CrowdStrike Holdings, Inc.

CrowdStrike Holdings, Inc.

$347.88
4.38 (1.28%)
NASDAQ Global Select
USD, US
Software - Infrastructure

CrowdStrike Holdings, Inc. (CRWD) Q1 2023 Earnings Call Transcript

Published at 2022-06-02 20:16:03
Operator
Hello. Thank you for standing by, and welcome to the CrowdStrike Fiscal First Quarter 2023 Results Conference Call. At this time, all participants are in a listen-only mode. After the speakers’ presentation, there will be a question-and-answer session. [Operator Instructions] As a reminder, today’s call is being recorded. I would now like to turn the conference over to your host, Ms. Maria Riley, Vice President of Investor Relations. Please go ahead, ma’am.
Maria Riley
Good afternoon, and thank you for your participation today. With me on the call are George Kurtz, President and Chief Executive Officer and Co-Founder of CrowdStrike; and Burt Podbere, Chief Financial Officer. Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives, growth and expected performance, including our outlook for the second quarter and fiscal year 2023, are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements represent our outlook only as of the date of this call. While we believe any forward-looking statements we make are reasonable, actual results could differ materially because the statements are based on current expectations and are subject to risks and uncertainties. We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements, whether as a result of new information, future events or otherwise. Further information on these and other factors that could affect the Company’s financial results is included in the filings we make with the SEC from time to time, including the section titled Risk Factors in the Company’s quarterly and annual reports. Additionally, unless otherwise stated, excluding revenue, all financial measures discussed on this call will be non-GAAP. A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our press release, which may be found on our Investor Relations website at ir.crowdstrike.com or on our Form 8-K filed with the SEC today. With that, I will now turn the call over to George to begin.
George Kurtz
Thank you, Maria, and thank you all for joining us. I will start today’s call by summarizing three key points. First, fiscal 2023 is off to a fantastic start. We believe our Q1 results exemplify that we have a winning formula that includes scale, growth, profitability and free cash flow. Second, we saw strength across the platform, including a record quarter for modules deployed in the public cloud and over 100% year-over-year ending ARR growth for our emerging product group, which includes our Discover, Spotlight, Identity Protection and Log Management modules. And third, we are seeing more and more customers standardize on the Falcon platform. The number of customers adopting 6 or more and 7 or more modules, both grew more than 100% year-over-year. We believe this underscores our wide competitive moat and our opportunity to drive long-term sustainable growth in both, our core and expansion markets. Now, let’s discuss our results in more detail. The CrowdStrike team achieved another outstanding first quarter. Building on our historic Q4, this quarter, we delivered net new ARR of $190 million, topping our expectations. We delivered ending ARR growth of 61% year-over-year to exceed $1.9 billion, record non-GAAP operating profit of $83 million and free cash flow margin of 32%. In 8 out of the last 10 quarters, we have delivered 30% or greater free cash flow margin. Our powerful combination of growth, profitability and cash flow is reflected in our continued performance well in excess of the SaaS industry’s Rule of 40 benchmark. In Q1, we achieved a Rule of 78 on a non-GAAP operating income basis and when calculated on a free cash flow basis, a Rule of 93. Given our market opportunity, platform, subscription business model and high unit economics, we believe we have the ability to continue to grow at scale, generate cash and invest in initiatives that will further widen the gap between CrowdStrike and the competition, especially at a time when companies are forced to reduce their spending and hiring plans. I’d like to thank those of you who joined our investor briefing in April, where we showcased the simplicity and the power of the Falcon platform. We also demonstrated how our differentiated single-agent architecture that does not require reboot enables a frictionless go-to-market motion with an e-commerce engine. We believe this is unique to CrowdStrike and translates to increased module adoption, deal sizes, ARR growth and sales efficiency. And in Q1, we saw the flywheel effect and strong differentiation of the Falcon platform in motion. The demand environment we see is more robust today than this time last year as cybersecurity is not discretionary. Additionally, the competitive environment has remained favorable to CrowdStrike. Our growing leadership in the market is reflected in IDC’s most recent report where CrowdStrike leapfrogged to the number one position amongst all vendors in the 2021 market share for worldwide corporate endpoint security and once again took the top spot in modern endpoint security. In Q1, we executed well across all market segments with over 1,600 subscription customers of all sizes choosing CrowdStrike for the fourth consecutive quarter. This brings the total number of customers that rely on Falcon to protect their business to 17,945, a 57% increase year-over-year. The first quarter was a record quarter for our e-commerce engine. Late in Q4, we significantly expanded our trial program, increasing the number of modules available for trial to 12, up from just 4 modules in the prior quarter. The expanded trial program provides an even larger foundation to drive velocity through our e-commerce engine and makes it even easier for companies to trial and purchase more modules on the Falcon platform, and we are very pleased with the record performance in Q1. Our ability to rapidly innovate on the Falcon platform and solve a growing number of security imperatives for our customers with a single-agent platform provides CrowdStrike strong differentiation, wide competitive moat and multiple growth engines in both our core and expansion markets. Our frictionless adoption motion drives larger deal sizes among both, large and small customers over time and has translated to increasing module adoption metrics quarter-after-quarter. In Q1, subscription customers with 4 or more, 5 or more and 6 or more modules increased to 71%, 59% and 35%, respectively. Given subscription customers with 4 or more modules surpassed the 70% milestone and is now commonplace, we are retiring this disclosure and raising the bar by introducing a new metric, customers with 7 or more modules, which reached 19% at the end of Q1. We are pleased with our strong module performance across the Falcon platform in both, our core and expansion markets. I’d like to highlight a few standouts in Q1. First is Falcon Complete, our industry-leading full turnkey managed detection and response offering that uniquely blends technology and services to stop breaches for customers of all sizes. Q1 was a record-breaking quarter for Falcon Complete with net new ARR reaching an all-time high. Falcon Complete has continued to gain momentum in the market as companies look to address the growing cybersecurity imperative and contend with the cybersecurity skills gap. By leveraging the advanced automation in the platform, Falcon Complete offers customers and partners a way to quickly and cost effectively scale, fortify their cyber defenses with gold standard expertise and technology. We believe our massive success with Falcon Complete is a testament to the increasing trust customers place in CrowdStrike every day. As one of our largest customers recently posted on LinkedIn, “CrowdStrike’s Complete team allows our team to focus on the bigger picture without sacrificing the quality and detail of Tier 1 response.” Our growing leadership in the MDR market is also recognized by market research firms. In Gartner’s recent Market Share Managed Security Services worldwide 2021 report, CrowdStrike was ranked number one by market share. As we have added modules to the Falcon platform, we have introduced new complete offerings that extend beyond core endpoint, including Complete for Cloud Workload Protection and Complete for Identity Protection. This ability to create new extended offerings within the Complete product line generates new multidimensional avenues to drive ARR growth. Moving to the public cloud. Building on top of a strong Q4, the first quarter was a record quarter with ending ARR growth for public cloud deployments accelerating quarter-over-quarter. As organizations are moving more workloads to the cloud, the adversaries are quickly following, and traditional security tools are not enough to keep pace with the ever-changing nature of cloud environments. CrowdStrike’s cloud capabilities stand alone in the market by delivering agent-based and agentless solutions delivered natively from the Falcon platform in a single user interface with a shared data back end in Threat Graph. The combination of agent-based and agentless capabilities in the cloud enables pre-runtime and runtime protection whereas agentless-only solutions can only offer partial visibility and lack remediation capabilities. Additionally, [Technical Difficulty] of the public cloud, put an even higher emphasis on the importance of a lightweight agent. The time we took at the inception of CrowdStrike to design the agent with the lightest footprint amongst all competitors and that doesn’t require a reboot makes our agent perfectly suited for cloud deployments. One of our marquee wins this quarter was a global financial software company that was looking to protect its private cloud and growing public cloud environment. In this cloud win, CrowdStrike was chosen over the competition given Falcon’s unified interface across public, hybrid and multi-cloud assets, ease-of-use, superior performance and speed of detection. In the quarter, we introduced new Cloud Native Application Protection Platform or CNAPP capabilities to accelerate threat hunting for cloud environments and workloads and reduce the meantime to respond. The new capabilities we announced provide the visibility, automation and cloud hygiene necessary to defend against today’s adversaries. Identity protection is another emerging area where we are seeing growing success in the market with the number of customers subscribing to these modules growing more than 30% quarter-over-quarter. Our identity protection solution is a game changer in the fight against ransomware and preventing lateral movement. This was demonstrated in the recent MITRE prevention evaluation in which Falcon achieved 100% prevention and our identity protection module stopped the would-be attacker before it could even gain access to the target environment, redefining what it means to stop the breach. In terms of opportunity, we see many similarities between this, new emerging market and the EDR market at its inception, with customers not knowing how much they need it until they saw it in action. To demonstrate this point, I’d like to share feedback I personally received via text from a long-standing Falcon customer. “We are doing our POC of identity protection, and it alerted us that all members of domain users errantly had permissions to reset the machine for one of our domain controllers. We fixed it immediately and identified the root cause. We never would have found this in a million years, and it could have been used to do great harm. We really are in love with this product. Thanks to you and the team for building these amazing tools for us.” And on the Humio front, we are seeing increasing momentum in the log management space with customers. Additionally, our resellers, MSSPs and technology partners are excited about building their businesses with Humio. With the recent sales enablement and quota assignment for the global CrowdStrike sales team, our pipeline of log management opportunity rapidly growing. Specifically in Q1, we secured wins with new and existing CrowdStrike customers, including a Fortune 100 industrial company, a Fortune 500 materials manufacturer and a large health services provider. Moving to the market dynamics and threat environment. We continue to see powerful tailwinds fueling our market, and we do not currently see any indication that these trends will abate anytime soon. These tailwinds include a rapidly expanding attack surface and digital supply chains as organizations embrace digital transformation and move more workloads to the cloud, the cybersecurity skills gap in a heightened threat environment. We remain in a shields-up threat environment with adversaries rapidly evolving their tactics. Ransomware is no longer enough for advanced e-criminals. They are now weaponizing the data they extract by periodically leaking it to the public in an effort to extort their victims and drive even higher paydays. Over the past few months, I spent significant time traveling to meet with customers, prospects, partners and fellow CrowdStrikers. I found it energizing and inspiring to resume in-person engagement, and I would like to share with you a few recurring themes from my conversations. First, cybersecurity is an essential technology that underpins modern business, and we see this growing as regulators sharpen their lens on cybersecurity requirements. As a result, cybersecurity is a growing priority, words of directors and initiatives to fortify an organization security posture and reduce enterprise risk are being discussed, evaluated and funded at the highest levels. Second, in order to cope with the skills gap, organizations are looking for technologies that help them achieve more with fewer human resources. CIOs and CISOs are looking for a true platform that delivers on the promise to consolidate agents, reduce complexity, simplify operations and reduce operational costs. This includes replacing legacy log management and SIEM products, and that is why they are so excited about Falcon XDR. And that brings me to my third point, trust. I heard directly from Boards, CIOs and CISOs that when it comes to cybersecurity, the importance of trust increasingly eclipses price during the buying decision. In fact, we saw this exact dynamic and a key win with a leading-edge tech innovator and S&P 500-listed company where we were competing against Microsoft. Even though this new customer is a Microsoft-first shop, we were told that the buying decision, which the Board of Directors was actively involved in, ultimately came down to who they trusted to protect them from their worst day. Before I hand it over to Burt, I will share one more recent new subscription customer win where the incumbent vendor fell short of expectations. This global business process service provider based in Europe was struggling with their Microsoft deployment as complexity and misconfiguration pitfalls were hampering their efforts to protect their heterogeneous environment. After months of continuous issues, they fell victim to a breach and turned to CrowdStrike for incident response and endpoint recovery services. During the remediation process, this customer was able to experience firsthand the value of trusted expertise and the ease and speed of deploying Falcon across their environment. This led them to adopt Falcon Complete, which was fully up and running only 24 hours after the expanded engagement was completed. Falcon Complete is highly differentiated in the market as competing offerings only notify the customer of a problem, whereas Falcon Complete with Fusion no-code security automation will proactively remediate any issues. In closing, I would like to thank each and every CrowdStriker for your passionate focus on making CrowdStrike the trusted cybersecurity company. With that, I will turn the call over to Burt to discuss our financial results in more detail.
Burt Podbere
Thank you, George, and good afternoon, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks today are non-GAAP. Moving to our results. We delivered another outstanding quarter with strength in multiple areas of the business and superb execution by the CrowdStrike team, translating to rapid growth at an increased scale, record non-GAAP profitability and record cash generation. In the first quarter, we continued to maintain very high unit economics, drive leverage and remain very capital efficient, even as we aggressively invest in the business, innovate on the Falcon platform, expand into new markets and grow the CrowdStrike team. Demand in the quarter was broad-based and fueled by strength in multiple areas of the business. These included continued strong customer adoption of our core products, growing success with our emerging product category and cloud modules, strong retention and expansion within our customer base and continued rapid new customer acquisition. Net new ARR grew 32% to reach $190.5 million. Our exceptional Q1 net new ARR performance was ahead of our expectations and follows our unprecedented Q4, highlighting our continued strong momentum in the market. Additionally, the composition of net new ARR in Q1 was very well balanced across deal size with no outsized contribution from any one deal. Our dollar-based net retention rate was once again above our benchmark, and gross retention reached a new all-time high. Our consistently high gross retention rate reflects our strong commitment to stopping the breach, delivering value to customers and restoring trust to the security posture of companies worldwide. As George mentioned, we are also seeing more customers standardizing on the Falcon platform and adopting more modules. We believe these trends will create an enduring business opportunity for the years to come. Moving to the P&L. Total revenue grew 61% over Q1 of last year to reach $487.8 million. Subscription revenue grew 64% over Q1 of last year to reach $459.8 million. Professional services revenue was $28.0 million, setting a new record for the seventh consecutive quarter and representing 30% year-over-year growth. In terms of our geographic performance in Q1, we continue to see strong growth in the U.S. at 57%, and international revenue growth accelerated to 71% year-over-year. First quarter total and subscription non-GAAP gross margins remained relatively consistent at 77% and 79%, respectively. As we continue to invest for growing demand, we are pleased with our strong subscription gross margin performance, which remains within our target model range. As planned, we invested aggressively in our business during the quarter, including increasing investments in new technologies, international geographies and marketing programs. We are also executing our 2023 hiring plan and pleased to report that we added a record number of net new hires during the quarter. We believe the investments we are making today will lead to sustained growth over the long term and maintain our position as a trusted security partner of choice. Given our strong top line, disciplined approach to investing and efficient sales motion, we were able to make these investments [Technical Difficulty] also driving increased leverage and profit. Total non-GAAP operating expenses in the first quarter were approximately $291.0 million or 60% of revenue versus $202.9 million last year or 67% of revenue. In Q1, our magic number increased to 1.4, reflecting the efficiency of our go-to-market engine and our ability to rapidly onboard and support customers of all sizes. We have put as much thought into our go-to-market as we have into our technology, creating a new paradigm for enterprise cybersecurity sales. The Falcon platform was designed from the start to foster module adoption. And on top of that, we built an e-commerce engine that would not have been possible to achieve without the architectural choices made in CrowdStrike’s early days. We also have a thriving partner ecosystem, which includes MSSPs that is contributing to our ability to efficiently scale our business. First quarter non-GAAP operating income more than doubled, growing 179% year-over-year to reach a record $83.0 million, and operating margin improved by over 7 percentage points year-over-year to reach 17%. Non-GAAP net income attributable to CrowdStrike in Q1 also more than tripled, growing to a record $74.8 million or $0.31 on a diluted per share basis. Our weighted average common share used to calculate first quarter non-GAAP EPS attributable to CrowdStrike was on a diluted basis and totaled approximately 239 million shares. We ended the first quarter with a strong balance sheet. Cash and cash equivalents increased to approximately $2.15 billion. Cash flow from operations grew 46% year-over-year to a record $215.0 million. Free cash flow grew 34% year-over-year to a new record of $157.5 million or 32% of revenue and reflects our planned increased capital investments, which more than doubled year-over-year. Given the current geopolitical environment and growing regulatory requirements, such as GDPR, CISA reporting mandates and the forthcoming SEC cybersecurity disclosure requirements, we believe the essential nature of our offerings is increasing. This, along with our corporate customer base, our efficient sales motion, our high gross retention rates, and our SaaS model that includes subscription contracts and multiyear customer relationships will provide consistent cash flow performance. Further, we believe these factors will provide resiliency in any type of environment as we build a durable cash generator for today and years to come. Before moving to guidance, I would like to cover a few modeling notes. While we do not specifically guide to net new ARR, we would like to provide a framework for how we view recent and seasonality trends. Similar to last year, we delivered an exceptional Q1 with significantly muted Q4 to Q1 net new ARR seasonality when normalizing for the two accounts that contributed approximately 8 figures each to our unprecedented Q4 results. As a result, looking to Q2, we expect to see seasonality off of Q1 to be similar to last fiscal year. Next is on operating leverage. Given our strong Q1 performance and as reflected in our increased guidance, which reflects 56% to 62% year-over-year growth in operating income, we expect to see the year-over-year operating margin leverage for the year materialize in the first half of fiscal 2023. This is primarily driven by our commitment to continue investing aggressively in our massive opportunity and leverage our unique leadership position in the market, current demand [Technical Difficulty] and increased unit economics. Lastly, I will touch on cash flow. As a reminder, given the timing of expenses, seasonality of new hires and the midyear ESPP purchase, the second quarter is generally our lowest cash flow generation quarter of the year. Moving to our guidance. We continue to remain optimistic about the demand for our offerings, record pipeline and our ability to execute on the powerful secular trends fueling our markets, and as a result, we are raising our guidance for fiscal 2023. For the second quarter of FY23, we expect total revenue to be in the range of $512.7 million to $516.8 million, reflecting a year-over-year growth rate of 52% to 53% with subscription revenue being the dominant driver of growth. We expect non-GAAP income from operations to be in the range of $70.4 million to $73.3 million, and non-GAAP net income attributable to CrowdStrike to be in the range of $64.9 million to $67.9 million. We expect diluted non-GAAP net income per share attributable to CrowdStrike to be in the range of $0.27 to $0.28, utilizing a weighted average share count of 240 million shares on a diluted basis. For the full fiscal year 2023, we currently expect total revenue to be in the range of $2,190.5 million to $2,205.8 million, reflecting a growth rate of 51% to 52% over the prior fiscal year. Non-GAAP income from operations is expected to be between $306.5 million and $317.8 million. We expect fiscal 2023 non-GAAP net income attributable to CrowdStrike to be between $283.3 million and $294.6 million. Utilizing 241 million weighted average shares on a diluted basis, we expect non-GAAP net income per share attributable to CrowdStrike to be in the range of $1.18 to $1.22. George and I will now take your questions.
Operator
[Operator Instructions] Your first question is from Saket Kalia with Barclays. Please go ahead.
Saket Kalia
Okay, great. Hey, guys. Thanks for taking my question here. George, maybe I’ll direct this one to you. A lot of fun stuff to talk about from a product perspective. But maybe we could zero in on one, specifically Humio. The question is, what are you seeing from customers on their willingness to explore alternatives to SIEM? And how do you think Humio is positioned there to disrupt?
George Kurtz
Hey Saket, it’s a great question. When we talk to customers, particularly legacy SIEM customers, there’s absolutely an appetite to explore something that’s different, modern, more scalable and more cost effective. And again, we’ve been big fans of Humio. We continue to get the technology integrated and expand its capabilities. And when you think about Humio, you also have to think about Falcon XDR, right, in terms of its ability to ultimately subsume SIEM. And I think XDR, in general, will do that from a category perspective. So, it’s still in the early days, but we’re excited about the customer interest, what they want, the expansions that we’ve done in the quarter, the ability to actually consume, not only security data but observability data. And we’ll continue to iterate the product and get it out through the sales force. So, overall, very excited about it.
Operator
Your next question comes from Andrew Nowinski with Wells Fargo. Please go ahead.
Andrew Nowinski
Congrats on a great quarter. I had a similar question to the last one. So, you talked a lot on the call about Falcon Complete Preempt and Humio. And I would imagine Spotlight was also fairly strong given Log4j this quarter. But I was wondering if you could maybe just rank order your top three modules that you think will drive or have the most impact on your growth in this fiscal year?
Burt Podbere
Hey Andy, great to hear your voice. So, as we talked about on our April 7th webinar, we went through the module growth dynamics. And we highlighted some of our products like Complete, which has been very, very successful for us. Then we talked about spotlight, and we talked about Identity Threat Detection, Horizon, Cloud Workload Protection. These are just some of the hyper-growth modules that we highlighted in the webinar. And that really means year-over-year growth rates are significantly higher than the overall customer growth. And so, we’re excited about those.
Operator
And your next question comes from Brian Essex with Goldman Sachs. Please go ahead.
Brian Essex
Congrats from me as well on the results. Yes, I guess, I want to dig in a little bit too. It looks like international growth pretty strong in the quarter. And given it’s an area of focused investment, just wondering if you could peel that back a little bit and help us understand what are some of the key drivers there, how sustainable they are? And specifically, any color into what geos were the strongest for you?
George Kurtz
Yes. Hey Brian, it’s George. When we look at our capabilities outside North America, again, we spend a lot of time building out the sales channels, building out the partner network. And you see that multiplier effect through our partners now, which are really excited. And we continue to expand our sales capabilities there. So, when you look at where we’d like to be in terms of increasing that revenue and the split between North America and rest of world, it was a great quarter for us. So I think Burt will probably add some other comments to it, but I think it’s reflective of the fact that we’ve got a great offering and the strong demand in all geographies.
Burt Podbere
Yes. It’s a great question, and we’re continually focused on investing in territories outside of the U.S. When we talk about aggressive investing or investing aggressively, we think about not only product lines, when we think about geos. And that’s one area certainly that is a focus for us. We also think about, ultimately, we’d love to see 50-50 in terms of the split at some point. And in order to do that, we need to continue to invest. The great thing about what we saw in the results is that for rest of world is that it’s keeping pace to an incredible opportunity here in North America. And so, when you can keep pace with America, you’re doing really well. And in this quarter, we saw a slight uptick in terms of rest of world sales. So, we’re excited about where we’re headed.
Operator
Your next question comes from Joel Fishbein with Truist. Please go ahead.
Joel Fishbein
Hey guys, great execution this quarter. George and/or Burt, you had a great new subscription customer growth this quarter. I’m just curious when these guys are landing, how many modules on average are they landing with these net new customers?
Burt Podbere
Yes. So, our bigger customers, those over $1 million, as we talked about on the webinar in April, each of those customers has about 7 on average, just over 7 modules. In terms of landing new, we talked about in FY22, it’s 4.7. And that’s up from 4.3 from the year before.
Operator
Your next question comes from Matt Hedberg with RBC Capital Markets. Please go ahead.
Matt Hedberg
Congrats from me on the results, guys, as well. George, I know this is not necessarily a strong U.S. Fed quarter. But I think I’ll reflect back on your CISA win from last year as really a sort of a watershed type deal. Can you talk about how that rollout has been going? And how you think Federal plays out -- U.S. Fed plays out this year?
George Kurtz
Yes. It’s been going well. A key part of our strategy is because there’s many agencies that can procure the product through the CISA contract, if you will. And the key area of focus is making sure that everyone is successful. It’s a great rollout. And like any category, you want to have your reference accounts, and that’s what we’ve been focused on. So, it’s tremendous interest. Folks understand our capabilities where we can help protect them, particularly in areas like identity. And they know it’s a leading product in the industry. So, we expect great things from Fed. And we also believe that, as I said before, 10 years in the making, we finally have these big contracts after we got the certifications that we needed. We think it’s going to be a long runway in federal, and not only federal, but state, local, and then you have federal type organizations that are around the world. So, we think we’re in a great spot there.
Operator
And your next question comes from Rob Owens with Piper Sandler. Please go ahead.
Rob Owens
I was wondering if you could address some of the competitive dynamics around cloud and when it represents a tip of the spear versus selling into the installed base, if we were looking at that net new ARR that cloud touches. Thanks.
George Kurtz
Yes. So, when you think about our cloud offerings, a couple of points that I highlighted in the call is that we have both, agent and agentless. And that is the ability to actually gather cloud information at scale without an agent, understand the posture of what’s happening, understand misconfigurations and go beyond what our competitors do is we actually look for active attacks with our Indicator of Attack technology applied to it. And then you combine that with our agent and our Cloud Workload Protection. And that really is like the ultimate package. CNAPP, we talked about that in the call as well, and that has been well received. And as we pointed out in the April investor call, we’ve had many lands in just cloud organizations, particularly in big financial services companies, land in the cloud and then actually be able to cross-sell it into the internal network. So overall, we continue to iterate very rapidly, got great capabilities there, and it’s been really well received by our customers.
Operator
And your next question comes from Fatima Boolani with Citi. Please go ahead.
Maria Riley
Let’s go to the next question and we can come back to Fatima.
Operator
Thank you. And your next question is from Alex Henderson with Needham & Company. Please go ahead.
Alex Henderson
I was hoping you could talk a little bit about the implications of the VMware acquisition by Broadcom and to what extent that has a positive impact on your ability to gain share in the endpoint/XDR space, but also whether that has implications for your cloud product lines? And, has there been any impact that immediately happened after that announcement? Thanks.
Burt Podbere
Yes. Very good question. And we were quite excited by the acquisition. And I think, again, when you look at the shared donor that Symantec has imparted on us, we were happy to see Carbon Black and VMware to be acquired. So we’ve continued to replace Carbon Black over the last few years. And after the acquisition, we certainly had a lot of customer interest in what that means for Carbon Black customers, in particular, how CrowdStrike can help them in a long-term relationship. So, we’ll see how it all plays out. But given what we’ve seen in the past with Symantec, we’re pretty positive.
Operator
And your next question comes from Roger Boyd with UBS Securities. Please go ahead.
Roger Boyd
Congrats on the results. Just on e-commerce, you noted a record e-commerce quarter as you added a bunch of new triable solutions. Can you just talk about how that might be benefiting your sales efficiency. You noted the strong magic number in the quarter and how you see that benefiting margins this year and beyond? Thanks.
Burt Podbere
Yes. So, as we’ve talked about in the April update to investors, we spent many, many years working on our e-commerce platform, and we’re starting to really see the fruits of our labor there with a magic number of 1.4 with the increase in the number of trials that we can actually run through the e-commerce platform. It’s incredibly efficient, not only to gain new customers, but also to continue to cross-sell into the customer base. And with 22 modules, it’s important to be able to prioritize what customers are looking for, for our channel partners as well as our sales team. So, we spent a lot of time and effort there. We’re seeing the fruits of it. It certainly has been a great addition to growing our SMB business as well. We take credit card sales. It’s very easy to get the product up and running and buy from us. And I think that is a unique differentiation point between us and our competition. Burt?
Burt Podbere
Yes. No, it’s definitely part of the equation when we think about our long-term operating margin target model. So, as I think about hitting the 20% to 22% long-term model, that’s a piece of it, right? I think, we spend as much time on go-to-market execution and flighting how that is all going to work just as much as we do on the tech. And for us, that’s a bet that I think where we think is very, very derisked. And I think that we’ve got lots of examples where we’ve seen success of companies that are able to fight it well, not in security. And so, we believe that we’ve got a great opportunity.
Operator
And your next question comes from Mike Walkley with Canaccord Genuity. Please go ahead.
Daniel Park
It’s Daniel on for Mike. So, with your total free trials increasing at 12 modules, could you speak to how the strategy is echoing downstream, especially at the lower end of the market? Typically, this has been a segment where customers have really gone with the good-enough approach in the past.
George Kurtz
I think when customers look at the impact of ransomware and now you’ve got lock and leak where they actually are disseminating this information and extorting customers. It’s just too critical to rely on an operating system vendor or the cheapest technology that’s out there. They’re looking at the viability of their business being impacted. They’re looking at wire transfers that are going out fraudulently. I mean, you go down the list of e-crime activities, and it continues to mushroom. So customers leveraging our trial, converting them into our e-commerce platform, upselling our modules, even upselling them into Falcon Complete customers, we can take a few thousand dollar deal and turn it into a $50,000 deal, leveraging the full suite of e-commerce technology as well as our inside sales team. And that has really driven efficiency in our organization as well as it’s reflected in things like our magic number that I talked about earlier.
Operator
And your next question comes from Joseph Gallo with Jefferies. Please go ahead.
Joseph Gallo
You’ve alluded to it and so far the numbers appear to indicate that cyber and your business is resilient. But George, in your convos with customers and Burt, in your guidance methodology, is the world a little less rosy than it was a quarter ago? Are you seeing any change in the velocity of deals closing or hesitation from customers? And if you could break that into by geo or deal size, that would be great. Thanks.
George Kurtz
Yes, I’ll try the first part. No, we haven’t seen any slowdown in terms of the willingness to buy security. It continues to be the number one risk factor for any Board of Directors. Again, when you look at some of the e-crime impact and taking out business, it is not a discretionary spend. It’s -- in the hierarchy of corporate needs, it’s probably shelter. So, we see that continuing. And in fact, when you look at the current environment, we have a customer saying we want to consolidate more. We want to go in with -- all in with CrowdStrike. We want to get rid of this extra spend that we have in other areas, too many agents. And we can upsize our deals while decreasing the overall security spend by consolidating things like vulnerability management, by consolidating log management capabilities, et cetera. We can put it together and give them a much more effective technology with better outcome, lower cost and lower management concerns.
Burt Podbere
Yes. And to add, I really don’t see any additional discounting coming my way. And when there is an opportunity on the table and there is discounting involved that is -- at a high level, it comes to me, and I really haven’t seen any change from the past.
Operator
And your next question comes from Shaul Eyal with Cowen. Please go ahead.
Shaul Eyal
Congrats on a strong start to this fiscal year. My question is actually on the new ARR. Maybe can you just provide us with some color? I know you don’t provide, like, the actual numbers. But what portion of new ARR came from new business and logos, and what came from the existing base? Thank you.
Burt Podbere
Hey Shaul, great to hear your voice. It’s a question I often get and I love, because at this point, we’re still seeing net new ARR coming from both, new logo and cross-sell and upsell. And we feel we have a lot of runway in both. We’ve got a -- we have a tremendous amount of headway in terms of new logos. We’ve had just number -- we have just under 18,000. You look at one of our competitors like Symantec that had over 300,000 at one point, and we’ve got a long way to go. And then, the machine of being able to cross-sell into our existing base is there as well. And so, as we continue to add new logos, we have -- we continue to have opportunities to cross-sell. So, we’re getting it from both sides. And today, I see it both -- equal opportunity.
George Kurtz
And when we look at things like identity, which is part of the emerging module category, identity for me is the new EDR. A few -- it wasn’t that long ago that EDR was something new for folks. And now, organizations routinely adopt it. And we see the same sort of buying pattern with identity. If you have advanced endpoint protection using AI, if you add EDR and now you add identity, that’s a winning formula. So, we see a great opportunity to continue to sell into the installed base identity, and we talked about 30% quarter-over-quarter increase in identity. And we see a long runway. So, when we think about EDR, the next iteration of that will be adding identity to it.
Operator
Your next question comes from Fatima Boolani with Citi. Please go ahead.
Maria Riley
It looks like we lost Fatima again.
Fatima Boolani
I’m on. Are you there? Sorry about that. Thanks for being patient with us tonight, just popping around a couple of calls. George, maybe one for you to start. I still get this question from investors with a sense of lingering fear about the business maybe having seen some tailwinds from the -- maybe the sharp growth in endpoint volumes that a lot of corporations sort of realized over the course of the pandemic. And so, I’m curious if you can share some data points or anecdotes to help assuage some of the concerns around that front with respect to corporate endpoint volumes sort of moderating from here. And then I have a follow-up, please.
George Kurtz
Sure. As we talked about over the course of the pandemic and prior earnings calls, we, certainly, in the beginning, saw some buying for people that were working at home. But that was short-lived. And I think on the back side, two years plus in the pandemic and coming out of it, I think if you look across the growth quarter-over-quarter, again, it’s reflective in a strong demand environment and not related to anything that’s pandemic. So, as we talked about before, digital transformation is happening, security transformation is moving to cloud. Those are all long-term sustainable trends. And after pretty much the first quarter or so of the pandemic, there’s not much to talk about in terms of corporate endpoints.
Operator
Next question is from Brad Reback with Stifel. Please go ahead.
Brad Reback
George, obviously, a lot of your high-profile, high-multiple private peers have run into some issues here. Lately, a lot of them were talking about headcount reduction. So, maybe two-part, number one, does it open up M&A opportunities for you? And number two, I know hiring was strong in the quarter, but can it get even better? Thanks.
George Kurtz
Sure. And that’s certainly true. We’ve seen a lot of high-multiple companies go through some layoffs and some challenges in trying to conserve cash. I think from an M&A perspective, we are always looking at companies, and we will buy good companies with good people irrespective of the current environment. Obviously, as we think about what’s coming up, multiples compressing in various areas, including the private markets, we certainly will be disciplined as we look at those. And then, when we think about headcount, we are in a great position to be getting talent as some of these organizations are just forced to cut good people. So, we will be opportunistic in both, hiring great people as well as looking at potential M&A opportunities now and in the future.
Operator
And your next question comes from Gray Powell with BTIG.
Janet Zhang
Hi. This is Janet on for Gray Powell. Thank you so much for taking the question. So, mine is a broader question on the macro environment. Generally speaking, good companies tend to come out of recession in a better position, while less-established companies might struggle just to survive. So with that in mind, if the economy does get worse, do you see opportunities to expand and potentially accelerate your road map?
George Kurtz
Yes. I’ll answer first and then I’ll turn it over to Burt. But, when we think about where we are today and the success we’ve had, I think it’s one of the areas where security is not going to go away. The threats are going to continue to get worse, and we’re going to continue to invest. And that means getting the people that we need, that means looking at module expansion, and that means looking at other opportunities, as we just talked about in the last question, potential M&A opportunities. So, for us, it’s really about continuing to hit the gas, and we’ve been successful. We’ve seen a lot of our competitors fall by the wayside over the years by being diligent by being innovative and continuing to invest and getting stronger and stronger, irrespective of the current climate. And certainly, if it gets worse, we think we’re in a great position, enterprise software, SaaS, security, long-term contracts, great cash flow. I mean, these are all hallmarks of a very well-run and great execution-type business across. Anything to add, Burt?
Burt Podbere
Yes. So it goes back to -- I think it starts with security right now is, let’s call it, recession-resilient. We think we’re in a great spot to continue to maintain our number one market share in endpoint. And I think that we are going to continue to invest. And really, what does that mean? It means to enhance and gain in market share, in 2019, we had a market share of around 6.3% in endpoint. And today, we’re in that 12.6% range from -- this is all IDC. We think there’s a real opportunity to increase that. We think by investing in the channel, in people, in go-to-market, we think we have an advantage over everybody else because we’re such a well-run company and we’ve got a lot of opportunity to invest. Our balance sheet and our P&L are allowing us to do that. And we’re going to press that advantage. And we’re going to go after some great people that have been let go by some of our competitors.
Operator
Thank you. And our last question comes from Josh Tilton with Wolfe Research. Please go ahead.
Unidentified Analyst
Hey. This is Patrick on for Josh. Have you all seen any noticeable changes to the competitive environment and sort of win rates versus SentinelOne and Microsoft? And then also, can you give us any more color on what you see as sort of the total size and the legacy replacement opportunity that remains? Thanks.
George Kurtz
Yes. We haven’t seen any change. We continue to win at a very high rate. We’ve talked about that in the past. It’s a great competitive environment for us. We continue to convert. We talked about some of the Microsoft wins. Again, what customers are looking for are solutions that solve problems, stopping breaches, deals with some of the headcount problems that they have. They just can’t find enough good people, and ultimately saves them a lot of time and money by harmonizing their security stack in one platform, which is CrowdStrike. So, it’s still a big market. Burt talked about our market share on the last response. We’re looking to aggressively grow that, and there’s opportunities for others out there. But we believe we have the best technology, the best platform, the best AI. Testing results prove it as well and more importantly, customer success, the testimonials. And the proof is in the financial results, so. And we feel confident going into the future that we’ve got the right platform.
Operator
And with that, I will pass the call back to George Kurtz for his final remarks.
George Kurtz
Great. Well, I’d like to thank everyone for their time today. We feel it was a great quarter. And we look forward to chatting with everyone next quarter. Be safe, and thank you so much.
Operator
And this concludes today’s conference call. Thank you for participating. And you may now disconnect.