We founded CrowdStrikeFounded in 2011, to reinvent securityCrowdStrike reinvented cybersecurity for the cloud era.era and transformed the way cybersecurity is delivered and experienced by customers. When we started the company,CrowdStrike, cyberattackers had a decided,an asymmetric advantage over existing security products.legacy cybersecurity products that could not keep pace with rapid changes in adversary tactics. We turned the tables on the adversaries by takingtook a fundamentally newdifferent approach that leveragesto solve this problem with the network effects of crowdsourced data applied to modern technologies such as AI, cloud computing, and graph databases. Realizing that the nature of cybersecurity problems had changed but the solutions had not, we built our CrowdStrike Falcon platform – the first, true cloud-native platform capable of harnessing vast amounts of security and enterprise data to detectdeliver highly modular solutions through a single lightweight agent. Our pioneering platform approach keeps customers ahead of attackers by automatically detecting and preventing threats andto stop breaches.

We believe we are definingour approach has defined a new category called the Security Cloud, withwhich has the power to transform the securitycybersecurity industry much the same way the cloud has transformed the CRM, HR,customer relationship management, human resources, and service management industries. WithUsing cloud-scale AI, our Security Cloud enriches and correlates trillions of cybersecurity events per week with indicators of attack, threat intelligence and enterprise data (including data from across endpoints, workloads, identities, IT assets and configurations) to create actionable information, identify shifts in adversary tactics and automatically detect and prevent threats in real-time across our customer base. The more data that is fed into our Falcon platform, the more intelligent our Security Cloud becomes, and the more our customers benefit, creating a powerful network effect that increases the overall value we createdprovide.

Our Falcon platform was purpose-built in the cloud native, intelligent security solution capableto harness the power of data to deliver the next generation of automated protection and provide threat hunters with the intelligence required to stop sophisticated attacks, including non-malware based attacks. This approach has made CrowdStrike an industry leader in protection across endpoints, cloud workloads, identity and data (capable of protecting workloads across on-premise, virtualized, and cloud-based environments running on a variety of endpoints such as desktops, laptops, desktops, servers, virtual machines, cloud workloads, cloud containers, mobile, and IoT devices. We deliver comprehensive breachdevices) and enables us to rapidly scale this best in class protection even against today’s most sophisticated attacksacross new and emerging areas of enterprise risk.

Today, we offer 23 cloud modules on the endpoint, where the most valuableour Falcon platform via a SaaS subscription-based model that spans multiple large markets, including corporate workload security, managed security services, security and vulnerability management, IT operations management, identity protection, log management, threat intelligence services, and data resides. protection.

Our Falcon platform is composed of two tightly integrated, proprietary technologies:technologies that enable us to deliver superior protection and performance, while reducing customer complexity. Our Falcon platform consists of our easily deployed, intelligent lightweight agent, and our cloud-based, dynamicgroundbreaking graph database called Threat Graph. Our solution benefits from crowdsourcing and economies of scale, which we believe enables our AI algorithms to be uniquely effective. We call this cloud-scale AI. technology.

Our single, lightweight-agent approach has changed how organizations experience cybersecurity, delivering protection without impacting the user, resources or productivity. With the lightweight agent is installed on each endpoint and provides localor cloud workload, our Falcon platform automates detection and prevention capabilities whilein real time across our entire global customer base. This also enables our Falcon platform to intelligently collectingingest data once and streamingstream high fidelity data back into the Security Cloud to be re-used for multiple use cases, continuously improve our Falcon platform’s AI algorithms and make its real-time decision-making faster and smarter to keep customers ahead of changing adversary tactics.

Our graph technology correlates and contextualizes the vast data of our Security Cloud so we can collect data once and reuse it repeatedly to deliver solutions that solve our customers’ biggest problems. The highly advanced graph technologies underpinning the Falcon platform for real-time decision-making. now include:

Our Threat Graph, processes, correlates, and analyzes this data in the cloud usingwhich uses a combination of AI and behavioral pattern-matching techniques. techniques to correlate and analyze trillions of cybersecurity events, enriched with threat intelligence, and third-party data to identify and link threat activity together to automatically prevent threats in real time across CrowdStrike’s global customer base. This also provides customers with increased visibility of attacks for proactive threat hunting and timely detection and remediation of novel threats.

By analyzing and correlating information across our massive, crowdsourced dataset, we are able to deploy our AI algorithms at cloud-scale and build a more intelligent, effective solution to detect threats and stop breaches that on-premise, or single instance cloudcloud-hosted and hybrid products cannot match. Today, we offer 11 cloud modules onmatch due to the inherent architectural limitations those products have with respect to data storage and analysis. The more data that is fed into our Falcon platform, viathe more intelligent the Security Cloud becomes, and the more our customers benefit, creating a SaaS subscription-based modelpowerful network effect that spans multiple large security markets,increases the overall value we provide.

We founded our company onbelieve the principle thataforementioned trends are exacerbated by the futurearchitectural limitations of security would be driven by AIlegacy cybersecurity products, which are characterized by:

We believe is a fundamental differentiator from our competitors. Our cloud-scale AI means that the more data that is fed into our Falcon platform, the more intelligent Threat Graph becomes and the more our customers benefit, creating a powerful network effect that increases the overall value we provide. AI is revolutionizing many technology fields, including security solutions. To be truly effective, algorithms that enable AI depend on the quality and volume of data that trains them and the selectioncloud-native architecture of the right differentiating features from that data. Our proprietary algorithms in Threat Graph identify events that may or may not be directly related, but together could indicate a threat that could otherwise remain undetected. Our cloud-scale algorithms make over 134 million indicator of attack decisions per minute. We are uniquely effective because we have more high fidelity data to train our AI models and more security expertise to guide our feature selection—all resulting in industry-leading efficacy and low false positives. Our rich set of continuously collected high fidelity endpoint data feeding our algorithms also enables us to use an active learning approach, where the models are continuously updated to fill in gaps identified in initial models and their performance is validated with this data prior to production use.

We offer our customers compelling business value that includes ease of adoption, rapid time-to-value, superior efficacy rates in detecting threats and preventing breaches, and reduced total cost of ownership by consolidating legacy, siloed, and multi-agent security products in a single solution. We also allow thinly-stretched security organizations to automate previously manual tasks, freeing them to focus on their most important objectives. With the Falcon platform, organizations can transform how they combat threats, transforming from slow, manual, and reactionary to fast, automated, and predictive, providingwhile gaining visibility across the entire threat lifecycle.

The purpose-built, cloud native leaders that began from scratch with multi-tenant architectures, single data models,Key benefits of our approach and SaaS business models have defined entirely new categories such as CRM Cloud, HR Cloud, and Service Management Cloud. We believe we are doing the same for security.

We primarily sell the Falcon platform through our direct sales team that leverages our network of channel partners to maximize effectiveness and scale. We have a Leader in the 2019 Wave for Cybersecurity Incident Response Services.⁽⁵⁾

We have designed an innovative architecture from the ground up to overcome the limitations of existing security products and deliver cloud-based solutions. The key design principles of our Falcon platform include:

Threat Graph also provides query and hunting capability over the full set of high fidelity events collected in the graph. This correlated data, natively represented in a graph structure, enables new products and cloud modules to be created rapidly since the platform provides the visibility, collection, correlation, and actions over data as reusable building blocks. This collect-once, use repeatedly approach is the reason why we have been able to deliver new cloud modules covering IT hygiene and vulnerability management quickly and enables us to continue expanding the Falcon platform rapidly in the future.

We have data center co-location facilities throughout the United States and in Germany,Europe, and we also utilize AWS data centers located in the United States for our storage needs and to help deliver our solution.Europe. Our technology infrastructure, combined with select use of AWS resources, provides us with a distributed and scalable architecture on a global scale.

In addition to our Falcon platform and cloud modules, we also offer incident response and forensic investigatory services, technical assessment and proactivestrategic advisory services, as well as training to assist organizations that have experienced a breach or are assessing their security posture.posture and ability to respond to breaches.

Some of the world’s largest enterprises, government organizations, and high profile brands trust us to protect their business. As of January 31, 2020,2023, we had 5,43123,019 subscription customers worldwide, including 49 of the Fortune 100, 40 of the top 100 global companies, and 11 of the top 20 major banks.worldwide. Historically, we and our channel partners have primarily sold to large organizations, but have increasingly focused on selling to small and medium-sized businesses, particularly through our trial-to-pay model. We engage our customers through our global customer and technical advisory boards in which we solicit feedback from our customers on a regular basis allowing us to understand their evolving needs. We have used this feedback to develop new cloud modules, such as Falcon Insight,FileVantage, and we intend to continue to develop new cloud modules based on our customer’s feedback. Our business is not dependent on any particular end customer.

Our sales and marketing organizations work together closely to drive market awareness, build a strong sales pipeline and cultivate customer relationships to drive revenue growth.

We primarily sell subscriptions to our Falcon platform and cloud modules through our directworld-class, global sales team, which is comprised of field sales and inside sales professionals who are segmented by a customer’s number of endpoints.organizational size. Our sales team also leverages a powerful go-to-market sales motion with our networkvast ecosystem of channel and alliances partners. We also use our sales team to identify current customers who may be interested in free trials of additional cloud modules, which serves as a powerful driver of our land and expand model. By segmenting our sales teams, we can deploy a low-touch sales model that efficiently identifies prospective customers.

Our marketing organization is focused on building our brand reputation, increasing the awareness and reputation of our platform, and driving customer demand. As part of these efforts, we deliver targeted content to demonstrate thought leadership in the security industry, including speaking engagements with the security industry’s foremost organizations to provide expert advice, issuing regular reports on the state of the industry, educating the public about the cybersecurity threats, and identifying and naming adversary groups. We also engage in paid media, web marketing, industry and trade conferences including(including our annual Fal.Con conference,conference), analyst engagements, producing whitepapers,whitepaper development, demand generation via digital and web, and targeted displacement campaigns. We employ a wide range of digital programs, including search engine marketing, online and social media initiatives, and content syndication to increase traffic to our website and encourage newprospective customers to sign up for a 15-day free trial of the Falcon platform. Additionally, we engage in joint marketing activities with our channel and technology alliance partners. In December 2017, we began to employ a trial-to-pay model in which we offer 15-day free trial access to Falcon Prevent to prospective customers directly from our website. In May 2018, we announced that Falcon Prevent was available for trial and purchase from the AWS Marketplace.

We work with a number of technology alliance partners to design go-to-market strategies that combine our platform with products or services provided by our technology alliance partners. These partner integrations deliver more secure solutions and an improved end user experience to their customers. Our technology alliance partnerships focus on security analytics, network and infrastructure security, threat platforms and orchestration, and automation. We launched the CrowdStrike Store, the first open cloud-based application PaaS for cybersecurity and the industry’s first unified security cloud ecosystem of trusted third-party applications. In addition, we recently announced the launch of Falcon for Amazon Web Services (AWS). AvailableAWS, available in the AWS Marketplace, Falcon for AWS allows customers to easily purchase and take advantage of the metered billing (pay-as-you-go) pricing option to scale their consumption as their business needs change.

Our research and development organization is responsible for the design, architecture, operation and quality of our cloud native Falcon platform. In addition, to improving on our features, functionalitythe research and scalability, thisdevelopment organization works closely with our cloud operations teamcustomer success teams to ensure that our platformcustomer satisfaction is available, reliable, and stable.the top priority.

Our success is a result of our continuous drive for innovation. Our internal team of security experts, researchers, intelligence analysts, and threat hunters continuously analyzes the evolving global threat landscape to develop products that defend against today’s most sophisticated and stealthy attacks and reports on emerging security issues. We invest substantial resources in research and development to enhance our Falcon platform, and develop new cloud modules, features and functionality. We believe timely development of new, and enhancement of our existing products, services, and features is essential to maintaining our competitive position. We work closely with our customers and channel partners to gain valuable insight into their security management practices to assist us in designing new cloud modules and features that extend the capability of our platform. Our technical staff monitors and tests our software on a regular basis, and we also make our Falcon platform available for third-party validation. We also maintain a regular release process to update and enhance our existing solutions. In addition, we engage security consulting firms to perform periodic vulnerability analysis of our solutions.

Our research and development leadership team is located in Seattle, Washington and Sunnyvale, California, and weCalifornia. We also maintain research and development centercenters in Irvine, California.California, and Israel. We employ subject matter experts in a number of jurisdictions around the world. We plan to continue to dedicate significant resources to research and development.

The market for our services is intensely competitive and characterized by rapid changes in technology, customer requirements, and industry standards and by frequent new product and service offerings and improvements. We primarily compete with an array of established and emerging security solutionproduct vendors. ConditionsWhile the market for traditional endpoint and IT operations solutions has historically been intensely competitive, we believe that the architecture of our cloud-native, single agent platform fundamentally differentiates us compared to both next-gen and legacy competitors in the security industry. Additionally, as we look to enter into adjacent markets and expand our total addressable market, could change rapidly and significantly as a resultwe may face new competitors. However, we do not believe any of technological advancements, partnerships, or acquisitions by our competitors or continuing market consolidation. Withcurrently have a true platform offering equivalent to the introduction ofFalcon platform, which can be leveraged to win in legacy markets and define new technologies and market entrants, we expect the competitive environment to remain intense. categories.

Our competitors currently include the following by general category:

We compete on the basis of a number of factors, including but not limited to our:

Although certain of our competitors enjoy greater resources, recognition, deeper customer relationships, larger existing customer bases, or more mature intellectual property portfolios, we believe that we compete favorably with respect to these factors and that we are well positioned as a leading provider of endpoint and workload security solutions.

We believe that our intellectual property rights are valuable and important to our business. We rely on trademarks, patents, copyrights, trade secrets, license agreements, intellectual property assignment agreements, confidentiality procedures, non-disclosure agreements, and employee non-disclosure and invention assignment agreements to establish and protect our proprietary rights. Though we rely in part upon these legal and contractual protections, we believe that factors such as the skills and ingenuity of our employees and the functionality and frequent enhancements to our solutions are larger contributors to our success in the marketplace.

CrowdStrike, Inc. was incorporated in the state of Delaware in August 2011. We then incorporated CrowdStrike Holdings, Inc. in the state of Delaware in November 2011, which acquired all shares of CrowdStrike, Inc. held by Warburg Pincus Private Equity X, L.P. and Warburg Pincus X Partners, L.P., or Warburg Pincus, such that CrowdStrike, Inc. became our wholly-owned subsidiary. Our principal executive offices are located at 150 Mathilda Place,206 E. 9th Street, Suite 300, Sunnyvale, California 94086,1400, Austin, Texas 78701 and our telephone number is (888) 512-8906. We are a holding company and all of our business operations are conducted through our subsidiaries, including CrowdStrike, Inc. Our website address is www.crowdstrike.com. Information contained on, or that can be accessed through, our website does not constitute part of this Annual Report on Form 10-K.

A description of the risks and uncertainties associated with our business is set forth below. You should carefully consider the risks and uncertainties described below, as well as the other information in this Annual Report on Form 10-K, including our consolidated financial statements and the related notes and “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” The occurrence of any of the events or developments described below, or of additional risks and uncertainties not presently known to us or that we currently deem immaterial, could materially and adversely affect our business, results of operations, financial condition and growth prospects. In such an event, the market price of our Class A common stock could decline, and you could lose all or part of your investment.

We have experienced rapid revenue growth in recent periods and we expect to continue to invest broadly across our organization to support our growth. For example, our headcount grew from 3243,394 employees as of January 31, 20162021, to 2,3097,273 employees as of January 31, 2020.2023. Although we have experienced rapid growth historically, we may not sustain our current growth rates nor can we assure you thatand our investments to support our growth willmay not be successful. The growth and expansion of our business will require us to invest significant financial and operational resources and the continuous dedication of our management team. We have encountered and will continue to encounter risks and difficulties frequently experienced by rapidly growing companies in evolving industries, including market acceptance of our Falcon platform, adding new customers, intense competition, and our ability to manage our costs and operating expenses. Our future success will depend in part on our ability to manage our growth effectively, which will require us to, among other things:

If we fail to achieve these objectives effectively, our ability to manage our expected growth, ensure uninterrupted operation of our Falcon platform and key business systems, and comply with the rules and regulations applicable to our business could be impaired. Additionally, the quality of our platform and services could suffer and we may not be able to adequately address competitive challenges. Any of the foregoing could adversely affect our business, results of operations, and financial condition.

We have incurred net losses in all periods since our inception, and we may not achieve or maintain profitability in the future. We experienced net losses of $135.5$183.2 million, $140.1$234.8 million, and $141.8$92.6 million for fiscal 2018,2023, fiscal 2019,2022, and fiscal 2020,2021, respectively. As of January 31, 2020,2023, we had an accumulated deficit of $637.5 million.$1.1 billion. While we have experienced significant growth in revenue in recent periods, we cannot assure you when or whether we will reach or maintain profitability. We also expect our operating expenses to increase in the future as we continue to invest for our future growth, which will negatively affect our results of operations if our total revenue does not increase. We cannot assure you that these investments will result in substantial increases in our total revenue or improvements in our results of operations. In additionWe also have incurred and expect to the anticipated costs to grow our business, we also expectcontinue to incur significant additional legal, accounting, and other expenses as a newly public company. Any failure to increase our revenue as we invest in our business or to manage our costs could prevent us from achieving or maintaining profitability or positive cash flow.

We believe our future success will depend in large part on the growth, if any, in the market for cloud-based SaaS-delivered endpoint security solutions. The use of SaaS solutions to manage and automate security and IT operations is at an early stage and rapidly evolving. As such, it is difficult to predict its potential growth, if any, customer adoption and retention rates, customer demand for our solutions, customer consolidation on our platform, or the success of existing competitive products. Any expansion in our market depends on a number of factors, including the cost, performance, and perceived value associated with our solutions and those of our competitors. If our solutions do not achieve widespread adoption or there is a reduction in demand for our solutions due to a lack of customer acceptance, technological challenges, competing products, privacy concerns, decreases in corporate spending, weakening economic conditions or otherwise, it could result in early terminations, reduced customer retention rates, or decreased revenue, any of which would adversely affect our business, results of operations, and financial results. We do not know whether the trend in adoption of cloud-based SaaS-delivered endpoint security solutions we have experienced in the past will continue in the future. Furthermore, if we or other SaaS security providers experience security incidents, loss or disclosure of customer data, disruptions in delivery, or other problems, the market for SaaS solutions as a

To expand our customer base, we need to convince potential customers to allocate a portion of their discretionary budgets to purchase our Falcon platform. Our sales efforts often involve educating our prospective customers about the uses and benefits of our Falcon platform. Enterprises and governments that use legacy security products, such as signature-based or malware-based products, firewalls, intrusion prevention systems, and antivirus, for their IT security may be hesitant to purchase our Falcon platform if they believe that these products are more cost effective, provide substantially the same functionality as our Falcon platform or provide a level of IT security that is sufficient to meet their needs. We may have difficulty convincing prospective customers of the value of adopting our solution. Even if we are successful in convincing prospective customers that a cloud native platform like ours is critical to protect against cyberattacks, they may not decide to purchase our Falcon platform for a variety of reasons, some of which are out of our control. For example, any deterioration in general economic conditions, including as a downturn due toresult of the geopolitical environment, the outbreak of diseases such as COVID-19 or inflation (as well as government policies such as raising interest rates in response to inflation), have in the novel coronavirus, or COVID-19,past and may in the future cause our current and prospective customers to delay or cut their overall security and IT operations spending, and such delays or cuts may fall disproportionately on cloud-based security solutions like ours. Economic weakness, customer financial difficulties, and constrained spending on security and IT operations

In order for us to maintain or improve our results of operations, it is important that our customers renew their subscriptions for our Falcon platform when existing contract terms expire, and that we expand our commercial relationships with our existing customers by selling additional cloud modules and by deploying to more endpoints in their environments. Our customers have no obligation to renew their subscription for our Falcon platform after the expiration of their contractual subscription period, which is generally one year, and in the normal course of business, some customers have elected not to renew. In addition, our customers that previously signed multi-year subscription contracts may renew for shorter contract subscription lengths, orand customers may cease using certain cloud modules. modules altogether. Even if customers choose to renew their subscription of certain cloud modules, they may decline to purchase additional cloud modules or choose not to consolidate onto our Falcon platform.

The market for security and IT operations solutions is intensely competitive, fragmented, and characterized by rapid changes in technology, customer requirements, industry standards, increasingly sophisticated attackers, and by frequent introductions of new or improved products to combat security threats. We expect to continue to face intense competition from current competitors, as well as from new entrants into the market. If we are unable to anticipate or react to these challenges, our competitive position could weaken, and we could experience a decline in revenue or reduced revenue growth, and loss of market share that would adversely affect our business, financial condition, and results of operations. Our ability to compete effectively depends upon numerous factors, many of which are beyond our control, including, but not limited to:

Many of theseour competitors have greater financial, technical, marketing, sales, and other resources, greater name recognition, longer operating histories, and a larger base of customers than we do. They may be able to devote greater resources to the development, promotion, and sale of services than we can, and they may offer lower pricing than we do. Further, they may have greater resources for research and development of new technologies, the provision of customer support, and the pursuit of acquisitions, or they may have other financial, technical, or other resource advantages.acquisitions. Our larger competitors have substantially broader and more diverse product and services offerings as well as routes to market, which allows them to leverage their relationships based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our platform, including our cloud modules. Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering or acquisitions by our competitors or continuing market consolidation. Some of our competitors have recently made acquisitions of businesses or have established cooperative relationships that may allow them to offer more directly competitive and comprehensive solutions than were previously offered and adapt more quickly to new technologies and customer needs. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, increased net losses and loss of market share. Further, many competitors that specialize in providing protection from a single type of security threat may be able to deliver these targeted security products to the market quicker than we can or convince organizations that these limited products meet their needs. Even if there is significant demand for cloud-based security solutions like ours, if our competitors include functionality that is, or is perceived to be, equivalent to or better than ours in legacy products that are already generally accepted as necessary components of an organization’s IT security architecture, we may have difficulty increasing the market penetration of our platform. Furthermore, even if the functionality offered by other security and IT operations providers is different and more limited than the functionality of our platform, organizations may elect to accept such limited functionality in lieu of adding products from additional vendors like us. If we are unable to compete successfully, or if competing successfully requires us to take aggressive pricing or other actions, our business, financial condition, and results of operations would be adversely affected.

If we are unable to maintain our pricing due to competitive pressures or other factors, our margins will be reduced and our gross profits, business, results of operations, and financial condition would be adversely affected. The subscription prices for our Falcon platform, cloud modules, and professional services may decline for a variety of reasons, including competitive pricing pressures, discounts, anticipation of the introduction of new solutions by our competitors, or promotional programs offered by us or our competitors. Competition continues to increase in theThe cybersecurity market segments in which we operate,remains very competitive, and we expect competition tomay further increase in the future. Larger competitors with more diverse product and service offeringsCompetitors may reduce the price of products or subscriptions that compete with ours or may bundle them with other products and subscriptions.

Real or perceived defects, errors or vulnerabilities in our Falcon platform and cloud modules, the failure of our platform to detect or prevent incidents, including advanced and newly developed attacks, misconfiguration of our solutions, or the failure of customers to take action on attacks identified by our platform could harm our reputation and adversely affect our business, financial position and results of operations. Because our cloud native security platform is complex, it may contain defects or errors that are not detected until after deployment. We cannot assure you that our products will detect all cyberattacks, especially in light of the rapidly changing security threat landscape that our solution seeks to address. Due to a variety of both internal and external factors, including, without limitation, defects or misconfigurations of our solutions, our solutions could be or become vulnerable to security incidents (both from intentional attacks and accidental causes) that cause them to fail to secure endpoints and detect and block attacks. In addition, because the techniques used by computer hackers to access or sabotage networks and endpoints change frequently and generally are not recognized until launched against a target, there is a risk that an advanced attack could emerge that our cloud native security platform is unable to detect or prevent until after some of our customers are affected. Additionally, our Falcon platform may falsely indicate a cyberattack or threat that does not actually exist, which may lessen customers’ trust in our solutions.

Moreover, as our cloud native security platform is adopted by an increasing number of enterprises and governments, it is possible that the individuals and organizations behind advanced cyberattacks will begin to focus on finding waysmay intensify their efforts to defeat our security platform. If this happens, our systems and subscription customers could be specifically targeted by attackers and could result in vulnerabilities in our platform or undermine the market acceptance of our Falcon platform and could adversely affect our reputation as a provider of security solutions. Because we host customer data on our cloud platform, which in some cases may contain personally-identifiable information or potentially confidential information, a security compromise, or an accidental or intentional misconfiguration or malfunction of our platform could result in personally-identifiable information and other customer data being accessible such as to attackers or to other customers. Further, if a high profile security breach occurs with respect to another next-generation or cloud-based security system, our customers and potential customers may lose trust in cloud solutions generally, and cloud-based security solutions such as ours in particular.

Organizations are increasingly subject to a wide variety of attacks on their networks, systems, and endpoints. No security solution, including our Falcon platform, can address all possible security threats or block all methods of penetrating a network or otherwise perpetrating a security incident. If any of our customers experiences a successful cyberattack while using our solutions or services, such customer could be disappointed with our Falcon platform, regardless of whether our solutions or services blocked the theft of any of such customer’s data, or were implicated in failing to block such attack.if the attack would have otherwise been mitigated or prevented if the customer had fully deployed aspects of our Falcon platform. Similarly, if our solutions detect attacks against a customer but the customer does not address the vulnerability, customers and the public may erroneously believe that our solutions were not effective. Security breaches against customers that use our solutions may result in customers and the public believing that our solutions failed. Our Falcon platform may fail to detect or prevent malware, viruses, worms or similar threats for any number of reasons, including our failure to enhance and expand our Falcon platform to reflect the increasing sophistication of malware, viruses and other threats. Real or perceived security breaches of our customers’ networks could cause disruption or damage to their networks or other negative consequences and could result in negative publicity to us, damage to our reputation, and other customer relations issues, and may adversely affect our revenue and results of operations.

It is virtually impossible for us to entirely eliminate the risk of such attacks, compromises, interruptions in service, or other security incidents affecting our internal systems or data, or that of our third-party service providers and vendors. Organizations are subject to a wide variety of attacks on their supply chain, networks, systems, and endpoints, and techniques used to sabotage or to obtain unauthorized access to networks in which data is stored or through which data is transmitted change frequently. Furthermore, employee error or malicious activity could compromise our systems. As a result, we may be unable to anticipate these techniques or implement adequate measures to prevent an intrusion into our networks, which could result in unauthorized access to customer data, intellectual property including access to our source code, and information about vulnerabilities in our product, which in turn, could reduce the effectiveness of our solutions, or lead to cyberattacks or other intrusions of our customers’ networks, litigation, governmental audits and investigations and significant legal fees, andany or all of which could

In addition, while we maintain insurance policies that may cover certain liabilities in connection with a cybersecurity incident, we cannot be certain that our insurance coverage will be adequate for liabilities actually incurred, that insurance will continue to be available to us on commercially reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, results of operations and reputation.

Our customers depend on the continuous availability of our Falcon platform. We currently host our Falcon platform and serve our customers using a mix of third-party data centers, primarily Amazon Web Services, Inc., or AWS, and our data centers, hosted in colocation facilities. Consequently, we may be subject to service disruptions as well as failures to provide adequate support for reasons that are outside of our direct control. We have experienced, and expect that in the future we may experience interruptions, delays and outages in service and availability from time to time due to a variety of factors, including infrastructure changes, human or software errors, website hosting disruptions and capacity constraints.

The following factors, many of which are beyond our control, can affect the delivery, availability, and the performance of our Falcon platform:

The adverse effects of any service interruptions on our reputation, results of operations, and financial condition may be disproportionately heightened due to the nature of our business and the fact that our customers have a low tolerance for interruptions of any duration. Interruptions or failures in our service delivery could result in a cyberattack or other security threat to one of our customers during such periods of interruption or failure. Additionally, interruptions or failures in our service could cause customers to terminate their subscriptions with us, adversely affect our renewal rates, and harm our ability to attract new customers. Our business would also be harmed if our customers believe that a cloud-based SaaS-delivered endpoint security solution is unreliable. While we do not consider them to have been material, we have experienced, and may in the future experience, service interruptions and other performance problems due to a variety of factors. The occurrence of any of these factors, or if we are unable to rapidly and cost-effectively fix such errors or other problems that may be identified, could damage our reputation, negatively affect our relationship with our customers or otherwise harm our business, results of operations and financial condition.

We depend on our direct sales force to obtain new customers and increase sales with existing customers. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel, particularly in international markets. We have expanded our sales organization significantly in recent periods and expect to continue to add additional sales capabilities in the near term. There is significant competition for sales personnel with the skills and technical knowledge that we require. New hires require significant training and may take significant time before they achieve full productivity, and this delay is accentuated by our long sales cycles. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. In addition, a large percentage of our sales force is new to our company and selling our solutions, and therefore this team may be less effective than our more seasoned sales personnel. Furthermore, hiring sales personnel in new countries, or expanding our existing presence, requires upfront and ongoing expenditures that we may not recover if the sales personnel fail to achieve full productivity. We cannot predict whether, or to what extent, our sales will increase as we expand our sales force or how long it will take for sales personnel to become productive. If we are unable to hire and train a sufficient number of effective sales personnel, or the sales personnel we hire are not successful in obtaining new customers or increasing sales to our existing customer base, our business and results of operations will be adversely affected.

We generally recognize revenue from customers ratably over the terms of their subscription, which is generally one year. As a result, a substantial portion of the revenue we report in each period is attributable to the recognition of deferred revenue relating to agreements that we entered into during previous periods. Consequently, any increase or decline in new sales or renewals in any one period will not be immediately reflected in our revenue for that period. Any such change, however, would affect our revenue in future periods. Accordingly, the effect of downturns or upturns in new sales and potential changes in our rate of renewals may not be fully reflected in our results of operations until future periods. We may also be unable to timely reduce our cost structure in line with a significant deterioration in sales or renewals that would adversely affect our results of operations and financial condition.

Our results of operations may vary significantly from period to period, which could adversely affect our business, financial condition and results of operations. Our results of operations have varied significantly from period to period, and we expect that our results of operations will continue to vary as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:

Furthermore, our business and revenues are impacted by global economic and geopolitical conditions. Volatile financial markets, inflation, rising interest rates, supply chain challenges, political turmoil and other disruptions to global and regional economies and markets continue to add uncertainty to macroeconomic conditions. Any continued or further uncertainty, weakness or deterioration in economic conditions or the geopolitical environment could harm our business and results of operations. In addition, we experience seasonal fluctuations in our financial results as we typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in the second half of the fiscal year as compared to the first half of the year due to the annual budget approval process of many of our customers. In addition, we also experience seasonality in our operating margin, typically with a lower margin in the first half of our fiscal year. Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other results of operations from period to period. As a result of this variability, our historical results of operations should not be relied upon as an indication of future performance. Moreover, this variability and unpredictability could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, our stock price could fall substantially, and we could face costly lawsuits, including securities class action suits.

We believe that maintaining and enhancing our CrowdStrike and Falcon brand and our reputation as a provider of high-efficacy security solutions is critical to our relationship with our existing customers, channel partners, and technology alliance partners and our ability to attract new customers and partners. The successful promotion of our CrowdStrike and Falcon brand will depend on a number of factors, including our marketing efforts, our ability to continue to develop additional cloud modules and features for our Falcon platform, our ability to successfully differentiate our Falcon platform from competitive cloud-based or legacy security solutions and, ultimately, our ability to detect and stop breaches. Although we believe it is important for our growth, our brand promotion activities may not be successful or yield increased revenue.

In addition to our direct sales force, we rely on our channel partners to sell and support our Falcon platform. AThe vast majority of sales of our Falcon platform flow through our channel partners, and we expect this to continue for the foreseeable future. Additionally, we have entered, and intend to continue to enter, into technology alliance partnerships with third parties to support our future growth plans. The loss of a substantial number of our channel partners or technology alliance partners, or the failure to recruit additional partners, could adversely affect our results of operations. Our ability to achieve revenue growth in the future will depend in part on our success in maintaining successful relationships with our channel partners and in training our channel partners to independently sell and deploy our Falcon platform. If we fail to effectively manage our existing sales channels, or if our channel partners are unsuccessful in fulfilling the orders for our solutions, or if we are unable to enter into arrangements with, and retain a sufficient number of, high quality channel partners in each of the regions in which we sell solutions and keep them motivated to sell our products, our ability to sell our products and results of operations will be harmed.

Our future growth depends, in part, on increasing sales to government organizations. Demand from government organizations is often unpredictable, subject to budgetary uncertainty and typically involves long sales cycles. We have made significant investment to address the government sector, but we cannot assure you that these investments will be successful, or that we will be able to maintain or grow our revenue from the government sector. Although we anticipate that they may increase in the future, sales to U.S. federal, state and local governmental agencies have not accounted for, and may never account for, a significant portion of our revenue. U.S. federal, state and localgovernment sales as well as foreign government sales are subject to a number of challenges and risks that may adversely impact our business.

Sales to such government entities include, but are not limited to, the following risks:

The occurrence of any of the foregoing risks could cause governments and governmental agencies to delay or refrain from purchasing our solutions in the future or otherwise have an adverse effect on our business and results of operations.

Our future growth is dependent upon our ability to continue to meet the needs of new customers and the expanding needs of our existing customers as their use of our solutions grow. As our customers gain more experience with our solutions, the number of endpoints and events, the amount of data transferred, processed and stored by us, the number of locations where our platform and services are being accessed, have in the past, and may in the future, expand rapidly. In order to meet the performance and other requirements of our customers, we intend to continue to make significant investments to increase capacity and to develop and implement new technologies in our service and cloud infrastructure operations. These technologies, which include databases, applications and server optimizations, network and hosting strategies, and automation, are often advanced, complex, new and untested. We may not be successful in developing or implementing these technologies. In addition, it takes a significant amount of time to plan, develop and test improvements to our technologies and infrastructure, and we may not be able to accurately forecast demand or predict the results we will realize from such improvements. To the extent that we do not effectively scale our operations to meet the needs of our growing customer base and to maintain performance as our customers expand their use of our solutions, we may not be able to grow as quickly as we anticipate, our customers may reduce or cancel use of our solutions and we may be unable to compete as effectively and our business and results of operations may be harmed.

Additionally, we have and will continue to make substantial investments to support growth at our data centers and improve the profitability of our cloud platform. For example, because of the importance of AWS’ services to our business and AWS’ position in the cloud-based server industry, any renegotiation or renewal of our agreement with AWS may be on terms that are significantly less favorable to us than our current agreement. If our cloud-based server costs were to increase, our business, results of operations and financial condition may be adversely affected. Although we expect that we could receive similar services from other third parties, if any of our arrangements with AWS are terminated, we could experience interruptions on our Falcon platform and in our ability to make our solutions available to customers, as well as delays and additional expenses in arranging alternative cloud infrastructure services. Ongoing improvements to cloud infrastructure may be more expensive than we anticipate, and may not yield the expected savings in operating costs or the expected performance benefits. In addition, we may be required to re-invest any cost savings achieved from prior cloud infrastructure improvements in future infrastructure projects to maintain the levels of service required by our customers. We may not be able to maintain or achieve cost savings from our investments, which could harm our financial results.

We believe our intellectual property is an essential asset of our business, and our success and ability to compete depend in part upon protection of our intellectual property rights. We rely on a combination of patent, copyright, trademark and trade secret laws, as well as confidentiality procedures and contractual provisions, to establish and protect our intellectual property rights in the United States and abroad, all of which provide only limited protection. The efforts we have taken to protect our

We may not be effective in policing unauthorized use of our intellectual property, and even if we do detect violations, litigation or technical changes to our products may be necessary to enforce our intellectual property rights. Protecting against the unauthorized use of our intellectual property rights, technology and other proprietary rights is expensive and difficult, particularly outside of the United States. Any enforcement efforts we undertake, including litigation, could be time-consuming and expensive and could divert management’s attention, which could harm our business and results of operations. Further, attempts to enforce our rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us, or result in a holding that invalidates or narrows the scope of our rights, in whole or in part. The inability to adequately protect and enforce our intellectual property and other proprietary rights could seriously harm our business, results of operations and financial condition. Even if we are able to secure our intellectual property rights, we cannot assure you that such rights will provide us with competitive advantages or distinguish our services from those of our competitors or that our competitors will not independently develop similar technology, duplicate any of our technology, or design around our patents.

Claims by others that we infringe their proprietary technology or other intellectual property rights could harm our business. A number of companies in our industry hold a large number of patents and also protect their copyright, trade secret and other intellectual property rights, and companies in the networking and security industry frequently enter into litigation based on allegations of patent infringement or other violations of intellectual property rights. For example, in March 2022, Webroot, Inc. and Open Text, Inc. filed a lawsuit against us alleging that certain of our products infringe on patents held by them. As we face increasing competition and grow, the possibility of intellectual property rights claims against us also grows. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that such personnel have divulged proprietary or other confidential information to us. From time to time, third parties have in the past and may in the future assert claims of infringement of intellectual property rights against us. For example, we are currently involved in proceedings before the Trademark Trial and Appeal Board at the U.S. Patent and Trademark Office regarding our U.S. trademark registrations for CrowdStrike Falcon and our U.S. application to register our Falcon OverWatch trademark. Fair Isaac Corporation, or FICO, petitioned to cancel our trademark registrations and opposed our application. If the appeal board were to find against us, it would cancel our trademark registrations for CrowdStrike Falcon and reject our application to register Falcon OverWatch. If FICO were to file an infringement action in court and if we do not prevail in that action, we could ultimately be required to change the names of our solutions, which would force us to incur significant marketing expense in establishing an alternative brand to our existing Falcon brand. We cannot assure you that we will be successful in these rebranding efforts.

Third parties may in the future also assert claims against our customers or channel partners, whom our standard license and other agreements obligate us to indemnify against claims that our solutions infringe the intellectual property rights of third parties. As the number of products and competitors in the security and IT operations market increases and overlaps occur, claims of infringement, misappropriation, and other violations of intellectual property rights may increase. While we intend to increase the size of our patent portfolio, many of our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have. In addition, future litigation may involve non-practicing entities, companies or other patent owners who have no relevant product offerings or revenue and against whom our own patents may therefore provide little or no deterrence or protection. Any claim of intellectual property infringement by a third party, even a claim without merit, could cause us to incur substantial costs defending against such claim, could distract our management from our business and could require us to cease use of such intellectual property.

Additionally, our insurance may not cover intellectual property rights infringement claims that may be made. In the event that we fail to successfully defend ourselves against an infringement claim, a successful claimant could secure a judgment or otherwise require payment of legal fees, settlement payments, ongoing royalties or other costs or damages; or we may agree to a settlement that prevents us from offering certain services or features; or we may be required to obtain a license, which may not be available on reasonable terms, or at all, to use the relevant technology. If we are prevented from using certain technology or

Although third parties may offer a license to their technology or other intellectual property, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costs associated with any license could cause our business, financial condition and results of operations to be adversely affected. In addition, some licenses may be nonexclusive, and therefore our competitors may have access to the same technology licensed to us. If a third party does not offer us a license to its technology or other intellectual property on reasonable terms, or at all, we could be enjoined from continued use of such intellectual property. As a result, we may be required to develop alternative, non-infringing technology, which could require significant time, during whicheffort and expense and may ultimately not be successful. Additionally, we couldmay be unable to continue to offer our affected products, subscriptions or services, effort, and expense and may ultimately not be successful.while developing such technology. Furthermore, a successful claimant could secure a judgment or we may agree to a settlement that prevents us from distributing certain products, providing certain subscriptions or performing certain servicesservices. Any such judgment or that requiressettlement could also require us to pay substantial damages, royalties or other fees. Any of these events could harm our business, financial condition and results of operations.

We currently incorporate, and will in the future incorporate, technology that we license from third parties, including software, into our solutions. We cannot be certain that our licensors do not or will not infringe on the intellectual property rights of third parties or that our licensors have or will have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our Falcon platform. Some of our agreements with our licensors may be terminated by them for convenience, or otherwise provide for a limited term. If we are unable to continue to license technology because of intellectual property infringement claims brought by third parties against our licensors or against us, or if we are unable to continue our license agreements or enter into new licenses on commercially reasonable terms, our ability to develop and sell solutions and services containing or dependent on that technology would be limited, and our business could be harmed. Additionally, if we are unable to license technology from third parties, we may be forced to acquire or develop alternative technology, which we may be unable to do in a commercially feasible manner or at all, and may require us to use alternative technology of lower quality or performance standards. This could limit or delay our ability to offer new or competitive solutions and increase our costs. As a result, our margins, market share, and results of operations could be significantly harmed.

We are required to comply with stringent, complex and industry-specific requirements or regulations, our business, results of operations, and financial condition could be harmed.

Moreover, while we strive to publish and personal information within the European Union, the United States,prominently display privacy policies that are accurate, comprehensive, and elsewhere, especially relating to classification of IP addresses, machine identification, location datacompliant with applicable laws, rules regulations and industry standards, we cannot ensure that our privacy policies and other information, may limitstatements regarding our practices will be sufficient to protect us from claims, proceedings, liability or inhibit our ability to operate or expand our business, including limiting technology alliance partnerships that may involve the sharing of data. Even the perception of privacy concerns, whether or not valid, may harm our reputation, inhibit adoption of our products by current and future customers, or adversely impact our ability to attract and retain workforce talent. In addition, changes in laws or regulations that adversely affect the use of the internet, including laws impacting net neutrality, could impact our business. We expect that existing laws, regulations and standards may be interpreted in new manners in the future. Future laws, regulations, standards and other obligations, and changes in the interpretation of existing laws, regulations, standards and other obligations could require us to modify our solutions, restrict our business operations, increase our costs and impair our ability to maintain and grow our customer base and increase our revenue.

If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, results of operations and financial condition could be adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, results of operations and financial condition.

We endeavor to properly classify employees as exempt versus non-exempt under applicable law. Although there are no pending or threatened material claims or investigations against us asserting that some employees are improperly classified as exempt, the possibility exists that some of our current or former employees could have been incorrectly classified as exempt employees.

These laws and regulations impose added costs on our business, and failure by us, our employees, representatives, contractors, channel partners, agents, intermediaries, or other third parties to comply with these or other applicable regulations and requirements could lead to claims for damages, penalties, termination of contracts, loss of exclusive rights in our intellectual property and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with customers, including those in the public sector, and could result in reduced sales of our products, substantial product inventory write-offs, reputational damage, penalties, and other sanctions, any of which could harm our business, reputation, and results of operations.

We are subject to laws and regulations, including governmental export controls, that could subject us to liability or impair our ability to compete in our markets. Our products are subject to U.S. export controls, including the U.S. Department of Commerce’s Export Administration Regulations, and we and our employees, representatives, contractors, agents, intermediaries, and other third parties are also subject to various economic and trade sanctions regulations administered by the U.S. Treasury Department’s Office of Foreign Assets Control. We incorporate standard encryption algorithms into our products, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain cloud-based solutions to countries, governments, and persons targeted by U.S. sanctions.

Some open source licenses contain requirements that we make available source code for modifications or derivative works we create based upon the type of open source software we use. If we combine our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public, including authorizing further modification and redistribution, or otherwise be limited in the licensing of our services, each of which could provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in our solutions, require us to re-engineer all or a portion of our Falcon platform, and could reduce or eliminate the value of our services. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of sales for us.

The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in ways that could impose unanticipated conditions or restrictions on our ability to commercialize products and subscriptions incorporating such software. Moreover, we cannot assure you that our processes for controlling our use of open source software in our products and subscriptions will be effective. From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open source software or derivative works that we developed using such software (which could include our proprietary source code), or otherwise seeking to enforce the terms of the applicable open source license. These claims could result in litigation. Litigation could be costly for us to defend, have a negative effect on our results of operations and financial condition or require us to devote additional research and development resources to change our solutions. Responding to any infringement or noncompliance claim by an open source vendor, regardless of its validity, discovering certain open source software code in our Falcon platform, or a finding that we have breached the terms of an open source software license, could harm our business, results of operations and financial condition, by, among other things:

Certain of our customer agreements contain service level commitments, which contain specifications regarding the availability and performance of our Falcon platform. Any failure of or disruption to our infrastructure could impact the performance of our Falcon platform and the availability of services to customers. If we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our Falcon platform, we may be contractually obligated to provide affected customers with service credits for future subscriptions, and, in certain cases, refunds. To date, there has not been a material failure to meet our service level commitments, and we do not currently have any material liabilities accrued on our balance sheetsheets for such commitments. Our revenue, other results of operations and financial condition could be harmed if we suffer performance issues or downtime that exceeds the service level commitments under our agreements with our customers.

We are regularly subject to claims, suits, and government investigations and other proceedings including patent, product liability, class action, whistleblower, personal injury, property damage, labor and employment (including allegations of wage and hour violations), commercial disputes, compliance with laws and regulatory requirements and other matters, and we may become subject to additional types of claims, suits, investigations and proceedings as our business develops. For example, we, along with certain other cybersecurity providers, currently are subject to a civil investigation regarding participation in cybersecurity testing standard-setting and allegations that this standard-setting facilitated a concerted refusal to deal with cybersecurity testing organizations that did not adhere to those standards. While we believe that we have acted in compliance in all material respects with applicable antitrust laws, such investigation, as well as any otherSuch claims, suits, and government investigations and proceedings that may be asserted against us in the future are inherently uncertain and their results cannot be predicted with certainty. Regardless of the outcome, any of these types of legal proceedings can have an adverse impact on us because of legal costs and diversion of management attention and resources, and could cause us to incur significant expenses or liability, adversely affect our brand recognition, and/or require us to change our business practices. The expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our results of operations. It is possible that a resolution of one or more such proceedings could result in substantial damages, settlement costs, fines and penalties that could adversely affect our business, consolidated financial position, results of operations, or cash flows in a particular period. These proceedings could also result in reputational harm, sanctions, consent decrees, or orders requiring a change in our business practices. Because of the potential risks, expenses and uncertainties of litigation, we may, from time to time, settle disputes, even where we have meritorious claims or defenses, by agreeing to settlement agreements. Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, financial condition, results of operations, and prospects. Any of these consequences could adversely affect our business and results of operations.

We may be subject to liability claims for damages related to errors or defects in our solutions. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of our products may harm our business and results of operations. Although we generally have limitation of liability provisions in our terms and conditions of sale, these provisions do not cover our indemnification obligations as described in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Indemnification” and they may not fully or effectively protect us from claims as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. The sale and support of our products also entails the risk of product liability claims.

Additionally, our agreements with customers and other third parties typically include indemnification or other provisions under which we agree to indemnify or otherwise be liable to them for losses suffered or incurred as a result of claims regarding intellectual property infringement, breach of agreement, including confidentiality, privacy and security obligations, violation of applicable laws, damages caused by failures of our solutions or to property or persons, or other liabilities relating to or arising from our products and services, or other acts or omissions. These contractual provisions often survive termination or expiration of the applicable agreement. We have not to date received any indemnification claims from third parties. However, as we continue to grow, the possibility of these claims against us will increase.

If our customers or other third parties we do business with make intellectual property rights or other indemnification claims against us, we will incur significant legal expenses and may have to pay damages, license fees, and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology. Such license may not

Additionally, our Falcon platform may be used by our customers and other third parties who obtain access to our solutions for purposes other than for which our platform was intended. For example, our Falcon platform might be misused by a customer to monitor its employee’s activities in a manner that violates the employee’s privacy rights under applicable law.

During the course of performing certain solution-related services and our professional services, our teams may have significant access to our customers’ networks. We cannot be sure that an employee may not take advantage of such access which may make our customers vulnerable to malicious activity by such employee. Any such misuse of our Falcon platform could result in negative press coverage and negatively affect our reputation, which could result in harm to our business, reputation, and results of operations.

We cannot predict the prices at which our Class A common stock will trade. The market price of our Class A common stock depends on a number of factors, including those described in this “Risk Factors” section, many of which are beyond our control and may not be related to our operating performance. In addition, the limited public float of our Class A common stock tends to increase the volatility of the trading price of our Class A common stock. These fluctuations could cause you to lose all or part of your investment in our Class A common stock. Factors that could cause fluctuations in the market price of our Class A common stock include the following:

In addition, the stock market in general, and the market for technology companies in particular, has experienced extreme price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry factors may seriously affect the market price of our Class A common stock, regardless of our actual operating performance. In addition, in the past, following periods of volatility in the overall market and the market prices of a particular company’s securities, securities class action litigation has often been instituted against that company. Securities litigation, if instituted against us, could result in substantial costs and divert our management’s attention and resources from our business. This could have an adverse effect on our business, results of operations and financial condition.

In addition, certain holders of our Class B common stock are entitled to rights with respect to registration of these shares under the Securities Act pursuant to our amended and restated registration rights agreement, or RRA.agreement. If these holders of our Class B common stock, by exercising their registration rights, sell a large number of shares, they could adversely affect the market price for our Class A common stock.

We may also issue our shares of Class A common stock or securities convertible into shares of our Class A common stock from time to time in connection with a financing, acquisition, investments or otherwise. Any such issuance could result in substantial dilution to our existing stockholders and cause the market price of our Class A common stock to decline.

The trading market for our Class A common stock will be influenced by the research and reports that industry or financial analysts publish about us or our business. We do not control these analysts or the content and opinions included in their reports. As a new public company, the analysts who publish information about our Class A common stock have had relatively little experience with our company, which could affect their ability to accurately forecast our results and make it more likely that we fail to meet their estimates. If any of the analysts who cover us issues an inaccurate or unfavorable opinion regarding our stock price, our stock price would likely decline. In addition, the stock prices of many companies in the technology industry have declined significantly after those companies have failed to meet, or significantly exceed, the financial guidance publicly announced by the companies or the expectations of analysts. If our financial results fail to meet, or significantly exceed, our announced guidance or the expectations of analysts or public investors, analysts could downgrade our Class A common stock or publish unfavorable

Our Class B common stock has 10 votes per share, and our Class A common stock has one vote per share. The dual class structure of our common stock has the effect of concentrating voting control with those stockholders who held our capital stock (or options or other securities convertible into or exercisable for our capital stock) prior to theour initial public offering, including our executive officers, employees, directors, principal stockholders, and their affiliates, which will limit your ability to influence the outcome of matters submitted to our stockholders for approval, including the election of our directors and the approval of any change in control transaction. Future transfers by holders of Class B common stock will generally result in those shares converting to Class A common stock, which will have the effect, over time, of increasing the relative voting power of those holders of Class B common stock who retain their shares in the long term.

As of January 31, 2020,2023, our executive officers, directors, threeone of our current stockholders and theirits respective affiliates held, in aggregate, 82% of the voting power of our outstanding capital stock. Furthermore, three of our current stockholders and their affiliates held, in aggregate, 63%38% of the voting power of our outstanding capital stock. As a result, these stockholders, acting together, have control over most matters that require approval by our stockholders, including the election of directors and approval of significant corporate transactions. They may also have interests that differ from yours and may vote in a way with which you disagree and which may be adverse to your interests. Corporate action might be taken even if other stockholders, including those who purchased shares in our initial public offering, oppose them. This concentration of ownership may have the effect of delaying, preventing or deterring a change of control or other liquidity event of our company, could deprive our stockholders of an opportunity to receive a premium for their shares of common stock as part of a sale or other liquidity event and might ultimately affect the market price of our common stock.

Further, our amended and restated certificate of incorporation provides that, to the fullest extent permitted by law, the doctrine of “corporate opportunity” does not apply to Accel, and Warburg Pincus, or theirits respective affiliates, in a manner that would prohibit them from investing in competing businesses or doing business with our partners or customers.

We have never declared or paid any cash dividends on our capital stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends in the foreseeable future. Any determination to pay dividends in the future will be at the discretion of our board of directors. Additionally, our ability to pay dividends is limited by restrictions on our ability to pay dividends or make distributions under the terms of our credit facility. Accordingly, investors must rely on sales of their Class A common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.

Our amended and restated certificate of incorporation and amended and restated bylaws contain provisions that could delay or prevent a change in control of our company. These provisions could also make it difficult for stockholders to elect directors that are not nominated by the current members of our board of directors or take other corporate actions, including effecting changes in our management. These provisions include:

These provisions may prohibit large stockholders, in particular those owning 15% or more of our outstanding voting stock, from merging or combining with us for a certain period of time.

Our amended and restated bylaws provide that the Court of Chancery of the State of Delaware is the exclusive forum for:

However, this exclusive forum provision does not apply to suits brought to enforce a duty or liability created by the Exchange Act. In addition, our amended and restated bylaws provide that the federal district courts of the United States will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act, subject to and contingent upon a final adjudication in the State of Delaware of the enforceability of such exclusive forum provision.

These exclusive-forum provisions may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or other employees, which may discourage lawsuits against us and our directors, officers and other employees.

None.

Our corporate headquarters occupiesprincipal executive offices occupy approximately 68,79147,618 square feet in Sunnyvale, CaliforniaAustin, Texas under a lease that expires in 2025.2030. We also lease officesoffice space for our operations in California, Maryland, Missouri, Minnesota, Texas, Virginia, and Washington,various locations throughout the United States as well as locations internationally, includingoffice space in Australia, Germany, India, Romania,a number of countries in Europe, the Middle East, and the United Kingdom.Asia-Pacific region.

We believe that our existing facilities are sufficient for our current needs. In the future, we may need to add new facilities and expand our existing facilities as we add employees, grow our infrastructure and evolve our business, and we believe that suitable additional or substitute space will be available on commercially reasonable terms to meet our future needs.

We are currently involved in proceedings before the Trademark Triala party to, and Appeal Board (“TTAB”), at the U.S. Patent and Trademark Office, (the “USPTO”), regarding our U.S. trademark registrations for “CrowdStrike Falcon” and our U.S. application to register our “Falcon OverWatch” trademark. On November 23, 2016, Fair Isaac Corporation, or FICO, filed a Petition for Cancellation of our “CrowdStrike Falcon” trademark registrations and a Notice of Opposition against our “Falcon OverWatch” trademark application before the USPTO, TTAB. On January 3, 2017, we filed answers to both the cancellation and opposition proceedings, and the proceedings thereafter were consolidated. On November 21, 2018, we filed a Petition for Partial Cancellation or Amendment of one of FICO’s “Falcon” trademark registrations, and on December 10, 2018, the parties filed a joint request to consolidate the proceedings and adjust the schedule. On January 16, 2019, FICO moved to dismiss our petition. On July 2, 2019, the TTAB consolidated the proceedings and granted FICO’s motion to dismiss with leave to amend. On July 22, 2019, we filed an Amended Petition for Cancellation or Amendment and on August 12, 2019, FICO moved to dismiss our Amended Petition for Cancellation. On January 31, 2020, the TTAB denied the motion to dismiss as to two grounds for partial cancellation and as to the request for amendment, and granted the motion as to a third ground for partial cancellation of one of FICO’s “Falcon” registrations and the claim for abandonment of both of FICO’s “Falcon” trademark registrations, with the right to reassert both claims for relief. The TTAB also set a new schedule for the consolidated proceedings, with trial periods set to begin on December 6, 2020. On March 18, 2020, we filed a motion for leave to file a Second Amended Petition to include a claim for abandonment for two of FICO’s “Falcon” trademark registrations. We are vigorously defending the case, but given the early stage, although a loss may reasonably be possible, we are unable to predict the likelihood of success of FICO’s claims or estimate a loss or a range of loss. As a result, no liability has been recorded as of January 31, 2020 or January 31, 2019.

For any claims for which we believe a liability is both probable and reasonably estimable, we record a liability in the period for which it makes this determination. There is no pending or threatened legal proceeding to which we are a party that, in our opinion, is likely to have a material adverse effect on our business and our consolidated financial statements; however, the results of litigation and claims are inherently unpredictable. Regardless of the outcome, litigation can have an adverse impact on our business because of defense and settlement costs, diversion of management resources, and other factors. In addition, the expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our results of operations.consolidated financial statements.

Not applicable.

Our Class A common stock ishas been listed and traded on the Nasdaq Global Select Market under the symbol “CRWD” since June 12, 2019. Prior to that date, there was no public market for our Class A common stock. There is no public market for our Class B common stock.

As of January 31, 2020,2023, we had 27138 holders of record of our Class A common stock and 80 holders of record of our Class B common stock. The actual number of stockholders is greater than this number of record holders and includes stockholders who are beneficial owners but whose shares are held in street name by brokers and other nominees.

We have never declared or paid any cash dividends on our capital stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not expect to pay any dividends on our capital stock in the foreseeable future. Additionally, our ability to pay dividends is limited by restrictions on our ability to pay dividends or make distributions under the terms of our credit facility. Any future determination to declare dividends will be made at the discretion of our board of directors, subject to applicable laws, and will depend on a number of factors, including our financial condition, results of operations, capital requirements, contractual restrictions, general business conditions, and other factors that our board of directors may deem relevant.

The information required by this item with respect to our equity compensation plans is incorporated by reference to our Proxy Statement for the 20202023 Annual Meeting of Stockholders to be filed with the Securities and Exchange Commission within 120 days of the fiscal year ended January 31, 2020.2023.

None.

None.

This performance graph shall not be deemed “soliciting material” or to be “filed” with the SEC for purposes of Section 18 of the Securities Exchange Act, of 1934, as amended (the “Exchange Act”), or otherwise subject to the liabilities under that Section, and shall not be deemed to be incorporated by reference into any filing of CrowdStrike Holdings, Inc. under the Securities Act or the Exchange Act.

We founded CrowdStrikeFounded in 2011, to reinvent securityCrowdStrike reinvented cybersecurity for the cloud era.era and transformed the way cybersecurity is delivered and experienced by customers. When we started the company,CrowdStrike, cyberattackers had a decided,an asymmetric advantage over existing security products.legacy cybersecurity products that could not keep pace with the rapid changes in adversary tactics. We turned the tables on the adversaries by takingtook a fundamentally newdifferent approach that leveragesto solve this problem with the network effects of crowdsourced data applied to modern technologies such as AI, cloud computing, and graph databases. Realizing that the nature of cybersecurity problems had changed but the solutions had not, we built our CrowdStrike Falcon platform – the first, true cloud-native platform capable of harnessing vast amounts of security and enterprise data to detectdeliver highly modular solutions through a single lightweight agent. Our pioneering platform approach keeps customers ahead of attackers by automatically detecting and preventing threats andto stop breaches.

We believe we are definingour approach has defined a new category called the Security Cloud, withwhich has the power to transform the securitycybersecurity industry much the same way the cloud has transformed the CRM, HR,customer relationship management, human resources, and service management industries. WithUsing cloud-scale AI, our Security Cloud enriches and correlates trillions of cybersecurity events per week with indicators of attack, threat intelligence, and enterprise data (including data from across endpoints, workloads, identities, DevOps, IT assets, and configurations) to create actionable data, identify shifts in adversary tactics, and automatically prevent threats in real-time across our customer base. The more data that is fed into our Falcon platform, we created the first multi-tenant, cloud native,more intelligent security solution capable of protecting workloads across on-premise, virtualized,our Security Cloud becomes, and cloud-based environments running on a variety of endpoints such as desktops, laptops, servers, virtual machines, and IoT devices. Our Falcon platform is composed of two tightly integrated proprietary technologies: our easily deployed intelligent lightweight agent and our cloud-based, dynamic graph database called Threat Graph. Our solution benefits from crowdsourcing and economies of scale, which we believe enables our AI algorithms to be uniquely effective. We call this cloud-scale AI. We initially provided intelligence and incident response services while we developed our Falcon platform. In June 2013, we first began providing EDR capabilities as a single solution. In February 2017, as we executed on our Falcon platform expansion strategy, we began offering these and additional capabilities as separate cloud modules. This strategic move facilitated new customer adoption and allowed us to further expand within our customer base. Today, we offer 11 cloud modules on our Falcon platform via a SaaS subscription-based model that spans multiple large security markets, including endpoint security, security and IT operations (including vulnerability management), and threat intelligence.

We sell subscriptions to our Falcon platform and cloud modules to organizations across multiple industries. We primarily sell subscriptions to our Falcon platform and cloud modules through our direct sales team that leverages our network of channel partners. Our direct sales team is comprised of field sales and inside sales professionals who are segmented by a customer’s number of endpoints.

We have a low friction land-and-expand sales strategy. When customers deploy our Falcon platform, they can start with any number of cloud modules and we can activateeasily add additional cloud modules in real time on the same agent already deployed on the endpoint. This architecture has also allowed us to begin to offer a free trial of our Falcon Prevent module directly from our website or the AWS Marketplace, and we plan to extend this capability to additional modules in the future.modules. Once customers experience the benefits of our Falcon platform, they often expand their adoption over time by adding more endpoints or purchasing additional modules. We also use our sales team to identify current customers who may be interested in free trials of additional cloud modules, which serves as a powerful driver of our land-and-expand model. By segmenting our sales teams, we can deploy a low-touch sales model that efficiently identifies prospective customers.

We began as a solution for large enterprises, but the flexibility and scalability of our Falcon platform has enabled us to seamlessly offer our solution to customers of any size—from those with hundreds of thousands of endpoints to as few as three.size. We have expanded our sales focus to include any sized organization without the need to modify our Falcon platform for small and medium sized businesses.

A substantial majority of our customers purchase subscriptions with a term of one year. Our subscriptions are generally priced on a per-endpoint and per-module basis. We recognize revenue from our subscriptions ratably over the term of the subscription. We also generate revenue from our incident response and proactive professional services, which are generally priced on a time and materials basis. We view our professional services business primarily as an opportunity to cross-sell subscriptions to our Falcon platform and cloud modules.

We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic decisions.

We define a subscription customer as a separate legal entity that has entered into a distinct subscription agreement for access to Falcon platform for which the term has not ended or with which we are negotiating a renewal contract. We do not consider our channel partners as customers, and we treat managed service security providers, who may purchase our products on behalf of multiple companies, as a single customer. While initially we focused our sales and marketing efforts on large enterprises, in recent years we have also increased our sales and marketing to small and medium sized businesses.