually shown cash flow positive this quarter that in the event that things do go south. Maybe you just talk about what levers you can pull, if necessary, to make yourselves more profitable if things did go south. So give investors a little bit of confidence there.
Yes. Thanks, Joel. Yes. So as a reminder, we've been free cash flow positive for the last 2 quarters. And similarly what I said on an earlier question is that we have a really strong balance sheet at the moment, right? $912 million on the balance sheet in cash, cash equivalents, and we've got an additional credit facility of $150 million. We see this -- even if things go south, we'll continue to go south from a macro perspective. We still believe that we've got great unit economics. We've got the business very dialed in. We've got opportunities to continue to go after an environment that's opened up to us with respect to our competitors. So we're in a really good spot in terms of being able to withstand any continued downturn in the environment. And the good news for us is that we've seen several consecutive quarters of improving leverage. So we're not going to stray from looking at our unit economics as we continue to invest even when there is a continued downturn in the macroeconomic environment.
Our next question is from Alex Henderson with Needham.
Just a quick bookkeeping. If you guys were profitable, what would your share count be for valuation purposes? The question I wanted to ask really was around the pricing side of things or the demand side of things. To what extent have you seen any of your customers implement broad spending freezes? And to what extent are you seeing your product line and your -- and security in particular against that backdrop be exempt from that spending freeze? If you could help us out understanding that differential between the actions broadly that the companies are taking versus what they're taking relative to security, that would be really helpful. And then one other question while I was added, just going back for Burt. The decision to continue to invest, I assume you're still adding salespeople at a pretty aggressive rate. I assume that they become more available in this environment. Can you give us any sense of the rate of staffing up in the sales and marketing side of things?
Thanks, Alex. First, I'll comment on your question about shares. So basically, for valuation purposes, I would use 233 million shares. With respect to the sales heads, we're continuing to invest for sure. Yes, in this environment, there are going to be more that's going to be available in the group that we look at to hire from. So we're going to obviously take advantage of that and take advantage of the current landscape. But having said all that, again, I want to go back to the point that I've been making all along, which is we're going to be investing prudently. We're going to continue our strong unit economics. We're not going to do anything that's unnatural. And so I think that with the model in place, the competitive landscape, I think we're in a good spot to continue to go after sales heads. With that, I'll turn it over to George.
Okay. Great. Well, thanks, Alex. And I think when we look at security in general, we have to put it in perspective. It is mission-critical. And in the corporate hierarchy of needs, cybersecurity is the equivalent of shelter. It's fundamental. It's a basic need and you can't live without it. And obviously, there's going to be industries that are more impacted than others. But at the end of the day, they're going to need security. It's a compliance mandate for many, many large companies, even not large companies, right, from a data privacy perspective, whether it's a state or federal government or any other government around the globe. And they're going to still need to be able to purchase that. I think, again, when they come to CrowdStrike, a big part of what we do is we help them consolidate what they have. We can show them that 3x or better return on their investment. And in today's environment, obviously, where there's going to be tremendous cost pressure on these companies, I think we're the perfect solution to help optimize their head count, help optimize their spend on hardware and software and security and people and putting all that together. It's a very compelling offering that we have for them in a time of need.
Our next question comes from Gur Talpaz with Stifel.
First off, congrats on a really strong quarter here. George, you alluded to a shift in demand here for Falcon Complete. I think in the face of all that's happened over the past few weeks, how do you think about the nature of the conversation around Complete today especially within the large enterprise?
Well, it's amazing because when we originally -- so first, thank you, Gur. Thanks for your question. When we think about Falcon Complete and we originally constructed it for organizations that might have been in the corporate space, a reasonably sized organization but not enterprise or even SMB, we had no idea the adoption would be so broad in the enterprise space. And we have many, many large enterprise customers that use us because the offering is so compelling, to be able to kind of take that Tier 1 triage off their hands, to be able to remediate any issues that come up with automation, to be able to offer a warranty on what we're doing. And the technology is very, very compelling and in -- I don't care whether you're an enterprise or whether you're in corporate or SMB. Everyone is looking to increase their overall efficiency in their operations and reduce cost. And when you look at the return of a Falcon Complete, they could never do what we do 24/7 with the expertise we have around the globe for anything close to what we're charging them. So it really is a force multiplier for them and it really has been adopted widely, whether it's a small SMB all the way to very large enterprises.
That's very helpful. And then, Burt, maybe one for you. Non-GAAP gross margins here continue to rise, I think, despite really nice growth in customers and cloud transaction volumes. Can you just walk us through the inputs again here as to why that's the case? And then I think more importantly, have you seen an increase in gross margin at land now given the rise in sort of -- in size of customer as you see them at land?
Thanks, Gur, and thanks for your questions. So with respect to gross margins, I mean it continues to be the same story with respect to improvements on the operational side, efficiencies in using both private and public clouds. Two, it's the modular expansion. As we add new modules after the first module is sold to a customer, virtually every other module after that is pure gross margin. Those are some of the key drivers, and they've been consistent throughout the last few years in terms of seeing why our gross margin has expanded. In terms of the gross margin and how we think about it going forward, I think right now, we're in the middle of our long-term non-GAAP gross margin projections. And I anticipate that we're going to stay within that band. And in the long term, we see us going over that 80-plus percent from the standpoint of a non-GAAP gross margin basis. So we're going to continue to do those things that we've done doing well on the optimization side. We're going to continue to bring in new modules into our platform. Those 2 things combined will lead us to where we want to go.
Our next question is from Andrew Nowinski with D.A. Davidson.
Great. Congrats on a great quarter. Just 2 questions from me. So it's great to hear that you're offering programs to help customers work from home. And what we're hearing from resellers and CIOs is that companies that are not cloud-centric yet that are still running these legacy hub-and-spoke architectures are quickly realizing how inadequately prepared they are. So when people start returning to the office, which is hopefully soon, do you think that could trigger an uptick in spending from these companies as they work toward transforming their infrastructure?
Well, thanks, Andy. And the answer is yes. I think if you look at what is taking place, which I think many of us would agree we've never seen in our life, hopefully we won't see it again, but it's definitely going to transform the way people do business. And everyone implemented emergency plans. Everyone implemented emergency spending. And if you're working from home on Zoom, you still need to be protected, right? So I think what they figured out very quickly is kind of pushing update, signature files through VPNs or overloading things, just that whole management doesn't work. And I think by leveraging something like CrowdStrike to see how easy it is, it's seamless, it doesn't even have to go through their own network in terms of what we do and how we communicate with those end points, I think their eyes are wide open. So not only do I believe we'll see an uptick in the remote workforce. And this is going to be part of people's resiliency plan. It's not going to go away. So we're going to see that. We see CIOs going in for emergency spending and relief, and they have to solve this problem immediately. But then they're going to look at their overall business resiliency, their overall architecture and they realize that just trying to jam everything through VPN back to the mother ship is not going to work. You'll see more and more of zero trust, which we're a perfect fit in that overall architecture. And I do think it's going to fundamentally change the way people work and consume technologies, including security technology.
Great. And then in that same vein, as more companies are forced to adapt to this remote workforce, I was wondering if you've seen an uptick via the AWS channel as companies look to push more infrastructure to Amazon versus trying to maintain an on-premise infrastructure.
The answer is yes. We've got a great partnership with AWS. It cuts the sales cycle down, when we use the AWS Marketplace, by almost 50%. And just a quick stat, from an ARR perspective, just in Q1, we're up 32% quarter-over-quarter with our AWS Marketplace deal. So it's been an amazing channel for us. And at the end of the day, I think people, as they're remote, procurement is not around. It's a great channel for them. The terms are pretty much negotiated. You can get a deal done very quickly, and it slots right into their overall environment. And by the way, they can buy it and still use it on their on-prem environment. It doesn't have to be used just in the AWS cloud. So it's been really a great channel for us.
[Operator Instructions] Our next question is from Matt Hedberg with RBC Capital.
Congrats on the results. George, you highlighted a number of reasons why CrowdStrike can do well in times of uncertainty. I think it's really helpful for us to consider. One of them is your ability to not only keep customers safe but also save them money. And I guess on that point, can you give us a glimpse into what CIOs or CISOs are saying right now about their security spend? And if additional mind share comes your way from share shift, beyond Prevent or Insight, what are you sort of most excited about from like a new product attach perspective?
Sure. Well, CIOs and CISOs, but in particular CIOs, are looking for anything that will consolidate their footprint and reduce cost and complexity. And we slot absolutely right into that. I can tell you from when we started the company to where the conversation was, it wasn't at the CIO level to where we are today as a true platform. Almost every large deal involves the CIO. So they are looking for this. And as you pointed out, beyond just the next-gen AV and EDR piece, we have things like Discover with real-time response. We've added a tremendous amount of automation. At RSA, you might have been there, we showed how we can deploy emergency patches. We can basically pull data, bring the system back to health. And increasingly, we're seeing the IT ops team leveraging the CrowdStrike technology, which is always great because you want the IT team to be excited about security technologies. They get what they need. The security team gets what they want. And overall, we're solving and we're selling an outcome which is basically keeping customers from being breached but at the same time, giving them the consolidation and efficiency they need and saving money. So when you wrap that all together, that's an incredibly compelling offering. And in some of the earnings calls, this one and some of the prior ones, I've talked about the consolidation, 5, 6, 7, different technologies we've been able to consolidate out. Things like Spotlight, we have new release come out at the end of Q4, broader coverage, and we've seen the adoption pick up very rapidly in that module and customers are really liking it. So whether it's that, Falcon X, across the board, I mean we have strong module adoption. I continue to come back to Discover and Spotlight though. These are real 2 gems that the IT team can leverage. Tell me what to patch, here you go, and help me automate my systems with Discover. It's a great one-two combination.
Our next question comes from Rob Owens with Piper Sandler.
Great. I wanted you guys to drill down a little bit and add color to some of the commentary around hiring potentially. And have you changed your hiring plans, as you are a remote company, your ability to hire virtually? And how do you see this playing out both in the next quarter and this fiscal year?
Yes. Thanks, Rob. Since I started the company, a big part of the overall thesis was we needed the best people wherever they were, and that's what we started with when we had the first 20 launch employees. So we've been able to grow up as a remote company. We've been able to figure out how to make that work to get people in lots of different places. And I think we will continue to do that. We don't have any plans to change our hiring. It's certainly a competitive environment out there. But when you're on the cutting-edge with our data science teams with handling 3 trillion events at scale on a weekly basis with using the latest and greatest technologies, we need the very best people. I believe we have the best people in the industry. And what they've been able to do in a short period of time in a very stressful environment is just herculean. So I can't say enough about the great people of CrowdStrike. And we're going to continue to hire those folks around the globe, and it's really important to have the very best people to make sure our customers are protected.
And our last question comes from Gregg Moskowitz with Mizuho.
George, it's hard not to take notice when someone like yourself says this is the best competitive landscape you've encountered in your 27-year career, and you spoke on your prepared remarks around interest level surging post the Broadcom-Symantec integration. What I'm wondering though is whether you've seen any change in the rate of displacement activity around Symantec over the past few months or has that not yet actually kicked in.
Well, thanks, Gregg. I think it's both. Again, as I've said in the past, what we've seen is a compression of someone who may be out a year in terms of their renewal. They're now coming to us sooner because it's not an if. It's a win. In many cases, they've been hit with some ransom or something that really has accelerated while they're coming to us. In other cases, they're just not happy with support. They're not on the named list. And they basically have come to us and said, "Okay, maybe we'll run out one part of the Symantec license but we're going to pick some piece of your suite up. We'll get that up and running now." And then when these things start to run out, we'll ultimately just move everything over to you. So Gregg, it's really a little bit of both.
Thank you, and this concludes our Q&A for today. I would like to turn the call back to George Kurtz, President and Chief Executive Officer, for his final remarks.
All right. Well, thanks to all of you for your time today. Obviously, it's a very trying environment, and our hearts and prayers go out to all the folks that are affected by this virus. We certainly appreciate your interest, and we look forward to speaking with you next quarter. Thank you so much, and please stay safe.
And with that, ladies and gentlemen, we thank you for participating in today's program. You may now disconnect. Have a wonderful evening.