CrowdStrike’s Competitors Poised to Gain from Its Recent Upgrade Mishap

The recent incident with CrowdStrike—a flaw in its Windows application caused a failure that made personal computers inoperable—has led to significant disruptions. Flights were canceled, medical treatments postponed, and numerous office employees were left idle for extended periods. This event has not only led to a plummet in the company’s stock value but has also seen George Kurtz, CrowdStrike’s CEO, promising a swift resolution as services gradually resume.

Competitors are poised to benefit.

The comprehensive impact of what is being dubbed the most significant IT failure to date is still unfolding, but it seems investors are spotting opportunities amidst the chaos. This afternoon, shares in competing firms SentinelOne and Palo Alto Networks saw up to a 10% increase.

In the contest for endpoint security market dominance, CrowdStrike faces stiff competition from several companies including SentinelOne, Palo Alto Networks, Microsoft, Trellix, Trend Micro, and Sophos. These solutions aim to identify and mitigate malware threats across a variety of devices connected to enterprise networks.

By the close of 2023, CrowdStrike had secured approximately 14.74% of the global revenue from sales of security software, amassing around $2.01 billion according to Gartner’s findings. This positioned them second after Microsoft, which captured a 40.16% market share ($5.49 billion) the previous year, with Trellix trailing at a 6.62% share ($906 million).

Eric Grenier, a respected Gartner analyst specializing in cybersecurity threat detection and response, suggests it might be premature to declare any clear winners in the fallout from the CrowdStrike situation. Yet, according to discussions with clients, both Microsoft and SentinelOne often emerge as favored alternatives. Grenier believes that the recent turmoil could push some decision-makers to definitively shift away from CrowdStrike in their security strategy planning.

Opinions, however, are mixed.

Mike Jude, an IDC research director, warns against viewing this mishap in black-and-white terms, highlighting that competitors are equally vulnerable to the dynamic nature of cybersecurity threats—a reality underscored by the bug in CrowdStrike’s flagship Falcon Sensor upgrade that led to conflicts with numerous Windows setups.

This situation, according to Jude, underlines our growing reliance on cybersecurity safeguards, rather than elucidating a clear winner or loser.

Chirag Mehta from Constellation Research relates that the incident was a close shave for others in the industry, who now have a chance to reassess their system integration, update procedures, and deployment strategies to avoid similar pitfalls. Overconfidence in this arena, he asserts, could be perilous.

Analysts from Goldman Sachs, in a recent investor briefing, anticipated minor shifts in endpoint security market shares due to this flaw, emphasizing customer focus on the timeliness and transparency of the resolution over the occurrence of the bug itself.

They argue this event will likely emphasize the importance of robust, reliable, and secure cybersecurity products and practices, thereby strengthening the barriers to entry in the sector and benefiting larger, more established entities.

The analysts recount the Okta security breach as a reference point.

In October 2023, Okta experienced a significant breach affecting all of its identity and access management clientele. While this incident extended deliberation periods for some entities, reassessing Okta’s security measures (and considering alternatives), it did not lead to a significant exodus of customers.

Raj Joshi from Moody’s Ratings reflects on the broader implications of the CrowdStrike incident, highlighting its reminder of the fragility of our IT infrastructure and the heightened risk of failure points in today’s global cloud systems.