使用警語:中文譯文來源為 Google 翻譯,僅供參考,實際內容請以英文原文為主
Operator
Ladies and gentlemen, thank you for standing by, and welcome to the CrowdStrike Fiscal Third Quarter 2020 Results Conference Call.
(Operator Instructions) Please be advised that today's conference is being recorded.
(Operator Instructions)
I would now like to hand the conference to your speaker today, Maria Riley.
Please go ahead.
Maria Riley - Senior Director of IR
Good afternoon, and thank you for your participation today.
With me on the call are George Kurtz, President, Chief Executive Officer and Co-Founder of CrowdStrike; and Burt Podbere, Chief Financial Officer.
Before we get started, I would like to note that certain statements made during this conference call that are not historical facts, including those regarding our future plans, objectives and expected performance are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995.
These forward-looking statements represent our outlook only as of the date of this call.
While we believe any forward-looking statements we have made are reasonable, actual results could differ materially because the statements are based on our current expectations and are subject to risks and uncertainties.
We do not undertake and expressly disclaim any obligation to update or alter our forward-looking statements whether as a result of new information, future events or otherwise.
Further information on these and other factors that could affect the company's financial results is included in filings we make with the SEC from time to time, including the section titled Risk Factors in the most recent company's quarterly report on Form 10-Q previously filed with the SEC.
Also, unless otherwise stated, excluding revenue, all financial measures discussed on this call will be non-GAAP.
A discussion of why we use non-GAAP financial measures and a reconciliation schedule showing GAAP versus non-GAAP results is currently available in our press release, which may be found on our Investor Relations website at ir.
CrowdStrike.com or on our Form 8-K filed with the SEC today.
Now I will turn the call over to George to begin.
George R. Kurtz - Co-Founder, CEO, President & Director
Thank you, Maria, and thank you all for joining us today.
Across the board, we delivered an exceptional third quarter, with record results well exceeding our expectations.
Year-over-year, we increased the number of net new subscription customers by 112% and achieved 97% ARR growth, 98% subscription revenue growth and 88% total revenue growth, which was above the high end of our guidance.
I would also like to highlight 2 significant milestones we achieved in the quarter.
First, ARR grew to over $0.5 billion.
And second, we generated positive free cash flow in the quarter and added to our cash balance.
In our view, these strong results and our continued rapid growth at scale, which is significantly outpacing others in the industry, demonstrate our increasing leadership in the security cloud category and our strong foundation to drive future growth.
Our accelerating momentum in the market is the culmination of years of thoughtful innovation, focus and execution and is a credit to the hard work of all our employees.
I'd like to thank every member of the CrowdStrike team for their unwavering dedication to stopping breaches and serving our 4,561 customers.
In Q3, we once again saw an acceleration in customer growth with the addition of a record 772 net new subscription customers versus 730 last quarter.
This is our seventh consecutive quarter that we added a record number of net new customers.
We also set a record for net new ARR of 77.9 million, representing 32% growth quarter-over-quarter.
This was driven by strong sales with both enterprise and SMB customers.
The reason why our solution is winning with customers across diverse industries, geographies and size is simple: our proven efficacy in stopping breaches, our cloud-native platform with a lightweight single agent that is easy to use and rapidly deploy at scale, and we enable customers to consolidate agents and increase end point performance, all of which helps our customers realize immediate time to value.
It is also important to remember that our solution unlocks the power of crowdsourced data and gets smarter the more data it consumes.
Our proprietary Threat Graph is the brain of our system and is capable of dynamically scaling to meet demand.
Every week, it processes, correlates and analyzes over 2.5 trillion events across our global customer base in real time.
Each new customer and end point or workload joining our CrowdSource network increases our data lake, effectiveness, intelligence and long-term competitive advantage.
I would like to take a moment to highlight a few recent customer wins that showcase the power of the Falcon platform.
The first customer win is a competitive displacement of both next-gen and legacy products and a Fortune 100 insurance company that highlights the superior performance of our solution.
After a year of trying to deploy cheaper and less effective next-gen vendor, this company's security team could not get it to scale beyond 60% of their environment.
Additionally, when they attempted to deploy the other vendor's agent in the server environment, it was incompatible with their critical business applications, and performance was negatively impacted.
Their security team was understandably frustrated, prompting them to engage with CrowdStrike.
They evaluated the Falcon platform alongside another vendor's legacy security technology built into the operating system.
Even though this competitor had a strong prior relationship with the customer, their product was found to be too complex and incompatible across the customer's heterogeneous environment.
During rigorous testing by the security team and application owners, CrowdStrike demonstrated superior ease of deployment, application compatibility, strong end point performance and, of course, high efficacy in stopping breaches.
We've won the business, and this customer is adopting 7 cloud modules across the Falcon platform, including our next-gen AV; EDR; Device Control; IT hygiene; vulnerability management; threat intel; and our threat hunting module, OverWatch.
CrowdStrike is helping protect this customer from breaches while significantly streamlining their security stack with our single-agent architecture.
The next customer win I will share with you today is with a Fortune 100 retailer where we are displacing legacy and next-gen vendors with our single-agent Falcon platform.
This new CrowdStrike customer was initially looking to replace one of their next-gen EDR vendors with a solution that would provide prevention capabilities along with a better user experience and greater visibility for the internal teams.
CrowdStrike's tight technical integrations with Splunk and close relationships with their field sales team helped position us as the leading contender to meet this customer's strategic priorities.
This customer now subscribes to 3 Falcon cloud modules that span end point security and IT operations and, in turn, is removing multiple vendors and agents from their environment.
The next win I will share with you today highlights how companies can derive high business value and ROI by consolidating agents with the Falcon platform.
After 2 large enterprise companies merged, their security teams were faced with a patchwork of security tools that were ineffective and could not scale to meet their needs.
These tools included 4 legacy AV providers, 1 next-gen EDR and 1 peer-to-peer, query-based technology that were partially deployed across dozens of business units.
Additionally, the organization was overwhelmed with so many false positives that they estimated 30 employees would be needed to triage alerts and manage these disparate tools.
This organization decided to evaluate CrowdStrike because of our strong reputation in the marketplace, our ability to address a broad range of security challenges through a single agent and a modular platform.
During the sales process, this customer deployed Falcon on over 15,000 end points over a weekend where it had taken one of the incumbent vendors 1 year to reach a similar level.
After seeing how quick and easy it was to deploy and scale the Falcon platform across their environment, they increased the scope of the deployment to include servers, significantly increasing the overall deployment to well over 100,000 end points and workloads.
The CISO at this new CrowdStrike customer estimated that by replacing the software, hardware and labor costs associated with these other vendors, they will attain a compelling ROI in less than 8 months.
And lastly, I would like to share a new customer win that demonstrates how incident response engagements from our services team can quickly lead to large, multiyear Falcon platform subscription engagements.
After being hit with a ransomware attack earlier this year, a company based in Europe, who was not a CrowdStrike customer, engaged the CrowdStrike services team.
We were able to remediate the incident and rapidly restore normal operations, eliminating the need for this customer to pay a stiff ransom to the hackers.
Through this brief but urgent engagement, CrowdStrike built trust with the customer through our expertise, professionalism and technology efficacy.
Recognizing that they had limited internal security resources, this customer became interested in our Falcon Complete subscription module, which is our full turnkey solution that combines end point security with remediation and response capabilities.
Even though our solution was priced at a premium to the competition, this customer selected Falcon Complete based on total value provided, completeness of our solution and the deep trust built within our services team.
This 7-figure ARR Falcon Complete deal was more than 13x larger than our initial services engagement and closed within 3 weeks after the CrowdStrike services team completed the project.
From the many conversations we have had with customers, the message that resonates loud and clear is that both CIOs and CISOs are looking for a strategic partner to help them bridge the skills gap and simplify their operations.
They are also looking for ways to leverage enhanced automation in their security operations to increase efficacy and free up resources.
Organizations are increasingly turning to the Falcon platform to protect an array of end points and workloads, stop breaches and restore end point performance.
To measure the success of our platform strategy, we look at the percentage of all subscription customers that have adopted multiple modules.
Our platform strategy is clearly gaining momentum with customers.
In the third quarter, the percentage of customers that have adopted 4 or more cloud modules increased beyond the 50% we reported last quarter.
Additionally, I'm pleased to report that customers with 5 or more cloud modules increased to 30%.
As customers adopt more modules that span a wide array of workloads, we believe it strengthens our customer relationship and increases our strategic value with the customer.
The power of CrowdStrike's Falcon platform also continues to garner strong industry recognition.
In the Gartner customer choice peer review that was released last week, CrowdStrike received the highest rating of all vendors based on customer satisfaction for the second year in a row with a rating of 4.9 out of 5. This builds on the recognition we received from Gartner in Q3, which includes being positioned as a leader in Gartner's Magic Quadrant for end point protection platform and receiving the highest score for Lean Forward Organizations in Gartner's Second Critical Capabilities for Endpoint Protection Platforms Report.
Additionally, Forrester Research named CrowdStrike as a leader in end point security in the Forrester Wave Q3 2019 report.
CrowdStrike received the highest ranking of all vendors in the strategy category and achieved the highest score possible within 17 of the criteria.
And lastly, SE Labs named CrowdStrike the best new end point solution in its annual report.
We believe the industry's strong recognition of CrowdStrike validates that our single-agent architecture, proprietary Threat Graph database and cloud modules represent the gold standard in securing the growing workloads of today and the future.
We remain intensely focused on the success of our customers.
Last month, at our Annual Cybersecurity Conference, Falcon, we announced a new firewall management module that will deliver simple, centralized host firewall management to help customers transition away from legacy end point suites to CrowdStrike's next-generation platform.
We expect this module to be generally available early next calendar year, at which time the Falcon platform will have 11 cloud modules that span end point security, security operations and threat intelligence.
We also introduced Falcon for Amazon Web Services, which will be available in the AWS Marketplace this month.
Customers will be able to easily purchase and deploy the solution with integrated metered billing to optimize their security spend for elastic workloads.
An increasing number of enterprise customers are migrating to the cloud and modernizing their applications.
However, security teams responsible for protecting cloud workloads have had difficulty in providing security in an effective and cost-efficient manner that is as dynamic and flexible as AWS itself.
CrowdStrike's Falcon for AWS fulfills all of these demands.
With integrated metered billing, we will allow customers to quickly and easily scale their consumption as their business needs to change.
Pay-as-you-go or metered billing is an important option for customers running applications with extreme fluctuations in usage such as payroll batch processing and data analytic workloads.
At Falcon, we also announced 7 new applications and use cases coming to the CrowdStrike Store.
The CrowdStrike Store is a unified security cloud ecosystem of trusted third-party applications.
These new apps will allow our customers to leverage their existing investments in CrowdStrike to address a range of security use cases, including application white listing, patch management and vulnerability risk prioritization.
While still early, we are receiving strong interest from partners that want to develop apps on our platform, and we see significant longer-term opportunities with new applications.
By using our platform as a service, our store partners can save on R&D time and investment while, at the same time, dramatically expanding their go-to-market reach.
We also continue to expand our ecosystem of partners and customer touch points.
We recently announced a new international go-to-market partnership with Wipro, a leading information technology, consulting and business process services company with thousands of customers globally.
Wipro is utilizing the CrowdStrike Falcon platform to build out their new next-gen service offerings that will leverage our proprietary Threat Graph data and focus on specific use cases such as detecting malicious insider behavior.
We expect that this partnership will expand our go-to-market reach globally.
As we continue to evaluate the competitive landscape, we recognize that this is a unique time in the industry.
The seismic shift to cloud-native technologies and cloud workloads, including containers, has created an environment with massive greenfield opportunities.
Additionally, the market has seen a rapid increase in consolidation among competitors, which has created uncertainty within their customer base.
We believe these dynamics have contributed to an expansion in our pipeline and an acceleration in our overall customer adoption, which is driving our strong results and increased outlook.
It is our view that the ultimate winner in end point or workload protection will be the company with the platform that leverages cloud-native technologies and delivers the most value to customers via its platform and rich partner ecosystem.
We also believe that a tightly aligned go-to-market engine built to foster frictionless adoption across companies of all sizes is equally important.
These are all attributes inherent in CrowdStrike's cloud-native platform and sales motion.
While our competitors are distracted by retooling their on-prem offerings, trying to integrate acquired technologies, rationalizing their workforce or simply learning the industry, we are intensely focused on protecting customers.
We believe we have the first-mover advantage and a high-performing and enduring business model with a frictionless go-to-market strategy and multiple engines for growth.
We believe we are in a strong position to drive future success with customers, deliver continued rapid growth at scale with best-in-class unit economics and continue to expand our lead over the competition.
With that, I'll turn the call over to Burt.
Burt W. Podbere - CFO
Thank you, George, and good afternoon, everyone.
As a quick reminder, unless otherwise noted, all numbers, except revenue mentioned during my remarks today, are non-GAAP.
As George discussed, we delivered another outstanding quarter across the board and achieved important milestones as ARR surpassed $500 million, and we generated positive free cash flow.
We saw strength in multiple areas of the business, including record net new ARR, record net new customers and continued strong subscription gross margin.
In the third quarter, we delivered 97% ARR growth year-over-year to reach $501.7 million.
We once again saw an acceleration in net new ARR in the quarter.
We added $77.9 million in net new ARR, setting a new record for the third consecutive quarter.
The growth in ARR was driven by another strong quarter for new logo acquisition with both enterprise and SMB customers combined with expansion business and low contraction and churn within our existing customer base.
Additionally, our dollar-based net retention rate, which speaks to the efficacy of our solution and our successful land-and-expand sales model once again exceeded our 120% benchmark.
Total revenue grew 88% over Q3 of last year to reach $125.1 million.
Subscription revenue grew 98% over Q3 of last year to reach $114.2 million.
In terms of geographic breakdown, approximately 74% of third quarter revenue was derived from customers in the U.S. and 26% was from international markets.
Our rapidly growing international business highlights the global nature of the security industry, the massive market opportunity in front of us and our continued success penetrating these markets.
Moving to our operating results.
As we have discussed previously, we are focused on building a long-term business with sustainable growth and compelling margins.
In Q3, we continue to recognize operating leverage in our SaaS model and the benefits of scale even as we increased investments in our global reach and cloud platform.
Third quarter non-GAAP gross margin improved to 72% from 67% a year ago.
Our non-GAAP subscription gross margin increased to 76%, a 520 basis point increase from Q3 of last year.
This improvement is primarily attributable to 2 key drivers: data center optimization and the continued uptake of multiple cloud modules by our customer base.
Total non-GAAP operating expenses in the third quarter were $106.7 million or 85% of revenue versus $73.1 million last year or 110% of revenue.
Scaling our business efficiently is a top priority, which is why we focus on our unit economics, including Magic Number.
In Q3, we ended with a Magic Number of 1.1, which we consider to be very strong and represents an improvement in our sales and marketing efficiency.
Key factors driving our unit economics include our strong gross and net retention rates and our highly efficient, low-friction sales and marketing programs that continue to drive subscription revenue growth.
We reported a non-GAAP operating loss of $16.5 million.
As a result of our rapid top line growth, expanding gross margin profile and continued disciplined approach to investing in our business, we drove strong operating leverage in the quarter.
Our non-GAAP operating margin improved 30 percentage points year-over-year.
Q3 represents our fourth consecutive quarter of improving non-GAAP operating loss on both dollar and margin basis.
We have a proven history of disciplined investing and remain committed to maintaining a thoughtful balance between generating top line growth and achieving operating leverage.
Looking forward into fiscal year 2021 ending January 31, 2021, we expect to be free cash flow positive for the year and achieve non-GAAP operating income breakeven in the fourth quarter of fiscal year 2021 while, at the same time, continuing to aggressively invest in our market opportunity.
Non-GAAP net loss in Q3 was $13.4 million or $0.07 per share, which compares to a non-GAAP net loss of $28.8 million or $0.64 per share in Q3 of last year.
The weighted average common shares used to calculate third quarter EPS was 204.1 million shares in Q3 fiscal 2020 and 45.3 million shares in the Q3 fiscal 2019 period.
Turning now to the balance sheet.
Cash, cash equivalents and marketable securities increased to $833.7 million.
Cash flow from operations was positive $38.6 million, and free cash flow was positive $7.0 million.
Moving to our guidance for the fourth quarter and full year fiscal 2020.
For Q4, total revenue is expected to be in the range of $135.9 million to $138.6 million, reflecting a year-over-year growth rate of 69% to 72%, with subscription revenue being the dominant driver of growth.
We expect non-GAAP loss from operations to be in the range of $21.6 million to $19.7 million and non-GAAP net loss to be in the range of $19.1 million to $17.2 million.
Utilizing weighted average shares used in computing non-GAAP net loss per share, basic and diluted, of 205.2 million, we expect non-GAAP net loss per share, basic and diluted, in the range of $0.09 to $0.08.
We are raising our outlook for the full fiscal year 2020.
We currently expect total revenue to be in the range of $465.2 million to $468.0 million, reflecting a growth rate of 86% to 87% over the 2019 fiscal year.
Non-GAAP loss from operations is expected to be between $80.5 million and $78.6 million, and non-GAAP net loss is expected to be between $77.7 million and $75.8 million.
Utilizing weighted average shares used in computing non-GAAP net loss per share, basic and diluted, of 146.7 million, we expect non-GAAP net loss per share to be in the range of $0.53 to $0.52.
We are pleased with the strong results we are reporting today and believe we have the capacity and resources to continue driving the business forward over the long term.
George and I will now take your questions.
Operator
(Operator Instructions) Our first question comes from Sterling Auty with JPMorgan.
Matthew Melotto Parron - Analyst
This is Matt on for Sterling.
Just wanted to get a sense of what you guys are seeing in terms of, in initial deals, the adoption of multiple modules.
I know you guys talked about the percentage of customers using 4 or more, 5 or more, but just at that initial stage, what have you guys been seeing in terms of multiple modules?
Burt W. Podbere - CFO
Hey, Matt, thanks for your question.
So with respect to modules and the number of modules that we provide, we believe our adoption rates for this quarter are milestones.
We thought it would be informative to discuss on this call, and we'll periodically share adoption milestones as they come in.
It can vary quarter to quarter.
As we bring out more and more modules, clearly, there's more opportunity for customers to come in and purchase more modules upfront.
And that's kind of the thinking that we have, and that's what we're seeing in the market.
Matthew Melotto Parron - Analyst
Great.
And then just a quick follow-up.
In terms of the newer modules, are there any specific ones that you guys are seeing increased adoption?
Burt W. Podbere - CFO
So when we think about new modules and new modules adoption, on any given quarter, it could vary.
Clearly, we've got Discover, which is our IT hygiene module.
We've got Device Control.
We've got Falcon X. And of course, we have vulnerability management.
And again, on any given quarter, any one of those could be the fourth module or beyond.
Operator
Our next question comes from Saket Kalia with Barclays Capital.
Saket Kalia - Senior Analyst
Maybe first for you, George.
A lot of talk about the competitive displacements in the quarter, I thought it was really helpful commentary.
Can you just go one level deeper about the profile of those competitive displacements?
Meaning of the deals you're winning, are the sources of that market share changing at all compared to what you maybe saw last year, for example?
George R. Kurtz - Co-Founder, CEO, President & Director
Well, as we mentioned in the call, the earlier parts of the call, obviously, we've had some great displacements, and we continue to be very aggressive in large and small markets.
From our standpoint, obviously, the competitive environment has changed dramatically, and we've seen an acceleration in our pipeline given some of the acquisitions that have taken place and just the sheer uncertainty of these other companies that have been acquired, their level of R&D investment, their level of sales coverage, et cetera.
So what we've seen so far is that customers who maybe were ready for a renewal of their existing incumbent provider next year are coming to us even earlier now to get into the testing cycle and talk about the various modules and capabilities we have to solve some of their problems.
So that's what we've seen, it's really an acceleration of the pipeline and just a general dissatisfaction with some of the acquisition -- the incumbents they had and the acquisitions that have taken place.
Saket Kalia - Senior Analyst
Got it.
That makes a lot of sense.
Burt, maybe for my follow-up for you, really nice customer addition number in the quarter.
And clearly, most of the business is enterprise, but you've been building a mid-market inside sales team for some time.
And I think there was just talk about balanced additions just across kind of customer size.
Can you just maybe touch on how that mid-market sales effort is going?
And at this point, what is -- if you're willing to disclose, what is the mix of ARR when thinking about enterprise versus mid-market/SMB, if you will?
Burt W. Podbere - CFO
Hey, thanks for the question, Saket.
So we have certainly seen strong acceleration in new customer adds in the SMB space, which is clearly aligned with our growth strategy that we outlined during the IPO.
The great news about us is our -- because of our cloud-based model, we are able to address both enterprise and SMB verticals in a very efficient manner.
In the SMB space, obviously, there's a massive number of customers, the deals are smaller, but we discount less.
And so for us, as we think about both markets, we're equally as efficient in going after both of them, and we're investing in both.
And because we're in greenfield in both, any particular quarter could vary in terms of which has a bigger acceleration or not.
So right now, we're really, really happy with the acceleration in both of those markets.
Operator
Our next question comes from Alex Henderson with Needham.
Alexander Henderson - Senior Analyst
First, I just wanted to clarify, you guys are based in California, not in Ukraine, right?
George R. Kurtz - Co-Founder, CEO, President & Director
That would be correct.
Sunnyvale, California.
Alexander Henderson - Senior Analyst
So the first question I really wanted to ask you here was you've obviously had outstanding execution across the board, your product is taking off.
Can you talk a little bit about the degree that you're able to staff up to sustain these exceptional growth rates?
And obviously, there's scalability in your model that is different than the typical model.
I think it would be helpful if you could go through just how much capacity you need to add in order to deliver an increment of growth?
George R. Kurtz - Co-Founder, CEO, President & Director
Well, great question.
And I'll start out with saying just phenomenal execution by the entire team, obviously, despite a lot of noise in the environment.
So we're really excited about that.
And I think that's a testament to the team we have and the model that we built, both on the financial side as well as on the operating side, in terms of the technology.
We've been very aggressively hiring sales personnel all around the world.
As Burt talked a little bit earlier, our inside sales team is a robust piece of our frictionless go-to-market model with our in-app trials and our trial to pay.
So we really look closely at the unit economics.
And again, we're hiring appropriately in those areas.
But I can tell you, we're adding lots of people, and we've created really a formulaic way to add folks, get them up to speed, onboard and get them productive very quickly.
And that's one of the hardest things in the technology world to do.
So we feel really good about that.
And I think it really is a testament to the people and the model that we've built, and we've been able to grow this quickly and maintain this level of execution.
Burt, anything to add?
Burt W. Podbere - CFO
Yes.
Thanks, George.
Just the one point I'll add is the following, when we go through our capacity planning, we work very closely -- finance works very closely with sales.
They produce a plan.
We go through it.
And as George said, we look at the unit economics behind it.
And so we make sure, as a company, we can absorb the amount of folks that can come in and make sure, from a territory standpoint, we've allocated the resources appropriately.
Alexander Henderson - Senior Analyst
Second question, if I could.
The issue of Carbon Black being acquired by VMware, as I understand it, the vast majority of any relationship that you had with either SecureWorks or with Dell was related to upside to the model as opposed to any meaningful contribution currently.
Obviously, there's 2 sides to this coin: one this disruption to Carbon Black; and the other, the loss of the opportunity to sell into the Dell channel.
How does that -- how do you think those weigh out over time?
And are we talking about a slice of bread or more than a slice of bread here in terms of the scaling of the port of that channel versus your strategy?
Burt W. Podbere - CFO
Hey, it's Burt.
Thanks for the question.
From a Dell standpoint, it's de minimis in terms of our business today, approximately 1% of our revenue.
So it's not been an impactful piece of the business.
And when we think about how we are building the model, that's how we modeled it out even to begin with.
George R. Kurtz - Co-Founder, CEO, President & Director
Yes.
And this is George.
I'll also say we do have a strong relationship still with SecureWorks.
And obviously, we feel that -- and customers, I would say, feel the same way, they're looking for really best-of-breed in this area.
So that channel is obviously still wide open to us.
And so far, it's been a good relationship.
Operator
Our next question comes from Chris Eberle with Nomura Instinet.
Christopher George Eberle - Research Analyst
One thing that we continue to hear from customers and potential customers is that CrowdStrike still seems to be the only vendor offering firmware detection.
Are you guys seeing anything out there from -- even close from other vendors providing a similar service?
And maybe touch on the importance of that and why others have yet to add such offerings.
George R. Kurtz - Co-Founder, CEO, President & Director
Yes.
So I think from a firmware perspective, that's just one of many features that we have that others don't.
And I think that's really reflective of the deep technical capabilities we have to be able to figure this stuff out and make it work even below the operating system, number one.
But when we look at supply chain attacks which, I think, as many have seen, that is an increasingly important element in preventing these breaches, and it becomes even more important in the government space.
So again, one great feature we have, thanks to the CrowdStrikers who were able to put that together.
But from a threat perspective, obviously, it's becoming more and more important for larger organizations to protect their supply chains.
Christopher George Eberle - Research Analyst
Great.
And then just one other quick one, an update on mobile and how that's progressing.
George R. Kurtz - Co-Founder, CEO, President & Director
Yes.
Sure.
This is George.
Still early days.
We've got a lot of interest.
We continue to add new capabilities to that.
We've seen, I think, some nice wins in that area, but it's still early days.
And as with many of the modules, when we come to market, we get something, we understand how it works, we collect data, we begin to add detection and we begin to add prevention.
And that's just been our model from the beginning.
And we're going to continue along that path.
So very encouraging at this point.
Operator
Our next question comes from Gur Talpaz with Stifel.
Gur Yehudah Talpaz - Analyst
Okay.
Great.
First off, congrats on the results.
Two questions, one for each of you, George and Burt.
George, you talked about the forthcoming launch of host-based firewall management.
And sort of beyond wanting to gauge the initial interest for the module, I also want to better understand what you're seeing in terms of customers wanting to move past end point augmentation to one that ultimately allows them to standardize on CrowdStrike as the sole provider of end point security.
George R. Kurtz - Co-Founder, CEO, President & Director
Sure.
Thanks.
Good question.
One of the things that we found in talking to our customers -- and again, the module and the road map, a lot of it is driven from customer demand -- is that they were looking for an easier way to manage their firewalls.
And that is one of the last kind of vestiges of legacy suites that are out there in terms of helping customers manage those firewalls.
So we looked at that as a way to, again, continue the acceleration in fully replacing the legacy vendors.
Obviously, we're already doing that in many areas, particularly around the anti-malware component EDR.
That was another module that was just kind of hanging out there.
So we continue to push down that path, fantastic feedback from customers, a lot of comments.
That was sort of the last thing holding them to at least a small part of their suite, even if they were still using us on the anti-malware piece and, again, really encouraging for us and excited to have that come out early next year.
Gur Yehudah Talpaz - Analyst
That's helpful.
And then, Burt, for you, when you think about the forthcoming margin improvement and targeting margin positive in Q4 of next year, how important is the frictionless sales motion of getting there?
Maybe you can give us some color around conversion of the "try it before you buy it" customers and what you're sort of thinking about when you move into next year.
Burt W. Podbere - CFO
Yes.
Thanks, Gur.
So a few things in there.
So one, when we put together the outlook for next year on the operating margin, we think about the continued momentum we've seen in the business as we enter Q4.
We've got the biggest pipeline that we've ever seen giving us the confidence to indicate the positive free cash flow and non-GAAP operating income breakeven in Q4 of next year.
And when you think about the frictionless system, I think George has talked about it many times that the tech is as important as the go-to market.
And we're as focused and we invest in equally both of those aspects of the business to be able to ensure that we are able to continue with a frictionless motion.
Whether it's in-app trials or whether it's trial to pay, both have been accelerating in our business.
We don't necessarily give out percentages on the uptake, but both have been driving up and to the right.
Operator
Our next question comes from Gregg Moskowitz of Mizuho.
Gregg Steven Moskowitz - MD of Americas Research
Congratulations as well on a really strong quarter.
So George, Threat Graph is now capturing 2.5 trillion events per week.
I can only assume that this was a significantly outdated number, but I think the last update from a few months ago was over 1 trillion.
So can you give us a sense of how fast this distributed database is growing?
And more importantly, you touched on this earlier, but I'm wondering if you can elaborate on how sizable the competitive advantage this brings to CrowdStrike both today as well as over the long term.
George R. Kurtz - Co-Founder, CEO, President & Director
Absolutely.
So yes, I think some of those earlier numbers were just, again, earlier in the year.
So we continue to grow the data that we collect.
We continue to grow our customer base.
And again, we view that as a real strategic weapon.
To have a bespoke graph data technology that we've built that has a time element, a temporal element to it, we think is very unique in the industry and has really been one of the drivers that continue to help us identify these very advanced breaches and stop them in real time.
It's also used again for our machine learning.
So from our perspective, we'll continue to grow that.
And really, what that becomes is a data moat.
The more data it consumes, the smarter it gets, and it becomes harder and harder for competitors to capture that level of data and keep up with it.
So it's certainly a crown jewel of our technology stack.
Gregg Steven Moskowitz - MD of Americas Research
Okay.
Perfect.
And then for Burt, there are a lot of questions that we get around the pricing environment at the end point level.
Have you seen any changes at all in discounting rates over the past few months or so?
Burt W. Podbere - CFO
Thanks, Gregg.
So let me start with the fact that we continue to see good pricing dynamics in the market.
Combine that with our disciplined discounting, we're very comfortable with where we are in terms of going to market.
We have seen others out there that try to compete with us, and we continuously win on value.
Operator
Our next question comes from Erik Suppiger with JMP Securities.
Erik Loren Suppiger - MD & Senior Research Analyst
First off, Burt, could you talk a little bit about what is enabling you to pull up your timing around free cash flow generation?
That was a notable improvement, I think, over expectations.
Burt W. Podbere - CFO
Sure, Erik.
Thanks for the question.
Again, a lot of it has to come with the continued momentum we've seen out of Q3.
Across the board, strong execution, we've seen the strongest pipe we've ever seen in company history.
We've seen operating leverage across the board, specifically in the S&M and the unit economics.
We've just seen an incredible amount of opportunity with respect to top line, gross margin and, of course, OpEx.
All those things combined have enabled us to outline what we think is going to happen next year.
Erik Loren Suppiger - MD & Senior Research Analyst
Did you maintain a consistent OpEx outlook to what you had previously been looking for in terms of dollars?
Burt W. Podbere - CFO
Yes.
And we continue to invest aggressively, and we haven't changed that at all.
Erik Loren Suppiger - MD & Senior Research Analyst
Okay.
Secondly, in light of Symantec's acquisition, I'm just curious, have you seen much in terms of resumes or opportunities to hire more aggressively out of that population?
And how long do you think that there's going to be a benefit from the acquisition of Symantec?
George R. Kurtz - Co-Founder, CEO, President & Director
Well, in general, we've seen resumes from many of the acquisitions, so I'll start there, not just specific to Symantec.
Number two is, obviously, there is a massive installed base that's out there.
And I think it continues and accelerates the trend of customers looking for better outcomes, looking to stop breaches, looking to move to the cloud.
And it's a great customer base for us to take advantage of.
So we're excited about the opportunity.
We've been doing it for some time now.
And I think it just accelerates the move there in 2 areas: one is the customers' uncertainty and concern for the R&D investment, number one; and number two, account coverage is going to be really limited.
And the enterprise customers that we're dealing with are looking for not only great technology but also after-sales service support and a partner to help them prevent breaches.
Erik Loren Suppiger - MD & Senior Research Analyst
Very good.
Congratulations on a great quarter.
Operator
(Operator Instructions) Our next question comes from Matt Hedberg with RBC Capital Markets.
Matthew John Swanson - Associate VP
This is Matt Swanson on for Matt.
So we've talked about some of the aggressive hiring, and you also touched on ramping sales reps.
Could you maybe talk a little bit about where you feel overall sales force productivity is right now?
It feels just like you'd have a reasonable amount of capacity from those existing investments still, so just trying to kind of get a gauge on that.
Burt W. Podbere - CFO
Yes, Matt.
So one of the things we look at is Magic Number.
We like where we are with respect to our Magic Number.
And every time we put together the capacity plan, as I mentioned, we dovetail and look into where we are with Magic Number on the forecast.
And so long as we're comfortable with what we see, we feel very comfortable in terms of our capacity to be able to get our -- hit our targets.
Matthew John Swanson - Associate VP
Right.
And then a second, maybe a little more strat question when we're talking about some of the competitive environment questions and legacy peers.
Do you start to feel like maybe you're playing a little bit of a different game than end point peers given the breadth of your platform and the solutions you're trying to sell into when you go into some of these deals?
George R. Kurtz - Co-Founder, CEO, President & Director
Well, I think so.
I mean again, I would look at bellwethers like Salesforce, Workday and ServiceNow, right?
These are cloud leaders, and we view ourselves as a cloud leader as well, not just an end point security provider.
And because we've been pulled in other areas like IT hygiene and we're solving many different use cases and we're operating at the CIO level, being very strategic, many of our opportunities are a big part of the overall Board strategy to reduce risk.
So when we come into an organization, we spend a lot of time on selling value.
And I think you've heard that in the earlier comments that I went through in terms of taking multiple products and basically harmonizing those agents, restoring performance end points, reducing head count.
It's just a great story.
And the beauty is we're actually delivering on it as opposed to many of our competitors.
So I do think it's a bit of a different game.
And I would, again, kind of go back to the Salesforce, Siebel analogy, I think that's where we're at versus some of the other competitors that you've seen.
And some of them, obviously, have already gotten acquired.
Matthew John Swanson - Associate VP
Congratulations on the results.
Operator
Our next question comes from Brent Thill with Jefferies.
Brent John Thill - Equity Analyst
George, you had a FedRAMP certification over a year ago, I'm just curious if you could give us an update on the Fed government.
And for Burt, just on the sales cycles, are you seeing -- given all the commentary, it would sound like the sales cycle is picking up speed and maybe the initial deal size is picking up speed, if you could just give us a flavor of what you're seeing there.
George R. Kurtz - Co-Founder, CEO, President & Director
Sure.
So we've seen tremendous growth.
Obviously, we've got our FedRAMP certification this year really for the first time because we missed it last buying season.
So we've seen triple-digit growth in that area, so some fantastic traction in the civilian agencies.
And I think, overall, when we think about state and local and fed, that has just been an amazing bright spot for us.
We have a great team there, and we've got some massive wins.
We run our 100 by 100 a number of weeks back and visiting customers and visited states and governments, counties that were not customers that got hit by ransomware, and it was really impactful.
And other parts of the government that were protected by CrowdStrike, their peers were home with their family on the weekend.
So everybody was wondering what happened over there, and we've seen an acceleration in that business across state, fed and local governments.
Burt W. Podbere - CFO
Yes.
And with respect to initial deals with our customers, so I think that when you look at the milestones that we've put forward in terms of the number of our customers that have 4 or more modules and also the number of our -- percentage of our customers that have 5 or more modules, the uptick in both of those things can give you an indication of where we're trending with respect to the initial purposes.
So we're happy with what we're seeing today.
Operator
Our next question comes from Heather Bellini with Goldman Sachs.
Daniel Peter Church - Associate
This is Dan Church on for Heather Bellini.
In regards to the traction you're seeing in SMB, just any color you could provide in terms of how those customers look compared to enterprise customers in terms of module attach rates?
And then you mentioned a little bit earlier about more disciplined discounting and success in low friction go-to-market channels, so any commentary on how those unit economics look relative to the larger enterprise.
George R. Kurtz - Co-Founder, CEO, President & Director
Yes, this is George.
I'll start with just the modules.
I think from a kind of an SMB as well as mid-market, smaller to the larger mids, what we've seen is that they're extremely interested in our Complete offering.
Again, that's end-to-end kind of turnkey technology really focused on, again, helping organizations deal with some of the challenge they have in hiring great people across the board.
And as you know, it's very expensive to do that.
And it's hard to provide what I would call sort of government grade or financial services level protection, and we can do that with our Complete offering.
We back it with $1 million breach warranty.
And for companies that just want the problem to go away and have the outcome they're looking for, it's a great opportunity.
So we see them adopting all those modules associated with Complete and our turnkey service to help them.
Burt W. Podbere - CFO
Yes.
And I'll add in with respect to the unit economics on the SMB space.
Clearly, when we think about discounting, which -- we were able to benefit from the fact that we're able to do less discounting with the smaller SMB space.
Obviously, if they're a bigger customer, they get something known as a volume discount.
And so we're really pleased with where we're trending with respect to the SMB space.
Clearly, we're able to achieve a little healthier margins and the velocity.
So both of those things add up to strong unit economics.
Daniel Peter Church - Associate
Helpful.
And then, I guess, following up on the same line of questioning in terms of gross margin, you mentioned the expansion year-over-year continues to be very impressive.
So just any commentary on how much more room there is on the data center optimization front and versus continued uptake of modules and high incrementals there?
Burt W. Podbere - CFO
Yes.
So you've touched on a topic near and dear to my heart.
I really feel that the company has executed extremely well.
We're already in the long-term model of where we projected we were going to be with respect to the non-GAAP gross margins.
With respect to where we're going to go from here, we still have quite a few initiatives in place to be able to think about a continued enhanced margin, but that's going to take place over time.
Operator
Our next question comes from Sarah Hindlian with Macquarie.
Sarah Emily Hindlian - Senior Analyst
Okay.
Great.
Congrats on the quarter.
It seems to me like using the Falcon platform as a service would be a really, really compelling value proposition for clients.
It would be really interesting to hear where you're seeing -- or what kind of module building you're seeing or early client interest on that front.
George R. Kurtz - Co-Founder, CEO, President & Director
Well, we've got customers that use the technology in ways we hadn't even planned, the ability to actually gather data at scale whether it's security-relevant data or IT asset data, many of their systems are sort of out of date, just understanding what assets are out there.
So we've seen customers leverage our APIs and our infrastructure to collect data at scale.
And whether they put into a sim or their own data lake and enrich it with other information that's out there, it's kind of -- the sky's the limit.
But overall, what we've been able to build and even with our real-time response APIs to take actions on the end point has tremendously reduced the overall time to value for customers, and the flexibility is there to kind of do what they want which, again, is part of the power of the platform we've built.
Sarah Emily Hindlian - Senior Analyst
All right.
Terrific.
And just a quick follow-up for you as well.
So it's really interesting to hear the progress you're making with multi-cloud adoption, not just the 4 plus, the 5 plus as well.
And I'm just curious, in particular, about the security vulnerability management space.
And your name is coming up more and more in that arena.
Are you starting to see real displacement of some of the kind of the core competitors today?
And how is that tracking?
George R. Kurtz - Co-Founder, CEO, President & Director
Yes.
Great.
So what we've seen in terms of multi-cloud, we've been protecting cloud workloads for some time.
Obviously, you saw we came out with some enhancements, metered billing, et cetera, for AWS who's been a great, fantastic partner for us, tremendous momentum with them.
But in terms of our technology and cloud workloads, it doesn't really matter where the cloud is.
We can protect any of those workloads.
Again, whether it's on-prem or off-prem, hybrid cloud, just deploy it and work.
And I think that's been one of the -- the core fact of our success is it's just easy and it works.
When we think about the VM world, we just came out, I'm really excited, with a new update to our VM Spotlight module, which adds application vulnerabilities.
And the customers are really excited about that.
We've taken a crawl, walk, run as we normally do, gotten customer feedback.
And what we hear is they are not looking for necessarily another agent.
If they can leverage our agent for VM-type technologies combined with something that we've released called CrowdScore, which helps them think about the overall threat environment and risk and prioritize it, that's a winning combination.
So that is probably our most trialed module that we have out there.
And we've gotten some, I would say, pretty big wins out of it, and we continue to make progress and add capabilities in that area.
Operator
Our next question comes from Yi Fu Lee with Oppenheimer.
Yi Fu Lee - Associate
Congrats on the quarter.
This is actually Yi in for Shaul.
Just the first question, George, quickly on the international expansion, we saw that deal with Wipro partnership this quarter.
Will we be expecting to see more deals coming out of that region, in the APAC, Asia region?
George R. Kurtz - Co-Founder, CEO, President & Director
Well, the APAC, Asia region is, first of all, it's a fantastic team that we have.
We've worked with many of those people for many, many years.
I was recently out in Australia and Singapore, and the level of customer interest that we have is really off the charts.
And we've gotten some really big wins in those areas that we've been able to leverage.
So our name is out there.
We've got a great team.
And now we're continuing to build a partnership relationship.
So we're excited about the Wipro opportunity.
Obviously, they got massive scale and reach in that area and even beyond, so early days, but excited about that partnership and overall excited about our APJ business.
Yi Fu Lee - Associate
That's great.
And Burt, just quickly on the gross margin improvements, we saw a 400 basis point outperformance this year compared to same quarter last period.
Can you give us a little color on, as you build out the cloud module, the amount of leverage you get as compared to how many modules you build out versus how many basis points were for gross margin improvements?
So is there like the correlation that we should expect to see between the 2?
Burt W. Podbere - CFO
Yes, thanks for the question.
So here's the great news about our platform.
So once you buy that first module, it absorbs the COGS.
Every module after that is virtually all gross margin.
So every module we bring on top of every module that a customer would buy on top of the first one, we're going to see full incremental margin enhancements.
Now each module that we can come out with could be a different price, so it would vary on module.
George R. Kurtz - Co-Founder, CEO, President & Director
And just to follow on to that, that's really the power of the architecture we built with Threat Graph.
We collect once and reuse many.
So once that data is in the Threat Graph, it can be analyzed, used for AI.
And then obviously, it powers all the other modules.
So once we've already collected it, as Burt said, it's virtually pure margin after the fact.
Yi Fu Lee - Associate
Congrats on the strong execution.
Operator
Our next question comes from Andrew Nowinski with Davidson.
Hannah Elizabeth Baade - Research Associate
This is Hannah on for Andy.
After posting a strong customer and ARR growth, what factors do you see accelerating ARR growth moving forward as the year-over-year comparisons get tougher because your metrics seemed to hint that the growth should continue?
Burt W. Podbere - CFO
So thanks for the question.
So again, I think we don't really comment on ARR in terms of guidance or anything like that.
But again, it goes back to -- we continue to see this great momentum in the business.
And as we enter Q4, I mean, the pipe has been more substantial than anything else we've seen before.
And so that gives us the confidence to be able to talk about some of the things we've talked about in next year.
Operator
Thank you.
This concludes today's question-and-answer session.
I would now like to turn the call back over to George Kurtz for closing remarks.
George R. Kurtz - Co-Founder, CEO, President & Director
Sure.
Thank you.
I want to thank all of you for your time today.
We really appreciate your interest and look forward to speaking with you next quarter.
Have a great holiday.
Thanks.
Operator
Ladies and gentlemen, this concludes today's conference call.
Thank you for participating.
You may now disconnect.