CrowdStrike still doesn't know how much its Falcon flame-out will cost

CrowdStrike can't yet confidently predict the financial impact of the failed update to its Falcon software that crashed millions of computers around the world last July, but is confident its third quarter results show customers can't find a better security product.

The security vendor on Tuesday posted $1.01 billion revenue, $926 million of which came from subscriptions. That's a 29 percent revenue and 31 percent jump in subs, year-over year – but couldn't save the business from a $17 million loss.

Investors were told to expect around $1.03 billion revenue in Q4 – but also warned that the company just doesn’t yet know how its software snafu will impact sales.

Speaking on the earnings call, CFO Burt Podbere told investors that in the wake of the July 19 incident, customers were reluctant to talk about renewing subscriptions and delayed buying decisions.

"I think we're still going to see extended sales cycles for both new and existing customers," he added. "I think customers have additional scrutiny, additional layers of approvals, all that sort of thing."

• CrowdStrike hopes legal threats will fade as time passes since it broke the world
• Security? We've heard of it: How Microsoft plans to better defend Windows
• Financial institutions told to get their house in order before the next CrowdStrike strikes
• CrowdStrike's Blue Screen blunder: Could eBPF have saved the day?

CrowdStrike is offering "customer commitment packages" (CCPs) that include one-time incentives including flexible payment terms and subscription extensions.

Even with those offers in place, Podbere warned of "muted upsell rates and potentially higher than typical levels of contraction."

"While in Q3, customers strongly embraced the additional modules and Flex options associated with the CCPs, rather than additional time, it is still too early to determine if that trend will remain the same for Q4," Podbere admitted on the call. "I want to give caution in terms of what customers are going to choose with respect to CCP," he added – because they've only been offered for a single quarter. "That really impacts our ability to understand what's going to happen in the dynamics in Q4."

That uncertainty comes on top of the lawsuits launched at CrowdStrike – such as one from Delta Airlines which is trying to recover $500 million of revenue it claims was lost after the faulty Falcon update caused it to cancel around 7,000 flights. But Podbere could point to new deals being slightly larger than they were before the Falcon incident as a sign customers haven't written off CrowdStrike just yet.

CEO George Kurtz was more upbeat, telling investors that CrowdStrike's products are what customers want and need right now as they try to defend against increasing cyber crime.

"I'm encouraged by the conversation that I'm having with our largest customers and a reflection on the fact that they realize that we have the best tech in the industry and the ability to stop breaches," he said, adding that customers are mostly sticking around.

Some small managed services providers have bailed, but the CEO opined that they won't be missed.

Investors weren't satisfied with that outlook, though, and sent CrowdStrike's share price down from around $364.50 to $343.80 in after hours trading. ®