1. CrowdStrike (CRWD) -- Annual Investor Event

The CrowdStrike team was adamant about not sharing any financial data during the week. The event was solely about product announcements and progress. Disappointing, but there was still a lot of necessary information coming from this for investors to absorb.

a. Notes from Founder/CEO George Kurtz:

On Competition:

“We test more than anyone else. We are the technology leader in the space. Our technology is better than the other companies that are out there. The testing results provide that… we continue to take share from next generation and incumbents alike.”

Client retention rate continues to set new records. This implies gross retention over 98.2%.

On Tech Differentiators Highlighted:

• Falcon can “always stream the right amount and type” of telemetry back to the cloud. Conversely, competition requires a detection to initiate this data sharing in a batch mode manner requiring manual authorizations. This is slower, more cumbersome and less efficient while CrowdStrike’s platform is continuously streaming needed information to the right place.

• Most competitors also share data in a purely “collect and forward” manner. There’s no automated data evaluation and contextualization process as there is with CrowdStrike via tools such as its Threat and Asset Graphs. This leads to data inundation and other issues such as annoying false positives distracting already scarce security teams. As an aside, CrowdStrike’s Falcon Complete offering with managed protection takes this headache completely out of the hands of a client’s internal security team.

  • CrowdStrike’s Falcon agent has a data requirement microscopically smaller than most of its competitors. That also helps make vast data contextualization possible.

• The ability to install the Falcon Platform without a re-boot. No other competitor can, which gives CrowdStrike a great on-boarding advantage. Kurtz joked about legacy financial institutions and how adverse they are to allowing any kind of re-boot. Perhaps that’s why CrowdStrike dominates in that sector.

• The Threat Graph captures the most events in the industry “by far and away, period.” And with the smart filter/contextualization discussed above, it can do so without sacrificing performance and false positive levels while STILL incorporating non-security data sources. Humio and its wildly impressive data compression capabilities is a key cog enabling this lucrative formula to exist.

On Recent Industry Developments:

• The Falcon Platform observed a 170% rise in critical vulnerabilities YoY.

• 71% of these critical vulnerabilities don’t use any malware. This makes traditional anti-virus (and some of the fresh takes on it) utterly worthless. That’s partially why CrowdStrike’s legacy share gains have been so materially notable.

George’s Chat with Salesforce CIO Juan Perez:

“What CrowdStrike does for UPS (Perez’s former company) and Salesforce is incredibly important. The solutions that CrowdStrike brings to the table are critical and make me feel more comfortable managing security posture… CrowdStrike is best in class for supporting a number of enterprise cyber activities. It’s vital to work with best in class in that domain.” -- Perez

Some Case Studies:

• A financial institution with 600,000 endpoints went with CrowdStrike. It budgeted for 2 years of on-boarding time as it had been conditioned to expect. CrowdStrike on-boarded in 50 days.

• CrowdStrike reached an endpoint on-boarding speed of 25,000 per hour while deploying on AWS.

• CrowdStrike’s 4,700 business value assessments this year revealed a 170% average client return on investment (ROI). The report also demonstrated CrowdStrike’s 77% better investigation speed, 84% boost in identity hygiene speed and 70% lower effort to deploy and maintain vs. the competition.

• One large retailer saved millions by going with CrowdStrike and consolidating its 9 security agents onto the Falcon Platform. These anecdotal data points are very important. Why? CrowdStrike’s cost per endpoint is more expensive than most. It gets away with that by agent consolidation and better efficacy/automation serving as a powerful enough force multiplier to justify the higher price.

• Per Forrester, Falcon LogScale (formerly Humio) generates a potential 210% ROI for customers.

b) Notes from CrowdStrike Chief Sales Officer Jim Seidel’s Chat with Customers & Partners:

On Falcon Complete:

“We added Falcon Complete as a buffer in the challenge to find and retain talent. Having a guaranteed eye on what’s going on with managed endpoints allows us to be more flexible and work on other things in our environment. It’s hugely important for us.” -- Brad Jones VP of Info Security and CISO at Seagate

With 1.2 million un-filled jobs in security, this is key.

On Security’s Durability:

“Cyber security is the most survivable part of the budget from our vantage point. There have been cuts made to other categories, but no evidence of security budget degradation here.” -- Leo Makhlin SVP of Worldwide Technology

“August was the hottest month in our history in terms of renewal and net new. September hasn’t disappointed thus far… the market is roaring especially for value add services like [CrowdStrike’s].” -- Optiv CEO Kevin Lynch

c. Product News

Humio is Now “Falcon LogScale:”

CrowdStrike re-named its log management acquisition (Humio) to Falcon LogScale. Beyond that however, it also added longer term (several year) data retention capabilities that had been lacking from the offering. Furthermore, CrowdStrike is leveraging its threat hunting team to offer a “Managed Falcon LogScale” product for teams wanting to off-load more of the log management and observability duties.

There are 5 areas of observability:

1. Event Monitoring (“is it running?”)

2. Metrics/Performance Monitoring (“is it working”)

3. Availability Monitoring

4. Business Insight (“is business growing?”)

5. Metrics Monitoring (improvement/optimization)

CrowdStrike is fixated on categories 1 and 2 as it sees those as vital bases if it ever wants to successfully expand to the other 3 areas (which it does). It will be interesting to see how big this segment can get with well-entrenched, formidable competitors like Datadog. This is not a greenfield opportunity -- yet the company is objectively finding real success already.

On XDR:

As a reminder, XDR means Extended Detection and Response. It builds on Endpoint Detection and Response (EDR) by infusing other, non-endpoint data sources into the Falcon platform to expand threat detection to other parts of the software ecosystem. Three things are vital for XDR:

1. A great EDR product, which CrowdStrike’s rapid share gains point to.

2. A long roster of high quality 3rd party data partners to augment that EDR base and fuel relevant data telemetry.

   1. This week, it announced Cisco, ForgeRock, Fortinet, competitor Palo Alto Networks and Microsoft’s (another competitor) Azure cloud program as the latest partners of its XDR alliance (basically a massive data sharing entity).

3. The ability to effectively use all of this data which the Falcon Platform paired with Humio’s data compression capabilities enable.

I want to reiterate that one of the tech advantages listed above is particularly pertinent to this topic. CrowdStrike’s ability to contextualize and evaluate data vs. automatic “collect and forward” is a near pre-requisite for a strong XDR initiative. Why? When you’re borrowing data from every corner of the world like XDR does, that data MUST be sorted and ranked if it’s to be at all valuable. This capability paves the way for CrowdStrike winning in XDR.

“Data without insight and context is meaningless. That’s why he commit to providing customers with the needed context to see threats faster.” -- CrowdStrike CTO Michael Sentonas

To further hammer CrowdStrike’s commitment to XDR, it re-named its Falcon Insight EDR module to Falcon Insight XDR. According to Kurtz, this “unlocks XDR for all EDR customers” -- importantly without any interruption to its existing EDR functionality that customers have come to know and love.

As part of this announcement, CrowdStrike and network security vendor Zscaler announced a Zero Trust Integration to expedite detections even further.

On a New Partner Business Growth Initiative:

CrowdStrike launched the CrowdStrike Powered Service Provider Program (CPSP). This is similar to a brand ambassador or affiliate marketing endeavor. The program will help its service providers (selling partners) “unlock broader value add bundles and enhance profitability.” As part of the launch, these partners will now be able to choose individual Falcon modules to offer customers in an a la carte manner, or offer the entire platform at a materially discounted rate. With this new program comes an “Elite Tier” of invite only partners like Deloitte with larger selling incentives and integration opportunities.

New Cloud Native Application Protection Platform (CNAPP) Capabilities:

CrowdStrike integrated its Asset Graph into Falcon Horizon and other cloud security modules. This allows for singular, simplistic visualization of a company’s entire cloud environment. With that view, CrowdStrike will offer Cloud Infrastructure Entitlement Management (CIEM). This is basically a fancy term for a condensed view of authorizations and configurations (AKA who is allowed to view and utilize what) to proactively prevent threats in the cloud. This is no longer just an endpoint company… and far from it.

Existing cloud competition “generally lacks identity and access controls and uses manual methods to ensure a least privilege approach” according to Chief Product Officer Amol Kulkarni. This automates least privilege and comes with a one-click remediation features that “stands out amongst new offerings” according to IDC VP Frank Dickson. IDC is an independent research organization which has to be careful about showing bias towards a single company. This was a big statement.

On Buying “Reposify”:

CrowdStrike announced a cash acquisition of Reposify. Reposify boasts an External Attack Surface Management (EASM) platform. With it, the company can seamlessly scan the internet (with scale) for both internal and external asset misconfigurations or other vulnerabilities. CrowdStrike will offer Reposify as a stand-alone module, but will also infuse it into other modules to augment Information Technology (IT) facing products. Gartner named the 5-year-old company a 2021 emerging vendor for EASM. This is where the Israeli R&D branch rumor came from.

“Fortifying security posture is a top priority. Traditional risk models take an inside-out approach, which doesn’t always account for how a threat actor may view the external attack surface. Reposify’s technology delivers an outside-in perspective of an organization’s global external risk, providing deep visibility into what connected devices are vulnerable and most likely to be targeted.” -- CrowdStrike CEO George Kurtz

A New Module -- Falcon Discover for the Internet of Things (IoT):

Falcon Discover -- a security hygiene product helping with day to day maintenance -- is expanding into IoT and operational technology (OT) environments. This is part of an overarching theme from Kurtz throughout this past week: Unifying cyber security and IT. According to him, this “accelerates that convergence” to help IT teams intimately involved in IoT environments to mitigate connected device risk.

CrowdStrike + Coalition Partnership:

Coalition is an insurance company focused on digital risk. It has 160,000 policy holders and will now partner with CrowdStrike to offer Falcon to these clients. As an added synergy, CrowdStrike’s superior protection vs. competition will pave the way for these clients enjoying discounted premiums. CrowdStrike will also offer a 15 day free trial to Coalition customers.

The focus here will be on smaller businesses -- leveraging its new Falcon Go bundle geared to price conscious customers -- to further entrench CrowdStrike in that category. It dominates with Fortune 500 brands… it wants to dominate everywhere.

On New Falcon Fund (VC branch) Investments:

• Salt Security -- “the leader in API Security

  • Together, the two will partner to “bring together leading tech to apply API discovery and runtime protection on applications and to enable testing to secure APIs pre-release.”

  • There was significant competition for the right to invest as it’s considered best in breed in its niche… Salt chose CrowdStrike.

• Vanta

  • Helps automate security compliance

  • Will partner to merge capabilities

2. Shopify (SHOP) -- Gartner & Channel Checks

a) Channel Checks

@BigBullCap on Twitter shared some channel checks from ”BuiltWith” hinting at Shopify’s merchant count slightly declining sequentially this quarter. The declines however, seem to have stabilized which bodes well for its guidance of accelerating merchant adds into year end. Additionally, monthly recurring revenue (MRR) -- a Shopify KPI -- has continued to grow through all of this via cross and up-selling. Shopify Plus merchants specifically should rise 11% QoQ which is the cause of the continued strength there. Furthermore, Shopify Pay adoption continues to briskly rise at 62% this quarter vs. 58% last quarter. The outperformance of Shopify Pay is a take rate tailwind for the company.

b) Gartner

Gartner’s August 2022 Digital Commerce quadrant painted Shopify in a mixed light. The company ranks first in ability to execute, but 12th out of 17 companies in terms of completeness of vision. Titans like Adobe and Salesforce were the clear leaders with Shopify a challenger. Shopify’s recent executive suite shake-up has led many to think the company will become more acquisitive. Perhaps it should look into more customer resource or graphic design tools as bolt-on acquisitions to round out its vision. As long as these acquisitions are small, (not another Deliverr-sized purchase please) I’d likely support it.

Click here for my Shopify Overview.

3. SoFi Technologies (SOFI) -- Galileo Partnership

Galileo is expanding further into Payment Risk with a new DataVisor partnership. Together, Galileo’s fraud and payments engine and DataVisor’s own fraud capabilities will deepen Galileo’s “robust fraud management solutions” to help businesses expediently manage losses. With payment fraud briskly growing for the foreseeable future, this is a needed focus in today’s world. The invigorated platform proactively hunts fraud patterns to minimize risk thanks to DataVisor’s “powerful, AI-powered end-to-end risk management.” To be candid, this press release was extremely vague. Hopefully we hear a lot more about this in upcoming executive appearances.

4. PayPal Holdings (PYPL) -- Customer Case Studies

a) Customer Case Studies

Parts Geek (a large replacement auto supplier) -- Chargehound’s Dispute Automation product helped this company streamline its chargeback and dispute processes (also uses Braintree for white label pay-in):

• Parts Geek had been using a purely manual dispute process which was having trouble scaling with the firm’s growth.

• With Chargehound, dispute win rate rose by 68% while revenue recovered rose by 150%

• Parts Geek was also able to re-allocate all resources away from chargebacks to things like customer service.

Spokeo (a “people intelligence service”) -- Added a PayPal Checkout Option:

• Spokeo had been using an in-house payment platform. It went with Braintree after extensively reviewing several other competitors.

• It then ran a split test to gauge PayPal’s impact where it “surpassed all expectations” according to Spokeo’s co-founder.

• PayPal delivered a 20% conversion rate boost within 1 week of testing with that benefit rising to 20-30% thereafter. Today, 35% of all Spokeo revenue is via PayPal and it was directly been credited for a 14% gain in new Spokeo customers.

• Spokeo will add Venmo as a new payment option soon.

“I’ve been with Spokeo for 6 years and I have never seen this kind of lift before.” -- VP of Operations at Spokeo Maggie Cheung

b) Honey

PayPal is running an advertising campaign promoting Honey’s ability to save consumers $126 per year. While this isn’t monumental news, it’s important in today’s economic climate. With inflation raging and consumer confidence tanking, savings are becoming more and more coveted. Honey delivers that increasingly top of mind goal. Importantly, the product is nimble enough to pivot from discretionary to necessary goods when need be. It’s leaning on that flexibility today.

Click here for my PayPal Deep Dive.

5. Duolingo (DUOL) -- Adoption Center

Duolingo’s popular family plan -- allowing the bundling of multiple annual subscriptions at a discounted rate -- got a fun, quirky update recently. The company launched its “Duolingo adoption center” to help place individual adults with other family accounts as many of them have less than the maximum 6 profiles in use.

Motivating more people to go with the Family Plan is good for business as these subscriptions are all annual and make revenue far more visible and predictable. While this will not be a large top line growth driver in its own right, it should lead to slightly stickier users over time -- and limiting churn is a massive piece of success for large app-based businesses like this one. As part of the launch, the company launched a playful ad campaign showcasing adults looking around cities for families to adopt them. That made me giggle.

Click here for my Duolingo Deep Dive.

6. Meta Platforms (META) -- Salesforce & Cost Cutting

a) SalesForce

Meta is partnering with Salesforce to integrate WhatsApp business messages into the cloud pioneer’s platform. This will allow users to service customers, market and transact within WhatsApp.

b) Cost Cutting

Wall Street Journal Reported that Meta is looking to trim costs by another 10% this quarter. That’s following other cost reduction measures announced earlier in the year.

7. Nano-X Imaging (NNOX) -- CEO Erez Meltzer Presents at LifeSci Partners

On Licensing:

There was a great deal of overlap between the presentation Erez gave and the slide decks used in the past. One of the interesting differences was the added focus on licensing the company’s proprietary cold cathode semiconductor. According to him, the company “will be partnering with other players in the industry in the near future.” I support this ambition wholeheartedly as I view it as a far less resistant revenue stream than commercializing the Nanox.Arc. It was good to hear a renewed focus on taking advantage of this lower hanging fruit.

On the Nanox.Arc:

Erez reiterated the $14 per scan take rate that Nanox will command and the contractual scan minimums. Interestingly, he added that several of the hardware contracts in place come with terms even better than $14 and 20. So those might be conservative approximates if the Arc ever does get to scaled deployment.

On Regulation:

Erez told us the final FDA submission for the multi-source Arc machine will be “coming soon.” It’s also in the “final stages” of securing other local regulatory approvals. I’d greatly prefer less ambiguity.

8. Cannabis -- Mainly Per Marijuana Moment

• A court in Arkansas upheld a cannabis initiative on the state’s upcoming ballot.

• Oklahoma’s Governor supports Federal legalization. He hasn’t supported state legalization, but does support a more overarching regulatory structure.

• Alaska’s Governor signed an executive order to create a cannabis Task Force.

• Perlmutter and Schumer are supposedly working on banking reform. They’ve been supposedly working on it for the better part of a decade.

  • The National Association of State Treasurers is also calling on congress (for the millionth time) to act here.

• 59% of Maryland voters will support recreational weed on the November ballot. This state should be gearing up to flip in the near future.

• German lawmakers toured California grow facilities this week as they prepare to legalize the plant in their own country.

9. Macro

a) Key Data from the Fed Press Conference

• The Fed Raised its benchmark rate by 75 basis points from 3%-3.25% to 3.75%-4%. It now expects the end of 2022 rate to be roughly 4.4% vs. expectations of 3.4% as of 3 months ago.

  • Mortgage rates exploded to fresh decade highs following this news.

  • From there, the Fed Funds rate is expected to be hiked an average of 0.8 times in 2023 and is expected to materially fall in 2024. Meaning? Once we get through these next few months of aggressive hikes, hawkishness should wane.

• The Fed continues to see labor as too scarce with wage growth too hot despite all of the recent layoff news. Supporting that position, initial jobless claim data came in better than expected this week. With employment as the other Fed mandate, this means it can continue to solely focus on taming inflation and can accept higher unemployment for the moment.

  • It now sees this unemployment rate reaching 4.4% next year vs. previous expectations of 3.9%.

• More rate increases will come, but the pace of those increases could slow if the data warrants it. Powell’s biggest concern is high levels of inflation becoming normal and expected. He’s committed to ensuring that does not happen.

• GDP estimates have been revised from 1.7% for 2022 in June to 0.2% today with forward estimates falling sharply as well. If the economy was a growth stock, it would be getting shellacked.

  • The Fed expects a “sustained period of below trend growth” to get to price stability and won’t stop hiking until it sees “sustained evidence” of it shrinking.

• Importantly, long term inflation expectations looking out 4-5 years continue to be well anchored at 2%.

5 year Breakeven Inflation continues to luckily plummet (partially thanks to oil):

High Yield Corporate Credit Spreads unfortunately continue to be in a well defined up-trend:

The 10 Year, 3 Month Yield Curve is looking better & better:

b) Level-Setting the Data

Believe it or not -- regardless of the sharp market sell-off this week -- I think the macro picture and schedule continues to become more and more clear. As of now, rate hikes and balance sheet runoff will continue to be wildly aggressive through the fall. The labor market still can afford a bit more pain, and the Fed is clearly willing to accept that pain in exchange for price stability.

As we head into 2023 however, it looks as though we could get a hawkish pause and a breather from the multiple compression pressure. We need to get through downward earnings revisions for this to fully flush out, but I think we’re well on our way to doing so. The markets are always forward looking (typically trading on developments 6 months out) and I’ll likely be looking to sink my teeth into accumulation as we reach terminal rates and inflation psychology changes (maybe around New Year’s). This is predicated on inflationary data improving. We are getting there. And I’ll continue to get there with an elevated cash position and patience for now. The light at the end of this dark tunnel, however, is growing increasingly bright.

10. My Activity

I didn’t transact this week.

If you’d like access to my real time portfolio and to sign up for text notifications when I transact, my friends at Savvy Trader now make that possible. It’s 100% free and can be accessed via the button below. Please note that the MSOS position is a placeholder for my positions in Green Thumb and Cresco Labs while OTC stocks are added to the platform. You can also re-create your very own portfolio through Savvy Trader here.