Editor’s Note: This is part one of a two-part series.
Recently, A Media engaged in a virtual conversation with George Kurtz, co-founder, president, and CEO of CrowdStrike, a leading cybersecurity firm. The discussion shed light on CrowdStrike's data-centric approach and its vision for the future of cybersecurity. Their unified, cloud-based platform architecture leverages a single agent that seamlessly integrates human intelligence with artificial intelligence (AI). Kurtz emphasized that combining human-driven contextual insights from incident response and threat hunting with AI and machine learning (ML) is crucial for the evolution of cybersecurity.
Are You Ready for AI Agents?
Kurtz brings over 30 years of expertise in cybersecurity, having previously held significant roles at McAfee, including Worldwide Chief Technology Officer and executive vice president of Enterprise. Since its founding in 2011, CrowdStrike has rapidly evolved, launching its threat intelligence module in July 2012 and achieving substantial revenue growth. In Q4 FY 2024, the company reported $845.3 million in revenue, a 33% increase from $637.4 million in Q4 FY 2023; subscription revenue alone reached $795.9 million in the latest quarter, reflecting a 33% year-on-year growth.
A Media: Can you articulate your vision for cybersecurity and how CrowdStrike plans to navigate the rapidly changing threat landscape, especially in relation to generative AI?
George Kurtz: Our strategy since inception has centered on harnessing security data to address current challenges. A data-centric approach is vital, given the speed at which adversaries evolve their tactics. From the outset, our focus has been on effectively integrating data into our platform.
Customers often encounter numerous individual products and manual processes. Our single-platform solution simplifies this by consolidating everything into one agent and one console with workflow automation, yielding significant outcomes. Our leadership in incident response, alongside our intelligence team monitoring adversary patterns, has contributed to our success. Our clients recognize that organized data essential for AI training and various outcomes is a key aspect of our platform.
Kurtz noted that the single-agent platform streamlines data usage for various applications, enhancing AI and algorithm effectiveness.
VB: How does the single-agent architecture enable you to scale human intelligence in deciphering sophisticated threats?
Kurtz: This reflects the people-process-technology synergy. Effective cybersecurity cannot rely solely on technology or personnel; a holistic process integrating all three is essential. Our approach incorporates managed detection response (MDR), a concept we pioneered before it had a formal name.
We focus on achieving a global view of threats and applying machine analytics, while ensuring humans address the complexities that require nuanced understanding to prevent breaches. Our model — collect, train, protect, evolve — remains the backbone of our operational philosophy. The interplay of incident responders, data scientists, and intelligence teams enriches our data, continuously refining our capabilities.
VB: How does your single-agent structure influence acquisition decisions, like that of Flow?
Kurtz: In acquisitions, we prioritize cultural and technological alignment. If a prospect doesn’t share our ethos, we refrain from proceeding. Flow Security serves as a prime example; their technology excels in today’s dynamic data landscape, where information flows through various platforms like Salesforce and Amazon. Understanding data flow and access is crucial for establishing protective measures.
Our endpoint technology enhances data protection, replacing outdated solutions. The integration with Flow equips us with a comprehensive perspective on cloud data, identities, and data movement, allowing us to implement effective guardrails.
We approach integration thoughtfully, ensuring new acquisitions align with our commitment to a unified platform rather than hastily integrating for breadth.
VB: What are the core principles of single-agent architecture, and how has your perspective evolved since founding CrowdStrike?
Kurtz: My understanding of single-agent architecture has deepened significantly since our early days. My previous experience at McAfee highlighted the complications of multiple agents stemming from numerous acquisitions. We faced customer frustrations regarding deployments and reboots. Our commitment is to deliver a single agent with no system reboots, facilitating seamless data collection into a comprehensive dataset.
While competitors often prioritize preventive measures that compromise architecture, we focus on robust data collection. Today, the single agent allows us to tackle an array of modern cybersecurity challenges, from data protection to exposure management.
VB: How does CrowdStrike maintain an open and extensible platform through its single-agent architecture?
Kurtz: Over the years, customer feedback has urged vendors to open their platforms. Many have struggled with disorganized data. In contrast, our organized data structures enable efficient third-party integrations. Our Raptor release and LogScale illustrate our commitment to this clarity.
Data is pivotal in solving cybersecurity issues. By integrating third-party data, we can identify correlations that save time and resources for our customers. With our Next-Gen SIEM, we can process relevant data without burdening clients with excessive data movement, enhancing both efficiency and outcomes.
VB: The single-agent platform appears to foster data fluidity while traditional, fragmented apps can hinder agility. What are your thoughts?
Kurtz: Absolutely. In 2011, when we established CrowdStrike, the cybersecurity landscape lacked centralized platform solutions. While legacy firms like McAfee and Symantec were prevalent, they frequently relied on outdated software and hardware.
CrowdStrike was designed as a cloud-native, AI-driven solution, aiming to become the Salesforce of security. We avoided legacy constraints, enabling us to develop a consistent annual recurring revenue model and maintain a subscription-based sales strategy with no hardware dependencies.
VB: How does a single-agent architecture enhance updates and maintenance, contributing to customer loyalty?
Kurtz: Our unified platform means that when we introduce new features, such as data protection, customers face no installation hurdles. They simply activate the new capability. Our in-app trials reflect a consumer-friendly approach, allowing users to test new modules effortlessly.
This model fosters strong customer retention; by continuously delivering capabilities without necessitating additional agents or complicated deployments, we ensure satisfaction and loyalty. Our streamlined process enables businesses to eliminate legacy solutions, reducing costs while enhancing performance.
This clear, cohesive approach not only simplifies the cybersecurity experience but also positions CrowdStrike as a preferred partner in navigating modern security challenges.