CRWD

00015355272022FYfalseP3YP1YP1Y.25P1Y00015355272022-02-012023-01-3100015355272022-07-31iso4217:USD0001535527us-gaap:CommonClassAMember2023-02-28xbrli:shares0001535527us-gaap:CommonClassBMember2023-02-2800015355272023-01-3100015355272022-01-31iso4217:USDxbrli:shares0001535527us-gaap:CommonClassAMember2022-01-310001535527us-gaap:CommonClassAMember2023-01-310001535527us-gaap:CommonClassBMember2022-01-310001535527us-gaap:CommonClassBMember2023-01-310001535527us-gaap:SubscriptionAndCirculationMember2022-02-012023-01-310001535527us-gaap:SubscriptionAndCirculationMember2021-02-012022-01-310001535527us-gaap:SubscriptionAndCirculationMember2020-02-012021-01-310001535527crwd:ProfessionalServicesMember2022-02-012023-01-310001535527crwd:ProfessionalServicesMember2021-02-012022-01-310001535527crwd:ProfessionalServicesMember2020-02-012021-01-3100015355272021-02-012022-01-3100015355272020-02-012021-01-310001535527us-gaap:CommonStockMember2020-01-310001535527us-gaap:AdditionalPaidInCapitalMember2020-01-310001535527us-gaap:RetainedEarningsMember2020-01-310001535527us-gaap:AccumulatedOtherComprehensiveIncomeMember2020-01-310001535527us-gaap:NoncontrollingInterestMember2020-01-3100015355272020-01-310001535527us-gaap:CommonStockMember2020-02-012021-01-310001535527us-gaap:AdditionalPaidInCapitalMember2020-02-012021-01-310001535527us-gaap:RetainedEarningsMember2020-02-012021-01-310001535527us-gaap:NoncontrollingInterestMember2020-02-012021-01-310001535527us-gaap:AccumulatedOtherComprehensiveIncomeMember2020-02-012021-01-310001535527us-gaap:CommonStockMember2021-01-310001535527us-gaap:AdditionalPaidInCapitalMember2021-01-310001535527us-gaap:RetainedEarningsMember2021-01-310001535527us-gaap:AccumulatedOtherComprehensiveIncomeMember2021-01-310001535527us-gaap:NoncontrollingInterestMember2021-01-3100015355272021-01-310001535527us-gaap:CommonStockMember2021-02-012022-01-310001535527us-gaap:AdditionalPaidInCapitalMember2021-02-012022-01-310001535527us-gaap:RetainedEarningsMember2021-02-012022-01-310001535527us-gaap:NoncontrollingInterestMember2021-02-012022-01-310001535527us-gaap:AccumulatedOtherComprehensiveIncomeMember2021-02-012022-01-310001535527us-gaap:CommonStockMember2022-01-310001535527us-gaap:AdditionalPaidInCapitalMember2022-01-310001535527us-gaap:RetainedEarningsMember2022-01-310001535527us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-01-310001535527us-gaap:NoncontrollingInterestMember2022-01-310001535527us-gaap:CommonStockMember2022-02-012023-01-310001535527us-gaap:AdditionalPaidInCapitalMember2022-02-012023-01-310001535527us-gaap:RetainedEarningsMember2022-02-012023-01-310001535527us-gaap:NoncontrollingInterestMember2022-02-012023-01-310001535527us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-02-012023-01-310001535527us-gaap:CommonStockMember2023-01-310001535527us-gaap:AdditionalPaidInCapitalMember2023-01-310001535527us-gaap:RetainedEarningsMember2023-01-310001535527us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-01-310001535527us-gaap:NoncontrollingInterestMember2023-01-310001535527us-gaap:CustomerConcentrationRiskMembercrwd:CustomerAMemberus-gaap:AccountsReceivableMember2022-02-012023-01-31xbrli:pure0001535527us-gaap:CustomerConcentrationRiskMembercrwd:CustomerAMemberus-gaap:AccountsReceivableMember2021-02-012022-01-310001535527crwd:CrowdstrikeFalconFundLlcMembercrwd:AccelMembersrt:MaximumMember2019-07-310001535527crwd:CrowdstrikeFalconFundLlcMembercrwd:AccelMember2019-07-012019-07-310001535527crwd:CrowdstrikeFalconFundLlcMembercrwd:AccelMembersrt:MaximumMember2021-12-31crwd:segmentcrwd:reporting_unit0001535527srt:MinimumMember2022-02-012023-01-310001535527srt:MaximumMember2022-02-012023-01-310001535527us-gaap:ComputerEquipmentMembersrt:MinimumMember2022-02-012023-01-310001535527us-gaap:ComputerEquipmentMembersrt:MaximumMember2022-02-012023-01-310001535527us-gaap:FurnitureAndFixturesMember2022-02-012023-01-310001535527srt:MinimumMembercrwd:PurchasedSoftwareMember2022-02-012023-01-310001535527crwd:PurchasedSoftwareMembersrt:MaximumMember2022-02-012023-01-310001535527us-gaap:SoftwareDevelopmentMember2022-02-012023-01-310001535527crwd:ServiceBasedRestrictedStockUnitsVestingMember2022-02-012023-01-310001535527crwd:PerformanceBasedStockUnitsMember2022-02-012023-01-310001535527crwd:EmployeeStockPurchasePlanMember2022-02-012023-01-310001535527us-gaap:ShareBasedCompensationAwardTrancheOneMember2022-02-012023-01-310001535527us-gaap:ShareBasedCompensationAwardTrancheTwoMember2022-02-012023-01-310001535527us-gaap:ShareBasedCompensationAwardTrancheThreeMember2022-02-012023-01-310001535527crwd:ShareBasedPaymentArrangementTrancheFourMember2022-02-012023-01-3100015355272022-12-012022-12-310001535527us-gaap:SeniorNotesMember2023-01-310001535527us-gaap:SeniorNotesMember2022-01-310001535527us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:FairValueInputsLevel3Memberus-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:FairValueInputsLevel3Memberus-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527crwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527crwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:FairValueInputsLevel3Membercrwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527crwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527crwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527crwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:FairValueInputsLevel3Membercrwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527crwd:DeferredCompensationInvestmentsMemberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:FairValueMeasurementsRecurringMember2023-01-310001535527us-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527us-gaap:FairValueMeasurementsRecurringMember2022-01-310001535527crwd:DataCenterAndOtherComputerEquipmentMember2023-01-310001535527crwd:DataCenterAndOtherComputerEquipmentMember2022-01-310001535527us-gaap:SoftwareDevelopmentMember2023-01-310001535527us-gaap:SoftwareDevelopmentMember2022-01-310001535527us-gaap:LeaseholdImprovementsMember2023-01-310001535527us-gaap:LeaseholdImprovementsMember2022-01-310001535527crwd:PurchasedSoftwareMember2023-01-310001535527crwd:PurchasedSoftwareMember2022-01-310001535527crwd:FurnitureAndEquipmentMember2023-01-310001535527crwd:FurnitureAndEquipmentMember2022-01-310001535527us-gaap:ConstructionInProgressMember2023-01-310001535527us-gaap:ConstructionInProgressMember2022-01-310001535527crwd:DataCenterAndOtherComputerEquipmentMember2022-02-012023-01-310001535527crwd:DataCenterAndOtherComputerEquipmentMember2021-02-012022-01-310001535527us-gaap:DevelopedTechnologyRightsMember2023-01-310001535527us-gaap:DevelopedTechnologyRightsMember2022-02-012023-01-310001535527us-gaap:CustomerRelationshipsMember2023-01-310001535527us-gaap:CustomerRelationshipsMember2022-02-012023-01-310001535527us-gaap:OtherIntangibleAssetsMember2023-01-310001535527us-gaap:OtherIntangibleAssetsMember2022-02-012023-01-310001535527us-gaap:DevelopedTechnologyRightsMember2022-01-310001535527us-gaap:DevelopedTechnologyRightsMember2021-02-012022-01-310001535527us-gaap:CustomerRelationshipsMember2022-01-310001535527us-gaap:CustomerRelationshipsMember2021-02-012022-01-310001535527us-gaap:OtherIntangibleAssetsMember2022-01-310001535527us-gaap:OtherIntangibleAssetsMember2021-02-012022-01-310001535527crwd:ReposifyLtdMember2022-02-012023-01-310001535527crwd:SecureCircleLLCMember2022-02-012023-01-310001535527us-gaap:OtherCurrentLiabilitiesMember2023-01-310001535527us-gaap:OtherCurrentLiabilitiesMember2022-01-310001535527us-gaap:RevolvingCreditFacilityMember2019-04-300001535527us-gaap:LetterOfCreditMember2019-04-300001535527crwd:SwinglineFacilityMember2019-04-300001535527us-gaap:RevolvingCreditFacilityMembercrwd:ARCreditAgreementMember2021-01-040001535527us-gaap:LetterOfCreditMembercrwd:ARCreditAgreementMember2021-01-040001535527crwd:SwinglineFacilityMembercrwd:ARCreditAgreementMember2021-01-040001535527us-gaap:FederalFundsEffectiveSwapRateMembercrwd:AlternateBaseRateLoansMembercrwd:ARCreditAgreementMember2022-01-062022-01-060001535527us-gaap:EurodollarMembercrwd:AlternateBaseRateLoansMembercrwd:ARCreditAgreementMember2022-01-062022-01-060001535527us-gaap:EurodollarMembersrt:MinimumMembercrwd:AlternateBaseRateLoansMembercrwd:ARCreditAgreementMember2022-01-062022-01-060001535527us-gaap:EurodollarMembercrwd:AlternateBaseRateLoansMembersrt:MaximumMembercrwd:ARCreditAgreementMember2022-01-062022-01-060001535527srt:MinimumMembercrwd:ARCreditAgreementMember2022-01-062022-01-060001535527crwd:ARCreditAgreementMembersrt:MaximumMember2022-01-062022-01-060001535527crwd:ARCreditAgreementMember2023-01-310001535527us-gaap:RevolvingCreditFacilityMember2023-01-310001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2021-01-200001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMemberus-gaap:DebtInstrumentRedemptionPeriodOneMembercrwd:PlusMakeWholePremiumMember2021-01-202021-01-200001535527crwd:ProceedsFromEquityOfferingProvidedPrincipalAmountOfRedemptionsDoesNotExceed40Memberus-gaap:SeniorNotesMembercrwd:A300SeniorNotesMemberus-gaap:DebtInstrumentRedemptionPeriodOneMember2021-01-202021-01-200001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMemberus-gaap:DebtInstrumentRedemptionPeriodTwoMember2021-01-202021-01-200001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMemberus-gaap:DebtInstrumentRedemptionPeriodThreeMember2021-01-202021-01-200001535527us-gaap:DebtInstrumentRedemptionPeriodFourMemberus-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2021-01-202021-01-200001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2021-01-202021-01-200001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2022-02-012023-01-310001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2021-02-012022-01-310001535527us-gaap:DebtInstrumentRedemptionPeriodFiveMemberus-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2021-01-202021-01-200001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2023-01-310001535527us-gaap:SeniorNotesMembercrwd:A300SeniorNotesMember2022-01-310001535527us-gaap:ForeignCountryMember2022-02-012023-01-310001535527us-gaap:ForeignCountryMember2021-02-012022-01-310001535527us-gaap:DomesticCountryMemberus-gaap:InternalRevenueServiceIRSMember2023-01-310001535527us-gaap:StateAndLocalJurisdictionMemberus-gaap:CaliforniaFranchiseTaxBoardMember2023-01-310001535527crwd:StatesExcludingCaliforniaMemberus-gaap:StateAndLocalJurisdictionMember2023-01-310001535527us-gaap:ForeignCountryMembercountry:GB2023-01-310001535527srt:MinimumMember2023-01-310001535527srt:MaximumMember2023-01-310001535527crwd:EquityIncentivePlan2019Memberus-gaap:CommonClassAMember2019-05-310001535527crwd:EquityIncentivePlan2019Memberus-gaap:CommonClassAMember2019-05-012019-05-310001535527us-gaap:EmployeeStockOptionMembersrt:MinimumMember2022-02-012023-01-310001535527us-gaap:EmployeeStockOptionMembersrt:MaximumMember2022-02-012023-01-310001535527us-gaap:EmployeeStockOptionMembersrt:MinimumMember2021-02-012022-01-310001535527us-gaap:EmployeeStockOptionMembersrt:MaximumMember2021-02-012022-01-310001535527us-gaap:EmployeeStockOptionMember2022-02-012023-01-310001535527us-gaap:EmployeeStockOptionMember2021-02-012022-01-310001535527us-gaap:EmployeeStockOptionMember2023-01-31crwd:tranche0001535527us-gaap:ShareBasedCompensationAwardTrancheOneMembercrwd:ServiceBasedRestrictedStockUnitsVestingMember2022-02-012023-01-31crwd:installment0001535527us-gaap:ShareBasedCompensationAwardTrancheTwoMembercrwd:ServiceBasedRestrictedStockUnitsVestingMember2022-02-012023-01-310001535527us-gaap:ShareBasedCompensationAwardTrancheThreeMembercrwd:ServiceBasedRestrictedStockUnitsVestingMember2022-02-012023-01-310001535527crwd:ShareBasedPaymentArrangementTrancheFourMembercrwd:ServiceBasedRestrictedStockUnitsVestingMember2022-02-012023-01-310001535527us-gaap:RestrictedStockUnitsRSUMember2023-01-310001535527us-gaap:RestrictedStockUnitsRSUMember2022-02-012023-01-310001535527crwd:PerformanceBasedStockUnitsMember2023-01-310001535527srt:ExecutiveOfficerMembercrwd:SpecialPerformanceBasedStockUnitsMember2022-02-012023-01-31crwd:day0001535527crwd:SpecialPerformanceBasedStockUnitsMemberus-gaap:ShareBasedCompensationAwardTrancheOneMember2022-02-012023-01-310001535527crwd:SpecialPerformanceBasedStockUnitsMember2022-02-012023-01-310001535527crwd:ShareBasedPaymentArrangementTrancheFourMembercrwd:SpecialPerformanceBasedStockUnitsMember2022-02-012023-01-310001535527crwd:ShareBasedPaymentArrangementTrancheFiveMembercrwd:SpecialPerformanceBasedStockUnitsMember2022-02-012023-01-310001535527us-gaap:ShareBasedCompensationAwardTrancheThreeMembercrwd:SpecialPerformanceBasedStockUnitsMember2022-02-012023-01-310001535527us-gaap:ShareBasedCompensationAwardTrancheTwoMembercrwd:SpecialPerformanceBasedStockUnitsMember2022-02-012023-01-310001535527srt:MinimumMembercrwd:SpecialPerformanceBasedStockUnitsMember2022-02-012023-01-310001535527crwd:SpecialPerformanceBasedStockUnitsMembersrt:MaximumMember2022-02-012023-01-310001535527crwd:SpecialPerformanceBasedStockUnitsMember2023-01-310001535527crwd:ShareBasedCompensationAwardOtherThanStockOptionsMember2022-01-310001535527crwd:ShareBasedCompensationAwardOtherThanStockOptionsMember2022-02-012023-01-310001535527crwd:ShareBasedCompensationAwardOtherThanStockOptionsMember2023-01-310001535527us-gaap:EmployeeStockMemberus-gaap:CommonClassAMember2019-05-310001535527us-gaap:EmployeeStockMember2019-05-012019-05-310001535527us-gaap:EmployeeStockMember2021-05-31crwd:purchase_period0001535527us-gaap:EmployeeStockMemberus-gaap:CommonClassAMember2019-05-012019-05-310001535527us-gaap:EmployeeStockMember2022-02-012023-01-31crwd:change_in_contribution0001535527us-gaap:EmployeeStockMembercrwd:RolloverFeatureMembersrt:ScenarioForecastMember2022-06-132024-12-120001535527us-gaap:EmployeeStockMember2023-01-310001535527us-gaap:EmployeeStockMember2022-01-310001535527us-gaap:EmployeeStockMembersrt:MinimumMember2022-02-012023-01-310001535527us-gaap:EmployeeStockMembersrt:MaximumMember2022-02-012023-01-310001535527us-gaap:EmployeeStockMembersrt:MinimumMember2021-02-012022-01-310001535527us-gaap:EmployeeStockMembersrt:MaximumMember2021-02-012022-01-310001535527us-gaap:EmployeeStockMembersrt:MinimumMember2020-02-012021-01-310001535527us-gaap:EmployeeStockMembersrt:MaximumMember2020-02-012021-01-310001535527us-gaap:EmployeeStockMember2021-02-012022-01-310001535527us-gaap:EmployeeStockMember2020-02-012021-01-310001535527us-gaap:CostOfSalesMemberus-gaap:SubscriptionAndCirculationMember2022-02-012023-01-310001535527us-gaap:CostOfSalesMemberus-gaap:SubscriptionAndCirculationMember2021-02-012022-01-310001535527us-gaap:CostOfSalesMemberus-gaap:SubscriptionAndCirculationMember2020-02-012021-01-310001535527crwd:ProfessionalServicesMemberus-gaap:CostOfSalesMember2022-02-012023-01-310001535527crwd:ProfessionalServicesMemberus-gaap:CostOfSalesMember2021-02-012022-01-310001535527crwd:ProfessionalServicesMemberus-gaap:CostOfSalesMember2020-02-012021-01-310001535527us-gaap:SellingAndMarketingExpenseMember2022-02-012023-01-310001535527us-gaap:SellingAndMarketingExpenseMember2021-02-012022-01-310001535527us-gaap:SellingAndMarketingExpenseMember2020-02-012021-01-310001535527us-gaap:ResearchAndDevelopmentExpenseMember2022-02-012023-01-310001535527us-gaap:ResearchAndDevelopmentExpenseMember2021-02-012022-01-310001535527us-gaap:ResearchAndDevelopmentExpenseMember2020-02-012021-01-310001535527us-gaap:GeneralAndAdministrativeExpenseMember2022-02-012023-01-310001535527us-gaap:GeneralAndAdministrativeExpenseMember2021-02-012022-01-310001535527us-gaap:GeneralAndAdministrativeExpenseMember2020-02-012021-01-310001535527us-gaap:ShareBasedCompensationAwardTrancheOneMembercrwd:ServiceBasedRestrictedStockUnitsVestingMember2022-11-012023-01-310001535527us-gaap:SalesChannelThroughIntermediaryMember2022-02-012023-01-310001535527us-gaap:SalesChannelThroughIntermediaryMember2021-02-012022-01-310001535527us-gaap:SalesChannelThroughIntermediaryMember2020-02-012021-01-310001535527us-gaap:SalesChannelDirectlyToConsumerMember2022-02-012023-01-310001535527us-gaap:SalesChannelDirectlyToConsumerMember2021-02-012022-01-310001535527us-gaap:SalesChannelDirectlyToConsumerMember2020-02-012021-01-310001535527country:US2022-02-012023-01-310001535527country:US2021-02-012022-01-310001535527country:US2020-02-012021-01-310001535527us-gaap:EMEAMember2022-02-012023-01-310001535527us-gaap:EMEAMember2021-02-012022-01-310001535527us-gaap:EMEAMember2020-02-012021-01-310001535527srt:AsiaPacificMember2022-02-012023-01-310001535527srt:AsiaPacificMember2021-02-012022-01-310001535527srt:AsiaPacificMember2020-02-012021-01-310001535527crwd:OtherCountriesMember2022-02-012023-01-310001535527crwd:OtherCountriesMember2021-02-012022-01-310001535527crwd:OtherCountriesMember2020-02-012021-01-3100015355272023-02-012023-01-3100015355272024-02-012023-01-310001535527srt:MinimumMember2024-02-012023-01-3100015355272024-02-01srt:MaximumMember2023-01-310001535527crwd:AmazonWebServicesMember2021-10-012021-10-310001535527crwd:AmazonWebServicesMember2023-01-310001535527us-gaap:StandbyLettersOfCreditMemberstpr:CA2023-01-310001535527us-gaap:StandbyLettersOfCreditMemberstpr:CA2022-01-310001535527stpr:TXus-gaap:StandbyLettersOfCreditMember2023-01-3100015355272022-03-012022-03-31crwd:patent00015355272022-05-012022-05-3100015355272022-09-012022-09-300001535527country:US2023-01-310001535527country:US2022-01-310001535527country:DE2023-01-310001535527country:DE2022-01-310001535527us-gaap:NonUsMember2023-01-310001535527us-gaap:NonUsMember2022-01-310001535527crwd:ReposifyLtdMember2022-10-030001535527crwd:ReposifyLtdMember2022-10-032022-10-0300015355272022-10-032022-10-030001535527us-gaap:DevelopedTechnologyRightsMembercrwd:ReposifyLtdMember2022-10-032022-10-030001535527crwd:SecureCircleMember2021-11-290001535527crwd:SecureCircleMember2021-11-292021-11-2900015355272021-11-292021-11-290001535527us-gaap:DevelopedTechnologyRightsMembercrwd:SecureCircleMember2021-11-290001535527us-gaap:DevelopedTechnologyRightsMembercrwd:SecureCircleMember2021-11-292021-11-290001535527us-gaap:CustomerRelationshipsMembercrwd:SecureCircleMember2021-11-290001535527us-gaap:CustomerRelationshipsMembercrwd:SecureCircleMember2021-11-292021-11-290001535527crwd:HumioLimitedMember2021-03-050001535527crwd:HumioLimitedMember2021-03-052021-03-0500015355272021-03-052021-03-050001535527us-gaap:DevelopedTechnologyRightsMembercrwd:HumioLimitedMember2021-03-050001535527us-gaap:DevelopedTechnologyRightsMembercrwd:HumioLimitedMember2021-03-052021-03-050001535527us-gaap:CustomerRelationshipsMembercrwd:HumioLimitedMember2021-03-050001535527us-gaap:CustomerRelationshipsMembercrwd:HumioLimitedMember2021-03-052021-03-050001535527us-gaap:TradeNamesMembercrwd:HumioLimitedMember2021-03-050001535527us-gaap:TradeNamesMembercrwd:HumioLimitedMember2021-03-052021-03-050001535527crwd:StockRepurchaseFromOutstandingStockOptionsMember2022-02-012023-01-310001535527crwd:StockRepurchaseFromOutstandingStockOptionsMember2021-02-012022-01-310001535527crwd:StockRepurchaseFromOutstandingStockOptionsMember2020-02-012021-01-310001535527crwd:RSUAndPSUMember2022-02-012023-01-310001535527crwd:RSUAndPSUMember2021-02-012022-01-310001535527crwd:RSUAndPSUMember2020-02-012021-01-310001535527us-gaap:EmployeeStockOptionMember2022-02-012023-01-310001535527us-gaap:EmployeeStockOptionMember2021-02-012022-01-310001535527us-gaap:EmployeeStockOptionMember2020-02-012021-01-310001535527us-gaap:EmployeeStockMember2022-02-012023-01-310001535527us-gaap:EmployeeStockMember2021-02-012022-01-310001535527us-gaap:EmployeeStockMember2020-02-012021-01-31

(Mark One)

☑			ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

OR

☐			TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

___________________________________________________________________________________________________

Delaware

45-3788918

(State or other jurisdiction of incorporation or organization)

(I.R.S. Employer Identification Number)

Securities registered pursuant to Section 12(b) of the Act:

Title of each class of securities			Trading symbol(s)			Name of each exchange on which registered
Class A common stock, par value $0.0005 per share			CRWD			The Nasdaq Stock Market LLC
						(Nasdaq Global Select Market)

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act of 1933, as amended. Yes ☑  No ☐

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ☐ No ☑

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☑  No ☐

Indicate by check mark whether the registrant has submitted electronically every interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files) Yes ☑    No ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

Large Accelerated Filer			☑			Accelerated Filer			☐
Non-accelerated Filer			☐			Smaller reporting company			☐
						Emerging growth company			☐

TABLE OF CONTENTS

						Page No.
			Part I
Item 1.			Business			4
Item 1A.			Risk Factors			20
Item 1B.			Unresolved Staff Comments			53
Item 2.			Properties			53
Item 3.			Legal Proceedings			53
Item 4.			Mine Safety Disclosures			54
			Part II
Item 5.			Market for Registrant’s Common Equity, Related Stockholder Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities and Issuer Purchases of Equity Securities			55
Item 6.			[Reserved]			56
Item 7.			Management’s Discussion and Analysis of Financial Condition and Results of Operations			57
Item 7A.			Quantitative and Qualitative Disclosures about Market Risk			72
Item 8.			Financial Statements and Supplementary Data			73
Item 9.			Changes in and Disagreements with Accountants on Accounting and Financial Disclosure			109
Item 9A.			Controls and Procedures			110
Item 9B.			Other Information			111
Item 9C.			Disclosure Regarding Foreign Jurisdictions That Prevent Inspections			111
			Part III
Item 10.			Directors, Executive Officers and Corporate Governance			111
Item 11.			Executive Compensation			111
Item 12.			Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters			111
Item 13.			Certain Relationships and Related Transactions and Director Independence			111
Item 14.			Principal Accountant Fees and Services			111
			Part IV
Item 15.			Exhibits, Financial Statement Schedules			111
Item 16.			Form 10-K Summary			112
			Signatures			116
			Power of Attorney			117

•our future financial performance, including our expectations regarding our revenue, cost of revenue, gross profit or gross margin, operating expenses (including changes in sales and marketing, research and development, and general and administrative expenses), and our ability to achieve, and maintain, future profitability;

•market acceptance of our cloud platform;

•the effects of increased competition in our markets and our ability to compete effectively;

•our ability to maintain the security and availability of our cloud platform;

•our ability to maintain and expand our customer base, including by attracting new customers;

•our ability to develop new solutions, or enhancements to our existing solutions, and bring them to market in a timely manner;

•anticipated trends, growth rates and challenges in our business and in the markets in which we operate;

•the impact of the COVID-19 pandemic on our operations, financial results, and liquidity and capital resources, including on customers, sales, expenses, and employees;

•our business plan and our ability to effectively manage our growth and associated investments;

•beliefs and objectives for future operations;

•our relationships with third parties, including channel partners and technology alliance partners;

•our ability to maintain, protect and enhance our intellectual property rights;

•our ability to successfully defend litigation brought against us;

•our ability to successfully expand in our existing markets and into new markets;

•sufficiency of cash and cash equivalents to meet cash needs for at least the next 12 months;

•our ability to expand internationally;

•our ability to comply with laws and regulations that currently apply or become applicable to our business both in the United States and internationally;

•our ability to develop, maintain, and improve our internal control over financial reporting;

•macroeconomic factors, including inflation and instability in the global credit and financial markets;

•our ability to successfully close and integrate acquisitions to contribute to our growth objectives; and

•the attraction and retention of qualified employees and key personnel.

•The Increasing Sophistication and Disruption of Cybersecurity Threats: The sophistication of adversaries continues to increase as militaries and intelligence services of well-funded nation-states, technically advanced criminal organizations and hackers use advanced, easily obtained methods of attack – including non-malware based attacks that exploit user identities and credentials. These attacks are pervasive, targeting a broad range of industries including technology, transportation, healthcare, financial services, governments and political organizations, utility, retail, and public infrastructure. The number and scale of attacks continue to increase. The typical attack cycle starts with attackers attempting to penetrate endpoints to establish a beachhead. Once inside, adversaries steal and exploit legitimate credentials to escalate privileges, move laterally and progress and attack, often downloading malware or ransomware. At this stage in the threat lifecycle, the adversary is able to encrypt, destroy, or silently exfiltrate sensitive data.

•An Expanded Attack Surface Driven By Hybrid and Remote Workforces: Organizations everywhere are embracing digital transformation and are becoming more distributed as they adopt the cloud, increase workforce mobility, and grow their number of connected devices. They are adding more workloads to a myriad of different endpoints beyond the traditional cybersecurity perimeter, exposing an increasingly broad attack surface to adversaries. This existing trend was accelerated significantly with the need to support an increasingly remote workforce in 2020 due to the COVID-19 pandemic and we believe this trend continues today. In addition, technologies like Cloud and Containers are being adopted quickly, but rather than becoming full-scale replacements, they are often being used as supplements to existing on-premise, bare metal, and virtualized workloads.

•A Growing Cyber Skills Gap: Trained cybersecurity professionals are in high demand, and organizations continue to face a dire shortage of talent to fill much needed cybersecurity positions. As a result, existing cybersecurity teams are often overwhelmed by the velocity of cyberattacks. Adversaries exploit this vacuum by continuing to accelerate their sophisticated attacks.

•The Need to Reduce Complexity and Simplify Security Operations: Organizations are increasingly looking to reduce the complexity of their security and IT stack. Modern security requires fewer point products, fewer agents and technologies that consume fewer resources. Increasingly, organizations are looking to standardize on trusted platforms that deliver an immediate return on investment and lower total cost of ownership.

•On-Premise Security and Bolt-On Cloud Products That Lead to Constrained and Impacted Users: On-premise products are siloed, lack integration, and have limited ability to collect, process, and analyze vast amounts of data—attributes that are required to be effective in today’s increasingly dynamic threat landscape. Meanwhile, these solutions often require more agents on the endpoint as new capabilities are patchworked together, which can have a dramatic negative impact on user performance.

•Legacy Signature-Based Products That Are Not Effective Against Unknown Threats: Signature-based products are designed to detect attacks that are already cataloged as previously identified threats. As a result, such products are fundamentally unable to prevent unknown threats resulting from shifts in attacker tradecraft. It often only takes a slight modification on the part of the attacker to bypass signatures. Many significant breaches seen in the last two decades have involved the failure of a legacy signature-based antivirus product to detect a previously unknown or modified version of a previously known attack.

•Malware-Focused Machine Learning Products That Miss Sophisticated Attacks: Traditionally, organizations have focused on protecting their networks and endpoints against malware-based attacks. These attacks involve malware built for the specific purpose of performing malicious activities, stealing data, or destroying systems. We have observed that over 60% of attacks comprise non-malware, hands-on-keyboard activity. Therefore, a malware-centric defensive approach will leave the organization vulnerable to attacks that do not leverage malware.

•Application Whitelisting Products That Are Ineffective: Application whitelisting products resort to an “always allow” or “always block” policy on an endpoint to allow or prevent processes from executing. Whitelisting relies in part on manually creating and maintaining a complex list of rules, burdening end users and IT organizations. This does not prevent fileless attacks from exploiting legitimate whitelisted applications, compromising the integrity of the whitelisting product.

•The Power of the Crowd: Our crowdsourced data enables every customer to benefit from contributing to the Security Cloud. As more high fidelity data is fed into our Security Cloud, our AI models continue to train and improve, increasing the overall efficacy of the Falcon platform. This creates a powerful network effect that is a key differentiator in our efforts to gain more customers. The Threat Graph is able to contextualize and turn this data into action, automatically delivering protection to every customer.

•High Efficacy, Low False Positives: The vast telemetry of the Security Cloud and the best practices employed in continually training our AI models results in industry-leading efficacy rates and low false positives.

•Consolidation of Siloed Products: Integrating and maintaining numerous security products creates blind spots that attackers can exploit, is costly to maintain and negatively impacts user performance. Our cloud-native platform approach gives customers a unified approach to address their most critical areas of risk seamlessly. We empower customers to rapidly deploy and scale industry leading technologies across endpoint detection and response (“EDR”) and Extended Detection and Response (“XDR”), Identity Threat Protection, Threat Intelligence, ITSecOps and Risk, Cloud Security, and Modern Log Management from a single platform.

•Reducing Agent Bloat: Our single intelligent lightweight agent enables frictionless deployment of our platform at scale, enabling customers to rapidly adopt our technology across any type of workload running on a variety of endpoints. The agent is non-intrusive to the end user, requires no reboots and continues to protect the endpoint and track activity even when offline. Through our single lightweight agent approach, customers can adopt multiple platform modules to address their critical areas of risk without burdening the endpoint with multiple agents. Legacy approaches often require multiple agents as they layer on new capabilities. This can severely impact user performance and create barriers to security.

•Rapid Time to Value: Our cloud-native platform was built to rapidly scale industry leading protection across the entire enterprise, eliminating the lengthy implementation periods, and professional services engagements that next-gen and legacy competitors require. Our single agent approach enables us to activate new modules in real time.

•Elite Security Teams as a Force Multiplier: As adversaries continue to employ sophisticated non-malware attacks that exploit user credentials and identities, automation and autonomous security are no longer sufficient on their own. Stopping today’s sophisticated attacks requires a combination of powerful automation and elite threat hunting. Falcon Complete provides a comprehensive monitoring, management, response, and remediation solution to our customers and is designed to bring enterprise level security to companies that may lack enterprise level resources.

•Alleviating the Skills Shortage through Automation: CrowdStrike automates manual tasks to free security teams to focus on their most important job – stopping the breach. Our Falcon Fusion module automates workflows to reduce the need to switch between different security tools and tasks, while our Falcon Insight XDR module provides a unified solution that enables security teams to rapidly and efficiently identify, hunt, and eliminate threats across multiple security domains.

•Lower Total Cost of Ownership: Our cloud-native platform eliminates our customers’ need for initial or ongoing purchases of hardware and does not require their personnel to configure, implement or integrate disparate point products. Additionally, our comprehensive platform reduces overall personnel costs associated with ongoing maintenance, as well as the need for software patches and upgrades for separate products.

•Falcon Cloud Workload Protection—Cloud Runtime Protection. Falcon Cloud Workload Protection provides comprehensive breach protection at run-time for workloads and containers as well as detecting vulnerabilities before services and images are deployed. Falcon Cloud Workload Protection reduces the attack surface by automatically detecting vulnerabilities, hidden malware, secrets, keys, and more, enabling customers to build, run, and deploy secure applications with speed and confidence.

•Falcon Horizon—Cloud Security Posture Management. Falcon Horizon delivers unified visibility, threat detection, and continuous monitoring and compliance for multi-cloud environments. Falcon Horizon automates the process to detect cloud related misconfigurations, vulnerabilities, and identity-based risks, providing step-by-step remediation and giving developers guardrails to avoid costly mistakes.

•Discover for Cloud and Containers—Cloud Service Discovery. Discover for Cloud and Containers delivers comprehensive visibility of cloud assets, security configurations, workloads and containers across multi-cloud environments so customers can mitigate risks and reduce their attack surface.

•Falcon Prevent—Next-Generation Antivirus. Falcon Prevent provides next-generation antivirus capabilities to customers, delivering comprehensive protection to defend customers against both malware and fileless attacks.

•Falcon Insight XDR—Endpoint Detection and Response. With industry-leading EDR at its core, Falcon Insight XDR synthesizes cross-domain telemetry and activates extended capabilities with one unified, threat-centric command console to unlock cross-domain detections, investigations and responses across the security stack.

•Falcon Device Control—Device Control. Falcon Device Control provides administrators with a high degree of visibility and granular control of USB peripheral devices.

•Falcon Firewall Management—Host Firewall Management. Falcon Firewall Management provides centralized management of the firewall capabilities native to the host operating system, allowing customers to create, enforce, and maintain host firewall policies.

•Falcon Discover—IT Hygiene and IoT. Falcon Discover identifies rogue systems and applications in our customers’ networks, and monitors the use of privileged user accounts anywhere in a customer’s environments. The module also enables use cases outside of security, such as application license management, Amazon Web Services (“AWS”) spend analysis, and asset inventory. New enhancements in Falcon Discover for IoT minimize risk for IoT/OT (“Other Technology”) devices with comprehensive asset visibility, monitoring, and security hygiene.

•Falcon Spotlight—Vulnerability Management. Falcon Spotlight identifies vulnerabilities in real time that exist across our customer endpoints. The module does not depend on scanning systems for vulnerabilities, a process that can often take days or weeks for an enterprise, and instead leverages data already collected by our agent to provide instant and accurate real-time visibility into an enterprise’s vulnerability exposure.

•Falcon Forensics—Forensic Data for Analysis of Cybersecurity Incidents. Based on years of incident response experience and forensics investigative services from CrowdStrike’s leading services team, Falcon Forensics streamlines the collection of point-in-time and historic forensic triage data for robust analysis of cybersecurity incidents, threat hunting as well as enabling responders to quickly identify relevant evidence of an intrusion with preset dashboards, allowing for rapid investigation, triage and remediation.

•Falcon FileVantage—File Integrity Monitoring. Falcon FileVantage reduces compliance complexity by building in the services an additional agent would normally provide, including being able to monitor all files on the protected systems. This in turn provides alerts and reports to help meet various compliance requirements imposed by the Payment Card Industry (“PCI”), the Center for Internet Security (“CIS”) Controls, and Sarbanes-Oxley.

•Falcon Complete—Turnkey Security Solution. Falcon Complete provides comprehensive monitoring, management, response, and remediation solution to our customers and is designed to bring enterprise level security to companies that may lack enterprise level resources. It is backed by an underwritten limited warranty policy for breaches. We also offer Falcon Cloud Workload Protection Complete, Falcon Identity Threat Protection Complete, and Falcon Complete LogScale as add-ons to our Falcon Complete solution to extend its capabilities to include our cloud workload protection, identity protection, and log management modules.

•Falcon OverWatch—Threat Hunting. Falcon OverWatch is a threat hunting solution that consists of an elite team of dedicated security experts who work with the power of Threat Graph to proactively hunt on telemetry collected in the platform around the clock 24/7/365 to identify novel threats and attacks that might otherwise go unnoticed by security teams and the tools they use to monitor and detect advancing new threats in support of our customers.

•Falcon Intelligence—Threat Intelligence. Falcon Intelligence integrates threat intelligence into endpoint protection and provides automated analysis of detected threats to provide insight into the capabilities, motivation and attribution of attacks. In addition to the standard Falcon Intelligence offering, we also offer premium options that include global threat research and reporting from our team of intelligence analysts.

•Falcon Search Engine—Malware Search. Falcon Search Engine enables customers to search in real time across over 8 petabytes of malware collected in our Falcon platform and indexed by our proprietary binary data indexing technology.

•Falcon Sandbox—Malware Analysis. Falcon Sandbox allows our customers to analyze unknown files for malicious behavior by detonating them safely in virtual machines.

•Falcon Intelligence Recon—Situational Awareness. Falcon Intelligence Recon allows our customers to identify and mitigate digital risks on the hidden areas of the clear, deep and dark web. These risks include, but are not limited to, digital fraud, data theft exposure, social media impersonations.

•Falcon Surface—External Attack Surface Management. Falcon Surface (previously, Reposify) allows customers to discover and map all internet-facing assets to shut down potential exposures with guided mitigation plans to reduce the attack surface and organizational risk.

•Falcon Identity Threat Protection—Zero Trust Security. Falcon Identity Threat Protection provides frictionless Zero Trust security with real-time threat prevention and IT policy enforcement using identity, behavioral and risk analytics.

•Falcon Identity Threat Detection—Identity Threat Detection. Falcon Identity Threat Detection provides visibility for identity-based attacks and anomalies, comparing live traffic against behavior baselines and rules to detect attacks and lateral movement.

•Falcon LogScale—Log Management. Falcon LogScale is a high-performance, index-free cloud log management solution that allows customers to collect logs from any data source and to search and query streaming data in real-time.

•Growing Our Customer Base by Replacing Legacy and Other Endpoint Security Products. Given the limitations of existing legacy and other endpoint security products, many organizations are replacing their existing legacy and other endpoint security products with our Falcon platform. We grew our subscription customer base by 6,694 customers from 16,325 at January 31, 2022, to 23,019 at January 31, 2023, representing a 41% increase. We will continue to invest in customer acquisition programs, including our channel partnerships and new programs, like our free trial program of Falcon Prevent that is easily downloaded from our website and AWS Marketplace.

•Further Penetrating Existing Customers. Our growth will depend in part on our ability to continue to expand our relationships with our customers by deploying on additional endpoints in their environment and cross selling more cloud modules. When customers deploy our lightweight agent, they can easily add additional cloud modules. We also offer in-application trial usage of additional modules to cross-sell to existing customers. While some new customers initially deploy our Falcon platform broadly across the organization, others elect to deploy only in selected business units and later deploy on additional endpoints and subscribe to additional modules. Over time, we seek to deploy our solution enterprise-wide for all customers. The power of our land-and-expand strategy is evidenced by our 125.3% dollar-based net retention rate as of January 31, 2023.

•Leveraging Our Falcon Platform to Enter New Markets. Because we leverage a single data model and open cloud architecture, we are uniquely positioned to continue innovating and rapidly deploying new cloud modules on our platform. For example, Falcon Discover includes use cases outside of security, such as application license management, AWS spend analysis, and asset inventory. Because our lightweight agent collects diverse endpoint data once for repeated use, we can expand our addressable market by rapidly adding new cloud modules that leverage this data. We intend to continue to develop new cloud modules for broader endpoint use cases.

•Broadening Our Reach into New Customer Segments. While we initially targeted large sophisticated enterprises, we have expanded our go-to-market efforts to include customers of all sizes with a dedicated inside sales team focused on smaller organizations. We also released Falcon Complete in 2018, our turnkey solution that combines the most popular cloud modules of our Falcon platform with our remediation and response capabilities, to create a solution for customers with limited or no internal security expertise. As a result, we can sell our Falcon platform to the largest enterprises or smallest businesses with any level of security sophistication and budget. We continue to look for new ways to broaden our reach into new customer segments.

•Broadening Our Reach into U.S. Public Sector Verticals. We continue to invest heavily in the acquisition of customers in the U.S. federal government as well as the state, local, and higher education verticals. Our platform is authorized by several federal agencies via the Federal Risk and Authorization Management Program (“FedRAMP”). Additionally, Department of Defense organizations can rely upon CrowdStrike’s Impact Level 4 provisional authorization to satisfy their cloud-based security requirements. To further meet the compliance demands of the government, customers can elect to deploy the Falcon platform in the AWS GovCloud. We have also successfully been embedded into several strategic government-wide cybersecurity programs and contracts, such as the Department of Homeland Security’s Continuous Diagnostics and Mitigation Approved Products List, which serves to provide federal agencies with innovative security tools. As a result, the Cybersecurity and Infrastructure Security Agency has leveraged a significant investment in our platform to support modernization efforts within the Federal Civilian Executive Branch. Further evidence of our progress into these critical markets is demonstrated by virtue of fact that 22 of the 50 U.S. states have standardized on CrowdStrike’s platform at the enterprise level.

•Expanding Our International Footprint. We are expanding our international operations and intend to invest globally to broaden our international footprint. We grew our international revenue from $405.1 million for fiscal 2022 to $677.7 million for fiscal 2023, representing an increase of 67%. We intend to grow our international customer base by increasing our investments in our overseas operations, including adding headcount in Europe, the Middle East, Asia-Pacific, including Japan, and expanding current data centers overseas.

•Extending Our Falcon Platform and Ecosystem. We designed our architecture to be open, interoperable, and highly extensible. We launched the CrowdStrike Store, the first open cloud-based application PaaS for cybersecurity, which allows customers to purchase CrowdStrike products and provides an ecosystem of trusted partners and applications for our customers to choose from. We plan to continue investing in the CrowdStrike Store to empower our partners by making it easier to build applications and to enable our customers to more easily discover, try, and purchase additional cloud modules from both trusted partners and us.

Cloud Native Architecture. We built the Falcon platform entirely in and for the cloud, enabling collection and analysis of a massive, crowdsourced dataset from all of our customers to stop breaches. Our platform is designed to be redundant, resilient, and high performing. Delivering security from the cloud enables agility, ease of use, and protection for workloads on a variety of endpoints wherever they are located. As customer adoption grows, the network effect of each additional endpoint added to the Falcon platform will amplify the breadth and depth of our dataset and intelligence.

Falcon Agent. We designed an intelligent lightweight agent that is installed on each endpoint or cloud workload. This agent incorporates identification and prevention of known malware, machine learning for unknown malware, exploit blocking and advanced behavioral techniques, to protect workloads across all endpoints while capturing and recording high fidelity endpoint data. Our agent continues to protect workloads running on endpoints even when offline. The agent recommences transmitting data to our Falcon platform when the connection to the cloud has been re-established. Our lightweight agent is built to support Windows, Mac, and Linux operating systems. The agent is hardened against attacks and uses a combination of kernel and user-mode modules to collect high fidelity endpoint events as they take place on a system. It correlates these events with a local situational model on the endpoint, analyzes via agent-based machine learning models and is capable of taking a variety of preventative and responsive actions on the endpoint, either automatically or via human control. Events are streamed by the agent to the cloud in real time in order to be further analyzed in the Threat Graph, where additional correlation and AI algorithms can be applied. The agent is also capable of being remotely reconfigured in real time based on analytics in our cloud platform in order to collect and analyze different events or take other actions.

Threat Graph. Threat Graph is our proprietary, powerful, and dynamic graph database. Threat Graph continually looks for malicious activity by combining AI with behavioral pattern-matching techniques to look beyond file features and track the behaviors of every software program executed on an endpoint in a customer’s network environment. By applying powerful graph analytics and AI algorithms to cybersecurity, we enrich the data collected with our proprietary and third-party threat intelligence, such as adversary capabilities, motivations, attributions, and threat indicators. The graph data model allows our AI algorithms to identify relationships between events that are not directly related but which could indicate an attack that would otherwise remain undetected. We believe that our AI algorithms are advantaged by the rich proprietary dataset that we use to train them. Threat Graph provides customers with complete real time and historical visibility and insight into events occurring on their endpoints for hunting and searching.

Intel Graph. Intel Graph analyzes and correlates massive amounts of data on adversaries, their victims and their tools, providing unrivaled insights into the shifts in tactics and techniques, powering our adversary-focused approach with world-class threat intelligence.

Asset Graph. Asset Graph dynamically monitors and tracks the complex interactions among assets, providing a single holistic view of the risks those assets pose. Asset Graph provides graph visualizations of the relationships among all assets such as devices, users, accounts, cloud workloads, and OT along with the rich context necessary for proper security hygiene and proactive security posture management to reduce risk in their organizations.

High Fidelity Data and Smart Filtering. Absent an intelligent agent, a typical endpoint generates approximately 100 gigabytes of unfiltered system event data per day. After this data is compressed, or data shaped, a typical enterprise organization with 100,000 endpoints would generate over one petabyte of endpoint events daily. The presence of a local graph model in our agent enables it to track the state of the machine in real time, perform rapid machine learning and behavioral analysis, and provide efficient event streaming to the cloud. We call this “smart filtering.” This allows us to keep performance overhead on the endpoint to a minimum, dramatically reduce the bandwidth required for agent-cloud communication, efficiently process large volumes of data, and separate signals from noise. The Falcon agent collects and analyzes unfiltered data with local machine learning and behavioral algorithms on the endpoint but only streams high fidelity endpoint events to the cloud to only send what is necessary for detection, prevention and investigation of attacks. This smart filtering architecture allows us to reduce network load for customers on average between five to eight megabytes per endpoint per day. The Falcon platform collects an array of high fidelity endpoint events, such as code execution, network, file system and user activity. This information can be used for a variety of use cases beyond security, such as IT operations and vulnerability management.

Management Interface. The Falcon platform management interface gives customers an intuitive and informative view of their complete environment, with timely alerts and detailed search capabilities. We provide real-time endpoint and cloud workload visibility to allow customers to review details and respond to threats instantly and effectively, from anywhere, and maintain an index of these events for future use.

APIs and Integrations. Our Falcon platform and architecture is built around a rich set of APIs that efficiently and effectively complement and expand a customer’s existing security infrastructure, such as security information event management, or SIEMs, and intrusion prevention systems and intrusion detection systems. The platform includes streaming, query and batch APIs allowing customers and partners to integrate a variety of solutions seamlessly. It also includes rich management and control APIs. The platform allows third parties to develop additional cloud modules and features, furthering the power of the Falcon platform. By connecting existing security systems to the Falcon platform, we allow our customers to further leverage their security investments.

•Incident Response and Forensics Services. Our incident response services typically begin by deploying our lightweight agent to a customer’s endpoints or cloud workloads to provide comprehensive visibility in order to determine if an attacker is currently in the environment, what assets have been compromised, and how much damage has been done. The full suite of Falcon platform’s next-gen prevention capabilities, cloud posture management, vulnerability/asset management, identity protection and now attack surface management offerings can also be leveraged to enrich the response team’s visibility and understanding of the attack as well as help to slow down and prevent an active attacker from moving at-will throughout a compromised customer’s environment, increasing the risk and potential damage to the customer. We also provide customized surgical remediation services by providing the tools and staffing to eject attackers out of the network, lock down credentials from further use, remediate impacted systems and ensure adversaries stay out. In addition to providing valuable breach remediation to our customers, our incident response services also act as a strong lead generation engine for our Falcon platform and cloud modules. After experiencing the benefits of our platform firsthand, many of our incident response customers become subscription customers. Among organizations who first became a customer after February 1, 2021, for each $1.00 spent by those

•Technical Assessment and Strategic Advisory Services. Our proactive security services include technical assessment services designed to help organizations understand their cyber maturity levels. These services include both endpoint and cloud workload compromise assessments, cybersecurity maturity assessments, security program in-depth assessments, service organization control assessments, IT hygiene assessments, and active directory security assessments. We also advise customers on readiness and preparation through the execution of table-top exercises, live fire exercises, red team/blue team assessments, and advanced adversary emulation exercises. These services are designed to evaluate our customers’ security profile so they can identify areas of vulnerability, secure their network, and improve their response if their defenses are breached.

•Training. We offer training and certification services to customers and partners on CrowdStrike technologies and cybersecurity topics to facilitate the adoption of CrowdStrike and to broaden and deepen their skills. CrowdStrike University is an online learning management system that organizes all CrowdStrike e-learning, instructor-led training and certification preparation courses in one place, providing a personalized learning experience for individuals who have an active training subscription. CrowdStrike currently offers proctored exam certifications through industry leading training partner Pearson Vue for its CrowdStrike Certified Falcon Administrator (“CCFA”), CrowdStrike Certified Falcon Responder (“CCFR”), and CrowdStrike Certified Falcon Hunter (“CCFH”) programs.

•legacy antivirus product providers who offer a broad range of approaches and solutions including traditional signature-based antivirus protection;

•alternative endpoint security providers who generally offer a mix of on-premises and cloud-hosted products that rely heavily on malware-only or application whitelisting techniques;

•network security vendors who are supplementing their core perimeter-based offerings with endpoint security solutions; and

•professional service providers who offer cybersecurity response services.

•ability to offer a unified and modular platform that enables rapid innovation, scaling, and deployment;

•ability to identify security threats and prevent security breaches;

•ability to integrate with other participants in the security ecosystem;

•time to value, price, and total cost of ownership;

•brand awareness, reputation, and trust in the provider’s services;

•strength of sales, marketing, and channel partner relationships; and

•customer support, incident response, and proactive services.

Intellectual Property

Backlog

Seasonality

Human Capital Resources

As of January 31, 2023, we had 7,273 full-time employees. We also engage temporary employees and consultants as needed to support our operations. None of our employees in the United States are represented by a labor union or subject to a collective bargaining agreement. In certain countries in which we operate, we are subject to local labor law requirements which may automatically make our employees subject to industry-wide collective bargaining agreements. We have not experienced any work stoppages, and we consider our relations with our employees to be good.

•Competitive pay and benefits

•Flexible working arrangements

•Women of CrowdStrike

•Veterans of CrowdStrike

•Pride Team (LGBTQ)

•Green Team (Sustainability)

•Team BELIEVE (Black employees)

•AbilityStrikers (Cognitive and physical disabilities)

•Communidad (Latine and Hispanic employees)

•Network and build community with people with similar interests, life circumstances or backgrounds.

•Serve as champions for inclusion and belonging at CrowdStrike and help identify opportunities for us to become more inclusive.

•Identify initiatives and best practices throughout the organization and make recommendations to the business to help spark and facilitate change.

Information about our Executive Officers

Name

Age

Position

George Kurtz

52

President, Chief Executive Officer and Director

Burt W. Podbere

57

Chief Financial Officer

Shawn Henry

60

Chief Security Officer

Michael Sentonas

49

President

•We have experienced rapid growth in recent periods, and if we do not manage our future growth, our business and results of operations will be adversely affected.

•We have a history of losses and may not be able to achieve or sustain profitability in the future.

•If organizations do not adopt cloud-based SaaS-delivered endpoint security solutions, our ability to grow our business and results of operations may be adversely affected.

•If we are unable to successfully enhance our existing products and services and introduce new products and services in response to rapid technological changes and market developments as well as evolving security threats, our competitive position and prospects will be harmed.

•If we are unable to attract new customers, our future results of operations could be harmed.

•If our customers do not renew their subscriptions for our products and add additional cloud modules to their subscriptions, our future results of operations could be harmed.

•Our sales cycles can be long and unpredictable, and our sales efforts require considerable time and expense,

•We face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition, and results of operations.

•If our solutions fail or are perceived to fail to detect or prevent incidents or have or are perceived to have defects, errors, or vulnerabilities, our brand and reputation would be harmed, which would adversely affect our business and results of operations.

•As a cybersecurity provider, we have been, and expect to continue to be, a target of cyberattacks. If our internal networks, systems, or data are or are perceived to have been breached, our reputation may be damaged and our financial results may be negatively affected.

•We rely on third-party data centers, such as Amazon Web Services, and our own colocation data centers, to host and operate our Falcon platform, and any disruption of or interference with our use of these facilities may negatively affect our ability to maintain the performance and reliability of our Falcon platform, which could cause our business to suffer.

•We rely on our key technical, sales and management personnel to grow our business, and the loss of one or more key employees could harm our business.

•If we are unable to attract and retain qualified personnel, our business could be harmed.

•Our results of operations may fluctuate significantly, which could make our future results difficult to predict and could cause our results of operations to fall below expectations.

•Claims by others that we infringe their proprietary technology or other intellectual property rights could result in significant costs and substantially harm our business, financial condition, results of operations, and prospects.

•If we are not able to comply with applicable data protection, security, privacy, and other government- and industry-specific laws, regulations, standards or requirements, our business, results of operations, and financial condition could be harmed.

•Future acquisitions, strategic investments, partnerships, or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our results of operations and financial condition.

•effectively attract, integrate, and retain a large number of new employees, particularly members of our sales and marketing and research and development teams;

•further improve our Falcon platform, including our cloud modules, and IT infrastructure, including expanding and optimizing our data centers, to support our business needs;

•enhance our information and communication systems to ensure that our employees and offices around the world are well coordinated and can effectively communicate with each other and our growing base of channel partners and customers; and

•improve our financial, management, and compliance systems and controls.

•product capabilities, including performance and reliability, of our Falcon platform, including our cloud modules, services, and features compared to those of our competitors;

•our ability, and the ability of our competitors, to improve existing products, services, and features, or to develop new ones to address evolving customer needs;

•our ability to attract, retain, and motivate talented employees;

•our ability to establish and maintain relationships with channel partners;

•the strength of our sales and marketing efforts; and

•acquisitions or consolidation within our industry, which may result in more formidable competitors.

•legacy antivirus product providers who offer a broad range of approaches and solutions including traditional signature-based anti-virus protection;

•alternative endpoint security providers who generally offer a mix of on-premise and cloud-hosted products that rely heavily on malware-only or application whitelisting techniques;

•network security vendors who are supplementing their core perimeter-based offerings with endpoint security solutions; and

•professional service providers who offer cybersecurity response services.

•the development and maintenance of the infrastructure of the internet;

•the performance and availability of third-party providers of cloud infrastructure services, such as AWS, with the necessary speed, data capacity and security for providing reliable internet access and services;

•decisions by the owners and operators of the data centers where our cloud infrastructure is deployed to terminate our contracts, discontinue services to us, shut down operations or facilities, increase prices, change service levels, limit bandwidth, declare bankruptcy or prioritize the traffic of other parties;

•physical or electronic break-ins, acts of war or terrorism, human error or interference (including by disgruntled employees, former employees or contractors) and other catastrophic events;

•cyberattacks, including denial of service attacks, targeted at us, our data centers, or the infrastructure of the internet;

•failure by us to maintain and update our cloud infrastructure to meet our data capacity requirements;

•errors, defects or performance problems in our software, including third-party software incorporated in our software;

•improper deployment or configuration of our solutions;

•the failure of our redundancy systems, in the event of a service disruption at one of our data centers, to provide failover to other data centers in our data center network; and

•the failure of our disaster recovery and business continuity arrangements.

•our ability to attract new and retain existing customers;

•the budgeting cycles, seasonal buying patterns, and purchasing practices of customers;

•economic difficulties confronting our customers, which may impact the number of modules or endpoint deployments they are willing or able to purchase;

•the timing and length of our sales cycles;

•changes in customer or channel partner requirements or market needs;

•changes in the growth rate of the cloud-based SaaS-delivered endpoint security solutions market;

•the timing and success of new product and service introductions by us or our competitors or any other competitive developments, including consolidation among our customers or competitors;

•the level of awareness of cybersecurity threats, particularly advanced cyberattacks, and the market adoption of our Falcon platform;

•our ability to successfully expand our business domestically and internationally;

•decisions by organizations to purchase security solutions from larger, more established security vendors or from their primary IT equipment vendors;

•changes in our pricing policies or those of our competitors;

•any disruption in our relationship with channel partners;

•insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our solutions;

•significant security breaches of, technical difficulties with or interruptions to, the use of our Falcon platform;

•extraordinary expenses such as litigation or other dispute-related settlement payments or outcomes;

•future accounting pronouncements or changes in our accounting policies or practices;

•negative media coverage or publicity;

•political events;

•the amount and timing of operating costs and capital expenditures related to the expansion of our business;

•increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates; and

•significant natural disasters and other catastrophic events, including the occurrence of a contagious disease or illness, such as COVID-19.

•greater difficulty in negotiating contracts with standard terms, enforcing contracts and managing collections, and longer collection periods;

•higher costs of doing business internationally, including costs incurred in establishing and maintaining office space and equipment for our international operations;

•management communication and integration problems resulting from cultural and geographic dispersion;

•risks associated with trade restrictions and foreign legal requirements, including any importation, certification, and localization of our Falcon platform that may be required in foreign countries;

•greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties;

•compliance with anti-bribery laws, including, without limitation, compliance with the U.S. Foreign Corrupt Practices Act of 1977, as amended, or FCPA, the U.S. Travel Act and the U.K. Bribery Act 2010, or Bribery Act, violations of which could lead to significant fines, penalties, and collateral consequences for our company;

•heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;

•the uncertainty of protection for intellectual property rights in some countries;

•general economic and political conditions in these foreign markets;

•foreign exchange controls or tax regulations that might prevent us from repatriating cash earned outside the United States;

•political and economic instability in some countries;

•double taxation of our international earnings and potentially adverse tax consequences due to changes in the tax laws of the United States or the foreign jurisdictions in which we operate;

•unexpected costs for the localization of our services, including translation into foreign languages and adaptation for local practices and regulatory requirements (including, but not limited to data localization requirements);

•requirements to comply with foreign privacy, data protection, and information security laws and regulations and the risks and costs of noncompliance;

•greater difficulty in identifying, attracting and retaining local qualified personnel, and the costs and expenses associated with such activities;

•greater difficulty identifying qualified channel partners and maintaining successful relationships with such partners;

•differing employment practices and labor relations issues; and

•difficulties in managing and staffing international offices and increased travel, infrastructure, and legal compliance costs associated with multiple international locations.

•selling to governmental agencies can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale;

•we may be required to obtain personnel security clearances and facility clearances to perform on classified contracts for government agencies, and there is no guarantee that we will be able to obtain or maintain such clearances;

•government certification, software supply chain, or source code transparency requirements applicable to us or our products are constantly evolving and, in doing so, restrict our ability to sell to certain government customers until we have attained the new or revised certification or meet other applicable requirements, which we are not guaranteed to do. For example, although we are currently certified under the U.S. Federal Risk and Authorization Management Program, or FedRAMP, such certification is costly to maintain and if we lose our certification it would restrict our ability to sell to government customers;

•government product requirements are often technically complex and assessors may require us to make costly changes to our products to meet such requirements without any assurance that such changes will generate a sale;

•government demand and payment for our Falcon platform may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays in the government appropriations or procurement processes adversely affecting public sector demand for our Falcon platform, including as a result of abrupt events such as war, incidents of terrorism, natural disasters, and public health concerns or epidemics;

•government attitudes towards us as a company, our platform or the capabilities that we offer as a viable software solution may change, and reduce interest in our products and services as acceptable solutions;

•changes in the political environment, including before or after a change to the leadership within the government administration, can create uncertainty or changes in policy or priorities and reduce available funding for our products and services;

•third parties may compete intensely with us on pending, new or existing contracts with government products, which can also lead to appeals, disputes, or litigation relating to government procurement, including but not limited to bid protests by unsuccessful bidders on potential or actual awards of contracts to us or our partners by the government;

•even if we are awarded a sale, the terms of such contracts may be unusually burdensome;

•governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our Falcon platform, which would adversely impact our revenue and results of operations, or institute fines or civil or criminal liability if the audit were to uncover improper or illegal activities; and

•governments may require certain products to be manufactured, hosted, or accessed solely in their country or in other relatively high-cost manufacturing locations, and we may not manufacture all products in locations that meet these requirements, affecting our ability to sell these products to governmental agencies.

•investigations, enforcement actions and sanctions;

•mandatory changes to our Falcon platform;

•disgorgement of profits, fines and damages;

•civil and criminal penalties or injunctions;

•claims for damages by our customers or channel partners;

•termination of contracts;

•loss of intellectual property rights;

•loss of our license to do business in the jurisdictions in which we operate; and

•temporary or permanent debarment from sales to government organizations.

•resulting in time-consuming and costly litigation;

•diverting management’s time and attention from developing our business;

•requiring us to pay monetary damages or enter into royalty and licensing agreements that we would not normally find acceptable;

•causing delays in the deployment of our Falcon platform or service offerings to our customers;

•requiring us to stop offering certain services or features of our Falcon platform;

•requiring us to redesign certain components of our Falcon platform using alternative non-infringing or non-open source technology, which could require significant effort and expense;

•requiring us to disclose our software source code and the detailed program commands for our software; and

•requiring us to satisfy indemnification obligations to our customers.

•actual or anticipated changes or fluctuations in our results of operations;

•the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections;

•announcements by us or our competitors of new products or new or terminated significant contracts, commercial relationships or capital commitments;

•industry or financial analyst or investor reaction to our press releases, other public announcements and filings with the SEC;

•rumors and market speculation involving us or other companies in our industry;

•price and volume fluctuations in the overall stock market from time to time;

•changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;

•failure of industry or financial analysts to maintain coverage of us, changes in financial estimates by any analysts who follow our company, or our failure to meet these estimates or the expectations of investors;

•actual or anticipated developments in our business or our competitors’ businesses or the competitive landscape generally;

•litigation involving us, our industry or both, or investigations by regulators into our operations or those of our competitors;

•developments or disputes concerning our intellectual property rights or our solutions, or third-party proprietary rights;

•announced or completed acquisitions of businesses or technologies by us or our competitors;

•new laws or regulations or new interpretations of existing laws or regulations applicable to our business;

•any major changes in our management or our board of directors, particularly with respect to Mr. Kurtz;

•effects of public health crises, pandemics and epidemics, such as COVID-19;

•general economic conditions and slow or negative growth of our markets; and

•other events or factors, including those resulting from war, incidents of terrorism or responses to these events.

•our dual class common stock structure, which provides our holders of Class B common stock with the ability to significantly influence the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the shares of our outstanding Class A and Class B common stock;

•a classified board of directors with three-year staggered terms, which could delay the ability of stockholders to change the membership of a majority of our board of directors;

•the ability of our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval, which could be used to significantly dilute the ownership of a hostile acquirer;

•the exclusive right of our board of directors to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death or removal of a director, which prevents stockholders from being able to fill vacancies on our board of directors;

•a prohibition on stockholder action by written consent, which forces stockholder action to be taken at an annual or special meeting of our stockholders, which prohibition will take effect on the first date on which the number of outstanding shares of our Class B common stock represents less than 10% of the aggregate number of outstanding shares of our Class A common stock and our Class B common stock, taken together as a single class;

•the requirement that a special meeting of stockholders may be called only by the chairperson of our board of directors, chief executive officer or by the board of directors acting pursuant to a resolution adopted by a majority of our board of directors, which could delay the ability of our stockholders to force consideration of a proposal or to take action, including the removal of directors;

•certain amendments to our amended and restated certificate of incorporation require the approval of two-thirds of the then-outstanding voting power of our capital stock; and

•advance notice procedures with which stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting, which may discourage or deter a potential acquirer from conducting a solicitation of proxies to elect the acquirer’s own slate of directors or otherwise attempting to obtain control of us.

•any derivative action or proceeding brought on our behalf;

•any action asserting a breach of fiduciary duty;

•any action asserting a claim against us arising under the Delaware General Corporation Law, our amended and restated certificate of incorporation or our amended and restated bylaws;

•any action to interpret, apply, enforce or determine the validity of our amended and restated certificate of incorporation or our amended and restated bylaws; and

•any action asserting a claim against us that is governed by the internal-affairs doctrine.

•limiting our ability to obtain additional financing to fund future working capital, capital expenditures, acquisitions or other general corporate requirements;

•requiring a portion of our cash flows to be dedicated to debt service payments instead of other purposes, thereby reducing the amount of cash flows available for working capital, capital expenditures, acquisitions and other general corporate purposes;

•increasing our vulnerability to adverse changes in general economic, industry and competitive conditions; and

•exposing us to the risk of increased interest rates as certain of our borrowings, including borrowings under our revolving facility, are at variable rates of interest; and increasing our cost of borrowing.

•incur additional indebtedness and guarantee indebtedness;

•prepay, redeem or repurchase certain indebtedness;

•sell or otherwise dispose of assets;

•incur liens;

•enter into transactions with affiliates;

•alter the businesses we conduct;

•enter into agreements restricting our subsidiaries’ ability to pay dividends; and

•consolidate, merge with, or sell all or substantially all of our assets to, another person.

•finance our operations;

•make needed capital expenditures;

•make strategic acquisitions or investments or enter into joint ventures;

•withstand a future downturn in our business, the industry or the economy in general;

•engage in business activities, including future opportunities, that may be in our best interest; and

•plan for or react to market conditions or otherwise execute our business strategies.

•diversion of management time and focus from operating our business to addressing acquisition integration challenges;

•coordination of research and development and sales and marketing functions;

•integration of administrative systems, employee, product and service offerings;

•retention of key employees from the acquired company;

•changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisition;

•the need to implement or improve controls, procedures, and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures and policies;

•additional legal, regulatory or compliance requirements;

•financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that we do not adequately address and that cause our reported results to be incorrect;

•liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and other known and unknown liabilities; and

•litigation or other claims in connection with the acquired company, including claims from terminated employees, customers, former stockholders or other third parties.

Company/ Index						Base period 6/12/19																		1/31/20																								1/31/21																								1/31/22																								1/31/23
CrowdStrike Holdings, Inc.						$	100.00																	$	105.33																							$	372.07																							$	311.45																							$	182.59
S&P 500						$	100.00																	$	118.69																							$	139.17																							$	171.58																							$	157.48
S&P Information Technology						$	100.00																	$	134.13																							$	183.94																							$	232.55																							$	196.05
Nasdaq 100						$	100.00																	$	126.96																							$	184.09																							$	214.11																							$	175.08

Adoption of Our Solutions. We believe our future success depends in large part on the growth in the market for cloud-based SaaS-delivered endpoint security solutions. Many organizations have not yet abandoned the on-premise legacy products in which they have invested substantial personnel and financial resources to design and maintain. As a result, it is difficult to predict customer adoption rates and demand for our cloud-based solutions.

New Customer Acquisition. Our future growth depends in large part on our ability to acquire new customers. If our efforts to attract new customers are not successful, our revenue and rate of revenue growth may decline. We believe that our go-to-market strategy and the flexibility and scalability of our Falcon platform allow us to rapidly expand our customer base. Our incident response and proactive services also help drive new customer acquisitions, as many of these professional services customers subsequently purchase subscriptions to our Falcon platform. Many organizations have not yet adopted cloud-based security solutions, and since our Falcon platform has offerings for organizations of all sizes, worldwide, and across industries, we believe this presents a significant opportunity for growth.

Maintain Customer Retention and Increase Sales. Our ability to increase revenue depends in large part on our ability to retain our existing customers and increase the ARR of their subscriptions. We focus on increasing sales to our existing customers by expanding their deployments to more endpoints and selling additional cloud modules for increased functionality. Over time we have transitioned our platform from a single offering into highly-integrated offerings of multiple cloud modules.

Invest in Growth. We believe that our market opportunity is large and requires us to continue to invest significantly in sales and marketing efforts to further grow our customer base, both domestically and internationally. Our open cloud architecture and single data model have allowed us to rapidly build and deploy new cloud modules, and we expect to continue investing in those efforts to further enhance our technology platform and product functionality. In addition to our ongoing investment in research and development, we may also pursue acquisitions of businesses, technologies, and assets that complement and expand the functionality of our Falcon platform, add to our technology or security expertise, or bolster our leadership position by gaining access to new customers or markets. Furthermore, we expect our general and administrative expenses to increase in dollar amount for the foreseeable future given the additional expenses for accounting, compliance, and investor relations as we grow as a public company.

The following table sets forth the number of our subscription customers as of the dates presented:

			As of January 31,
			2023						2022
Subscription customers			23,019						16,325
Year-over-year growth			41		%				65		%

The following table sets forth our ARR as of the dates presented (dollars in thousands):

			As of January 31,
			2023						2022
Annual recurring revenue			$	2,559,694					$	1,731,342
Year-over-year growth			48		%				65		%

			As of January 31,
			2023						2022
Dollar-based net retention rate			125.3		%				123.9		%

Subscription Revenue. Subscription revenue primarily consists of subscription fees for our Falcon platform and additional cloud modules that are supported by our cloud-based platform. Subscription revenue is driven primarily by the number of subscription customers, the number of endpoints per customer, and the number of cloud modules included in the subscription. We recognize subscription revenue ratably over the term of the agreement, which is generally one to three years. Because the majority of our subscription customers are billed upfront, we have recorded significant deferred revenue. Consequently, a substantial portion of the revenue that we report in each period is attributable to the recognition of deferred revenue relating to subscriptions that we entered into during previous periods. The majority of our customers are invoiced annually in advance or multi-year in advance.

Professional Services Revenue. Professional services revenue includes incident response and proactive services, forensic and malware analysis, and attribution analysis. Professional services are generally sold separately from subscriptions to our Falcon platform, although customers frequently enter into a separate arrangement to purchase subscriptions to our Falcon platform at the conclusion of a professional services arrangement. Professional services are available through hourly rate and fixed fee contracts, one-time and ongoing engagements, and retainer-based agreements. For time and materials and retainer-based arrangements, revenue is recognized as services are performed. Fixed fee contracts account for an immaterial portion of our revenue.

Subscription Cost of Revenue. Subscription cost of revenue consists primarily of costs related to hosting our cloud-based Falcon platform in data centers, amortization of our capitalized internal-use software, employee-related costs such as salaries and bonuses, stock-based compensation expense, benefits costs associated with our operations and support personnel, software license fees, property and equipment depreciation, amortization of acquired intangibles, and an allocated portion of facilities and administrative costs.

Professional Services Cost of Revenue. Professional services cost of revenue consists primarily of employee-related costs, such as salaries and bonuses, stock-based compensation expense, technology, property and equipment depreciation, and an allocated portion of facilities and administrative costs.

Sales and Marketing. Sales and marketing expenses primarily consist of employee-related expenses such as salaries, commissions, and bonuses. Sales and marketing expenses also include stock-based compensation; expenses related to our Fal.Con customer conference and other marketing events; an allocated portion of facilities and administrative expenses; amortization of acquired intangibles, and cloud hosting and related services costs related to proof of value efforts. Sales and marketing expenses also include sales commissions and any other incremental payments made upon the initial acquisition of a subscription or upsells to existing customers, which are capitalized and amortized over the estimated customer life. We also capitalize and amortize any such expenses paid for the renewal of a subscription over the term of the renewal.

Research and Development. Research and development expenses primarily consist of employee-related expenses such as salaries and bonuses; stock-based compensation; consulting expenses related to the design, development, testing, and enhancements of our subscription services; and an allocated portion of facilities and administrative expenses. Our cloud platform is software-driven, and our research and development teams employ software engineers in the design, and the related development, testing, certification, and support of these solutions.

General and Administrative. General and administrative expenses consist of employee-related expenses such as salaries and bonuses; stock-based compensation; and related expenses for our executive, finance, human resources, and legal organizations. In addition, general and administrative expenses include outside legal, accounting, and other professional fees; and an allocated portion of facilities and administrative expenses.

Interest Expense. Interest expense consists primarily of amortization of debt issuance costs, contractual interest expense for our Senior Notes issued in January 2021, and amortization of debt issuance costs on our secured revolving credit facility.

Interest Income. Interest income consists primarily of income earned on our cash and cash equivalents and short-term investments.

Other Income, Net. Other income, net, consists primarily of gain and losses on strategic investments and foreign currency transaction gains and losses.

Provision for Income Taxes. Provision for income taxes consists of state income taxes in the United States, foreign income taxes, including taxes related to the intercompany sale of intellectual property, and withholding taxes related to customer payments in certain foreign jurisdictions in which we conduct business. We maintain a full valuation allowance on our U.S. federal and state and U.K. deferred tax assets, which we have determined are not realizable on a more likely than not basis.

The following tables set forth our consolidated statements of operations for each period presented (in thousands, except percentages):

			Year Ended January 31,
			2023						2022						2021
Revenue
Subscription			$	2,111,660					$	1,359,537					$	804,670
Professional services			129,576						92,057						69,768
Total revenue			2,241,236						1,451,594						874,438
Cost of revenue
Subscription			511,684						321,904						185,212
Professional services			89,547						61,317						44,333
Total cost of revenue			601,231						383,221						229,545
Gross profit			1,640,005						1,068,373						644,893
Operating expenses
Sales and marketing			904,409						616,546						401,316
Research and development			608,364						371,283						214,670
General and administrative			317,344						223,092						121,436
Total operating expenses			1,830,117						1,210,921						737,422
Loss from operations			(190,112)						(142,548)						(92,529)
Interest expense			(25,319)						(25,231)						(1,559)
Interest income			52,495						3,788						4,968
Other income, net			3,053						3,968						1,251
Loss before provision for income taxes			(159,883)						(160,023)						(87,869)
Provision for income taxes			22,402						72,355						4,760
Net loss			(182,285)						(232,378)						(92,629)
Net income attributable to non-controlling interest			960						2,424						—
Net loss attributable to CrowdStrike			$	(183,245)					$	(234,802)					$	(92,629)

The following table presents the components of our consolidated statements of operations as a percentage of total revenue for the periods presented:

			Year Ended January 31,
			2023						2022						2021
			%						%						%
Revenue
Subscription			94		%				94		%				92		%
Professional services			6		%				6		%				8		%
Total revenue			100		%				100		%				100		%
Cost of revenue
Subscription			23		%				22		%				21		%
Professional services			4		%				4		%				5		%
Total cost of revenue			27		%				26		%				26		%
Gross profit			73		%				74		%				74		%
Operating expenses
Sales and marketing			40		%				42		%				46		%
Research and development			27		%				26		%				25		%
General and administrative			14		%				15		%				14		%
Total operating expenses			82		%				83		%				84		%
Loss from operations			(8)		%				(10)		%				(11)		%
Interest expense			(1)		%				(2)		%				—		%
Interest income			2		%				—		%				1		%
Other income, net			—		%				—		%				—		%
Loss before provision for income taxes			(7)		%				(11)		%				(10)		%
Provision for income taxes			1		%				5		%				1		%
Net loss			(8)		%				(16)		%				(11)		%
Net income attributable to non-controlling interest			—		%				—		%				—		%
Net loss attributable to CrowdStrike			(8)		%				(16)		%				(11)		%

The following shows total revenue from subscriptions and professional services for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
Subscription			$	2,111,660					$	1,359,537					$	752,123					55		%
Professional services			129,576						92,057						37,519						41		%
Total revenue			$	2,241,236					$	1,451,594					$	789,642					54		%

Professional services revenue increased by $37.5 million, or 41%, in fiscal 2023, compared to fiscal 2022, which was primarily attributable to an increase in the number of professional service hours performed and an increase in services offerings that are not based on billable hours.

The following shows cost of revenue related to subscriptions and professional services for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
Subscription			$	511,684					$	321,904					$	189,780					59		%
Professional services			89,547						61,317						28,230						46		%
Total cost of revenue			$	601,231					$	383,221					$	218,010					57		%

Total cost of revenue increased by $218.0 million, or 57%, in fiscal 2023, compared to fiscal 2022. Subscription cost of revenue increased by $189.8 million, or 59%, in fiscal 2023, compared to fiscal 2022. The increase in subscription cost of revenue was primarily due to an increase in cloud hosting and related services cost of $100.0 million driven by increased customer activity, an increase in employee-related expenses of $43.1 million driven by a 47% increase in average headcount, an increase in stock-based compensation expense of $10.0 million, an increase in amortization of internal-use software of $9.1 million, an increase in allocated overhead costs of $8.4 million, an increase in depreciation of data center equipment of $8.2 million, an increase in term-based software licenses of $3.9 million, an increase in amortization of intangible assets of $3.1 million, and an increase in employee health insurance costs of $2.8 million.

Professional services cost of revenue increased by $28.2 million, or 46%, in fiscal 2023, compared to fiscal 2022. The increase in professional services cost of revenue was primarily due to an increase in employee-related expenses of $17.0 million driven by an increase in average headcount of 46%, an increase in stock-based compensation expense of $5.6 million, an increase in allocated overhead costs of $2.4 million, an increase in consulting expense of $2.0 million, and an increase in employee health insurance costs of $1.0 million.

The following shows gross profit and gross margin for subscriptions and professional services for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
Subscription gross profit			$	1,599,976					$	1,037,633					$	562,343					54		%
Professional services gross profit			40,029						30,740						9,289						30		%
Total gross profit			$	1,640,005					$	1,068,373					$	571,632					54		%

															Change
			2023						2022
Subscription gross margin			76		%				76		%				—		%
Professional services gross margin			31		%				33		%				(2)		%
Total gross margin			73		%				74		%				(1)		%

Subscription gross margin was relatively flat for fiscal 2023, compared to fiscal 2022.

Professional services gross margin decreased by 2% in fiscal 2023, compared to fiscal 2022. The decrease in professional services gross margin was primarily due to higher employee-related expenses and higher stock-based compensation, partially offset by an increase in the number of professional service hours performed and an increase in service offerings that are not based on billable hours during fiscal 2023 compared to fiscal 2022.

The following shows sales and marketing expenses for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
Sales and marketing expenses			$	904,409					$	616,546					$	287,863					47		%

Sales and marketing expenses increased by $287.9 million, or 47%, in fiscal 2023, compared to fiscal 2022. The increase in sales and marketing expenses was primarily due to an increase in employee-related expenses of $146.8 million driven by an increase in sales and marketing average headcount of 41%, an increase in stock-based compensation of $62.3 million, an increase in marketing programs of $21.8 million, an increase in allocated overhead costs of $18.6 million, an increase in travel expenses of $9.6 million, an increase in company events expenses of $6.7 million, an increase in employee health insurance costs of $6.4 million, and an increase in term-based software licenses of $2.7 million.

The following shows research and development expenses for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
Research and development expenses			$	608,364					$	371,283					$	237,081					64		%

Research and development expenses increased by $237.1 million, or 64% in fiscal 2023, compared to fiscal 2022. This increase was primarily due to an increase in employee-related expenses of $110.9 million driven by an increase in research and development average headcount of 53%, an increase in stock-based compensation of $72.7 million, an increase in allocated overhead costs of $17.0 million, an increase in cloud hosting and related costs of $13.5 million, an increase in company events expenses of $10.8 million, an increase in travel expenses of $4.9 million, an increase in employee health insurance costs of $4.8 million, and an increase in term-based software licenses of $3.2 million.

The following shows general and administrative expenses for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
General and administrative expenses			$	317,344					$	223,092					$	94,252					42		%

General and administrative expenses increased by $94.3 million, or 42%, in fiscal 2023, compared to fiscal 2022. The increase in general and administrative expenses was primarily due to an increase in stock-based compensation expense of $65.9 million, an increase in employee-related expenses of $21.7 million driven by an increase in general and administrative average headcount of 46%, an increase in allocated overhead costs of $4.7 million, an increase in facilities expenses of $2.5 million, an increase in term-based software licenses of $1.6 million, an increase in travel expenses of $1.6 million, and an increase in employee health insurance costs of $0.9 million, partially offset by a decrease in legal expense of $5.3 million, and a decrease in consulting expense of $4.3 million.

The following shows interest expense, interest income, and other income, net, for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
Interest expense			$	(25,319)					$	(25,231)					$	(88)					—		%
Interest income			$	52,495					$	3,788					$	48,707					1,286		%
Other income, net			$	3,053					$	3,968					$	(915)					(23)		%

The following shows the provision for income taxes for fiscal 2023, as compared to fiscal 2022 (in thousands, except percentages):

															Change
			2023						2022						$						%
Provision for income taxes			$	22,402					$	72,355					$	(49,953)					(69)		%

The following table summarizes our cash flows for the periods presented (in thousands):

			Year Ended January 31,
			2023						2022						2021
Net cash provided by operating activities			$	941,007					$	574,784					$	356,566
Net cash (used in) provided by investing activities			$	(556,658)					$	(564,516)					$	495,427
Net cash provided by financing activities			$	77,437					$	72,531					$	800,135

Supplemental Guarantor Financial Information

Statement of Operations			Year Ended January 31, 2023
			(in thousands)
Revenue			$	2,241,236
Cost of revenue			639,637
Operating expenses			1,855,244
Loss from operations			(253,644)
Net loss			(237,920)
Net loss attributable to CrowdStrike			(237,920)

Balance Sheet			January 31, 2023
			(in thousands)
Current assets (excluding intercompany receivables from non-Guarantors)			$	3,541,670
Intercompany receivables from non-Guarantors			5,817
Noncurrent assets			1,443,684
Current liabilities			2,027,443
Noncurrent liabilities (excluding intercompany payable to non-Guarantors)			1,417,627
Intercompany payable to non-Guarantors			289,242

Contractual Obligations and Commitments

Index to Consolidated Financial Statements

			Page
Report of Independent Registered Public Accounting Firm (PCAOB ID 238)			74
Consolidated Financial Statements
Consolidated Balance Sheets as of January 31, 2023 and 2022			76
Consolidated Statements of Operations for the years ended January 31, 2023, 2022 and 2021			77
Consolidated Statements of Comprehensive Loss for the years ended January 31, 2023, 2022 and 2021			78
Consolidated Statements of Stockholders’ Equity for the years ended January 31, 2023, 2022 and 2021			79
Consolidated Statements of Cash Flows for the years ended January 31, 2023, 2022 and 2021			80
Notes to Consolidated Financial Statements			81

We have audited the accompanying consolidated balance sheets of CrowdStrike Holdings, Inc. and its subsidiaries (the “Company”) as of January 31, 2023 and 2022, and the related consolidated statements of operations, of comprehensive loss, of stockholders' equity and of cash flows for each of the three years in the period ended January 31, 2023, including the related notes (collectively referred to as the “consolidated financial statements”). We also have audited the Company's internal control over financial reporting as of January 31, 2023, based on criteria established in Internal Control - Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).

In our opinion, the consolidated financial statements referred to above present fairly, in all material respects, the financial position of the Company as of January 31, 2023 and 2022, and the results of its operations and its cash flows for each of the three years in the period ended January 31, 2023 in conformity with accounting principles generally accepted in the United States of America. Also in our opinion, the Company maintained, in all material respects, effective internal control over financial reporting as of January 31, 2023, based on criteria established in Internal Control - Integrated Framework (2013) issued by the COSO.

			January 31,
			2023						2022
Assets
Current assets:
Cash and cash equivalents			$	2,455,369					$	1,996,633
Short-term investments			250,000						—
Accounts receivable, net of allowance for credit losses of $2.6 million and $1.6 million as of January 31, 2023 and January 31, 2022, respectively			626,181						368,145
Deferred contract acquisition costs, current			186,855						126,822
Prepaid expenses and other current assets			121,862						79,352
Total current assets			3,640,267						2,570,952
Strategic investments			47,270						23,632
Property and equipment, net			492,335						260,577
Operating lease right-of-use assets			39,936						31,735
Deferred contract acquisition costs, noncurrent			260,233						192,358
Goodwill			430,645						416,445
Intangible assets, net			86,889						97,336
Other long-term assets			28,965						25,346
Total assets			$	5,026,540					$	3,618,381
Liabilities and Stockholders’ Equity
Current liabilities:
Accounts payable			$	45,372					$	47,634
Accrued expenses			137,884						83,382
Accrued payroll and benefits			168,767						104,563
Operating lease liabilities, current			13,046						9,820
Deferred revenue			1,727,484						1,136,502
Other current liabilities			16,519						24,929
Total current liabilities			2,109,072						1,406,830
Long-term debt			741,005						739,517
Deferred revenue, noncurrent			627,629						392,819
Operating lease liabilities, noncurrent			29,567						25,379
Other liabilities, noncurrent			31,833						16,193
Total liabilities			3,539,106						2,580,738
Commitments and contingencies (Note 9)
Stockholders’ Equity
Preferred stock, $0.0005 par value; 100,000 shares authorized as of January 31, 2023 and January 31, 2022; no shares issued and outstanding as of January 31, 2023 and January 31, 2022			—						—
Class A common stock, $0.0005 par value; 2,000,000 shares authorized as of January 31, 2023 and January 31, 2022; 222,759 shares, and 209,996 shares issued and outstanding as of January 31, 2023 and January 31, 2022, respectively; Class B common stock, $0.0005 par value; 300,000 shares authorized as of January 31, 2023 and January 31, 2022; 13,018 shares, and 20,710 shares issued and outstanding as of January 31, 2023 and January 31, 2022, respectively			118						115
Additional paid-in capital			2,612,705						1,991,807
Accumulated deficit			(1,148,163)						(964,918)
Accumulated other comprehensive loss			(1,019)						(1,240)
Total CrowdStrike Holdings, Inc. stockholders’ equity			1,463,641						1,025,764
Non-controlling interest			23,793						11,879
Total stockholders’ equity			1,487,434						1,037,643
Total liabilities and stockholders’ equity			$	5,026,540					$	3,618,381

			Year Ended January 31,
			2023						2022						2021
Revenue
Subscription			$	2,111,660					$	1,359,537					$	804,670
Professional services			129,576						92,057						69,768
Total revenue			2,241,236						1,451,594						874,438
Cost of revenue
Subscription			511,684						321,904						185,212
Professional services			89,547						61,317						44,333
Total cost of revenue			601,231						383,221						229,545
Gross profit			1,640,005						1,068,373						644,893
Operating expenses
Sales and marketing			904,409						616,546						401,316
Research and development			608,364						371,283						214,670
General and administrative			317,344						223,092						121,436
Total operating expenses			1,830,117						1,210,921						737,422
Loss from operations			(190,112)						(142,548)						(92,529)
Interest expense			(25,319)						(25,231)						(1,559)
Interest income			52,495						3,788						4,968
Other income, net			3,053						3,968						1,251
Loss before provision for income taxes			(159,883)						(160,023)						(87,869)
Provision for income taxes			22,402						72,355						4,760
Net loss			(182,285)						(232,378)						(92,629)
Net income attributable to non-controlling interest			960						2,424						—
Net loss attributable to CrowdStrike			$	(183,245)					$	(234,802)					$	(92,629)
Net loss per share attributable to CrowdStrike common stockholders, basic and diluted			$	(0.79)					$	(1.03)					$	(0.43)
Weighted-average shares used in computing net loss per share attributable to CrowdStrike common stockholders, basic and diluted			233,139						227,142						217,756

The accompanying notes are an integral part of these consolidated financial statements.

			Year Ended January 31,
			2023						2022						2021
Net loss			$	(182,285)					$	(232,378)					$	(92,629)
Other comprehensive income (loss):
Foreign currency translation adjustments			221						(3,559)						2,630
Reversal of unrealized gain upon sale of debt securities, net of tax			—						—						(1,320)
Other comprehensive income (loss)			221						(3,559)						1,310
Less: Comprehensive income attributable to non-controlling interest			960						2,424						—
Total comprehensive loss attributable to CrowdStrike			$	(183,024)					$	(238,361)					$	(91,319)

												Common Stock												Additional Paid-in Capital						Accumulated Deficit						Accumulated Other Comprehensive Income (Loss)						Non-controlling Interest						Total Stockholders’ Equity (Deficit)
																		Shares																					Amount
Balances at January 31, 2020																		212,948						$	106					$	1,378,479					$	(637,487)					$	1,009					$	500					$	742,607
Issuance of common stock upon exercise of options