Customers ‘Still Trust CrowdStrike’ Despite Outage: Analyst

Two months after the massive IT outage caused by a CrowdStrike update, ‘customers still want to consolidate on the Falcon platform,’ according to a Morgan Stanley analyst.

Two months after the massive IT outage caused by a faulty CrowdStrike update, customers remain interested in expanding their usage of the company’s cybersecurity offerings, according to a Morgan Stanley analyst.

“Customers still want to consolidate on the Falcon platform,” wrote Hamza Fodderwala, equity analyst at Morgan Stanley, a note to investors Thursday.

[Related: Partners: CrowdStrike Will Recover Its Reputation After Historic Outage]

The note came as CrowdStrike wrapped up its Fal.Con 2024 conference Thursday, which provided a number of signs of encouragement about the company’s growth prospects going forward, Fodderwala said. Attendance at the event was up more than 30 percent compared to the prior year’s conference, and customer feedback during the conference “was largely better than feared,” he said.

The bottom line is that customers “still trust CrowdStrike” and its Falcon security platform, according to Fodderwala — though he acknowledged that customers “will have to deal with longer approvals and pushback internally within their organization” in the wake of the historic July outage. CRN has reached out to CrowdStrike for comment.

CrowdStrike’s defective July 19 update sent 8.5 million Microsoft Windows devices into a “blue screen of death” state, causing worldwide societal disruptions including to air travel, health care and banking. Estimates have suggested the costs to major corporations from the incident will reach into the billions of dollars.

In response, CrowdStrike has pledged to do additional testing and deploy staged rollouts of updates, with the aim to prevent such issues in the future.

Despite the hit to CrowdStrike’s reputation, Fodderwala said that it was clear from customer conversations that the vendor “remains the leader in Endpoint Security/XDR, especially among enterprises with tens of thousands of endpoints.”

Newer CrowdStrike products such as Next-Gen SIEM, meanwhile, are “seeing strong traction,” he wrote. “With the average enterprise deploying >50 disparate security tools, customers still want to consolidate their security spend on fewer vendors, and CrowdStrike remains a leading candidate.”

Fodderwala also pointed to CrowdStrike product updates this week, such as in the areas of identity security (Falcon Privileged Access) and vulnerability management. “CrowdStrike continues to focus on innovation,” he wrote.

The outage has also spurred other major endpoint security vendors to assess their practices, including during a Microsoft-hosted summit last week at the tech giant’s headquarters in Redmond, Wash.

Notable discussion topics at the summit—which saw participation from a number of vendors in addition to CrowdStrike—included “longer-term steps serving resilience and security goals,” wrote David Weston, vice president of enterprise and OS security at Microsoft, in a post last week.