'Flexing' Its Muscle: CrowdStrike CEO Kurtz Says It's The First 'Hyperscaler Of Security'
With the combination of its cloud-native Falcon platform and Falcon Flex subscription model, CrowdStrike is now offering a formidable set of advantages that position it to do for cybersecurity what AWS did for public cloud, according to CrowdStrike CEO George Kurtz.
Over nearly a decade and a half, CrowdStrike co-founder and CEO George Kurtz and his team have built something the rest of the cybersecurity industry never saw coming but would soon come to envy: not just a new product or business model, but a new breed of company.
Now, with the latest piece of the puzzle—a successful new subscription strategy—CrowdStrike has taken what it already had with its esteemed technology platform and massively accelerated the growth opportunities for the company and its channel partners, according to CrowdStrike and solution provider executives.
The momentum has also led to a notable shift in how Austin, Texas-based CrowdStrike sees both itself and the playing field it’s on, executives said.
In an exclusive interview with CRN, Kurtz said he is now confident describing CrowdStrike, in no uncertain terms, as the first-ever “hyperscaler for security.”
“We’re in a unique position in the industry because we do have the single platform to make all this work—as opposed to many things out there that are kind of stitched together,” Kurtz said.
Making “all this work,” from CrowdStrike’s perspective, includes offering an open, cloud-native platform that provides high scalability and a subscription model with the ability to add additional security products near-instantly in order to rapidly scale up protections against emerging and expanding threats.
[READ MORE: CrowdStrike CEO George Kurtz On AWS, Falcon Flex And ‘Incredibly Important’ Partner Moves]
The path to becoming a security hyperscaler was laid at CrowdStrike’s founding.
Since its inception in 2011, the company has offered a cloud-only platform that allows partners and customers to easily add new capabilities, analogous to the key advantages of a public cloud hyperscaler such as Amazon Web Services, Microsoft Azure or Google Cloud.
What CrowdStrike has done more recently, however, is to develop the subscription piece—a model that’s akin to those offered by public cloud hyperscalers but has been previously unheard of in the cybersecurity space.
The subscription model, Falcon Flex, aims to enable partners to rapidly package up and deploy the dozens of additional tools CrowdStrike now offers on its platform, while providing improved agility and cost savings for customers. And Flex has been a massive growth driver for CrowdStrike partners in 2025, with expectations that Flex will only ramp up as part of a broader expansion to SMB and midmarket customers, CrowdStrike and solution provider executives told CRN.
[READ MORE: How CrowdStrike Mastered The Comeback: Analysis]
Ultimately, with the combination of its cloud-native Falcon platform and Falcon Flex subscription model, CrowdStrike is now offering a formidable set of advantages that can do for cybersecurity what AWS did for public cloud, Kurtz said. Flex was “the last building block to get to the point of CrowdStrike being the hyperscaler of security,” he said.
For solution providers such as SHI International, the strategy has helped to bolster huge momentum for its partnership with CrowdStrike, with the solution provider reporting crossing $1 billion in total sales with the vendor as of the end of last year.
“When you think about a hyperscaler, the underlying themes are its speed, its scale and its trust,” said Brian McGrath, vice president of commercial and SMB sales at Somerset, N.J.-based SHI, No. 12 on CRN’s 2025 Solution Provider 500. “I think that accelerated growth we’re seeing from CrowdStrike is really due to those three things. And I don’t see that changing anytime soon.”
Likewise, the sentiment at GuidePoint Security, which crossed $1 billion in CrowdStrike sales in June, is that it’s still just the “mid-innings of our partnership,” said GuidePoint’s Mark Thornberry.
“We don’t feel like we’re at the ceiling at all,” said Thornberry, senior vice president for partnerships at Herndon, Va.-based GuidePoint, No. 37 on CRN’s 2025 Solution Provider 500. “As well as we’ve done and as much as we’ve invested, the future is truly the brightest it’s ever been.”
A Cloud-Only Foundation
The starting point for CrowdStrike’s journey to becoming a hyperscaler-level platform began with its early decision to embrace a cloud-only architecture at a time when many large customers had little appetite for it, Kurtz said.
It was a fundamentally different set of ideas about security technology: Instead of accommodating on-premises systems that were increasingly unwieldy and slow to react, CrowdStrike’s platform was built from the start to be cloud-native, allowing for quick deployment of new capabilities to protect against changing threats.
“In the early days, we were going to many of the large banks, and [they were] asking me for ‘the on-prem version,’” he said.
CrowdStrike turned down the requests to build such a version. “‘We’ll be back when you’re ready to go to the cloud,’” Kurtz recalled telling such customers.
Without a doubt, CrowdStrike was the first vendor in the cybersecurity industry to “successfully introduce the idea of cloud-managed endpoint,” said Chris Ebley, CTO at Annapolis, Md.-based Blackwood, No. 93 on CRN’s 2025 Solution Provider 500. “That was a huge hurdle.”
Not only was this a time well before SaaS had become ubiquitous, but CrowdStrike knew that the bet would only really pay off once the vendor had more to offer product-wise.
True, the company had made its name as a trailblazer in endpoint detection and response and displacer of traditional antivirus. But the biggest advantages of going cloud-native would only come through having additional products that could benefit from the approach of just having one software agent that could be reused again and again to easily deploy additional products from the cloud.
The architecture for CrowdStrike’s Falcon platform enabled the company to continually “take advantage of this data fabric that we built—‘collect once, reuse many,’” Kurtz said. “The decision to not have separate threads—of on-prem versus something in the cloud—it paid dividends for us, even though we probably lost some early sales because of it.”
Over the years, the company’s portfolio has steadily expanded to the point of offering 30 different product modules currently, comprising most of the major technology segments in cybersecurity today. The Falcon platform spans identity protection, cloud and AI security, data protection, exposure management and “next-generation” security operations, among other categories. Several are massive businesses in their own right, each generating hundreds of millions of dollars in annual recurring revenue (ARR).
But more than just having numerous products, CrowdStrike’s approach to enabling partners and customers to easily turn on new capabilities thanks to its architectural design is what makes the company akin to a hyperscaler, according to CrowdStrike Chief Business Officer Daniel Bernard.
As partners and customers use more and more of CrowdStrike’s products, “we become the de facto way of doing cybersecurity,” Bernard said. “We really become the operating system of cybersecurity for the organization.”
The Falcon Flex Breakthrough
Executives from top solution and service provider partners told CRN that CrowdStrike’s approach has increasingly resonated with customers, many of which are seeking to consolidate tools and reduce costs while also improving security outcomes.
“The amount of their functionality that builds off the existing [software] agent footprint—that’s really attractive. It’s not, ‘More agents, more tools,’” said Blackwood’s Ebley.
And the benefits for cyber defense are substantial, as CrowdStrike can harness existing telemetry from endpoints to vastly improve key areas of security such as vulnerability management, he said.
“They can assess, what is all the telemetry visibility we have? And what can we do with that? What use cases can we solve for with that telemetry?” Ebley said.
The advantages of the CrowdStrike architecture have continued to amass as the vendor has moved into new categories, most recently with new security capabilities for AI and agentic AI. Still, the company recognized it needed a similar breakthrough on its sales and procurement model to really accelerate the platform’s adoption, executives said.
That breakthrough, they said, was Falcon Flex.
While platform consolidation has been a growing priority in cybersecurity for several years, the sales and partnership model needed to accelerate that consolidation has been lacking until now, according to CrowdStrike executives.
Flex has been a key source of growth for the vendor over the two years since it launched, the company said. It has also been influential in the broader cybersecurity industry, having led several other cybersecurity vendors to replicate the concept and even adopt the “Flex” moniker itself in some cases.
Simply offering multiple tools and a Flex-style subscription model, however, will not put just any security vendor into a hyperscaler league, Kurtz said.
“You’ve got to have the platform, you’ve got to have the ecosystem, you’ve got to have the technology that people want to consolidate on. But then you have to have the contract vehicle to make it easy,” he said. “That was our approach. And that contract vehicle, I think, has really accelerated the business—but also [enabled] this concept of being the hyperscaler of security.”
When CrowdStrike unveiled its new Falcon Flex model meant to drive faster adoption of tools across its platform, top solution and service provider partner Optiv was immediately intrigued, according to Optiv CRO John Hurley.
And so in early 2024, Optiv became one of the early solution providers to begin working closely with CrowdStrike on utilizing Flex as a way to make it easier for customers to quickly scale up their security using CrowdStrike’s cloud-native, software-only Falcon platform.
The model works by enabling customers to pre-commit to a certain amount of spending on the platform—with higher discounts for bigger commitments—and consume the CrowdStrike technologies over time as needed.
A longtime and close partner of CrowdStrike, Optiv in late 2023 was in fact the first solution provider to hit the $1 billion sales mark with the vendor. And so the Denver-based cybersecurity powerhouse, No. 28 on CRN’s 2025 Solution Provider 500, jumped in early and helped shape how Flex would be positioned and delivered.
Even with the vast experience of the two companies, the approach required some major learning and iteration, Hurley said.
“We had to learn how to propose it, how to configure it,” he said. “That was an investment early on from us.”
For example, while the flexibility of deploying different technologies over time is a key benefit of the model, providing a price quote to customers is a more complex matter for this type of license. And it was something Optiv provided significant feedback on from the start, ultimately helping CrowdStrike truly unlock the scalability benefits envisioned for Falcon Flex, Hurley said.
And the bet has paid off in a big way for Optiv, with the company being among the first to learn how to really position this new type of approach to selling and deploying security products, he said.
“It’s providing us a new conversation that we can have,” Hurley said. “We think this is a very broad discussion around tech rationalization and, in some cases, tech consolidation. So it provides us a new opportunity for sure.”
Flex Gaining Traction
If the idea behind the Flex model sounds familiar, that may be because it borrows a page out of the AWS playbook, executives noted.
As one of CrowdStrike’s most pivotal allies, AWS provides not just the public cloud that Falcon runs atop but is also a customer of CrowdStrike and a close collaborator, according to executives. “If you think about the CrowdStrike partnership with AWS, it’s so expansive,” said Amanda Adams, vice president for Americas alliances at CrowdStrike.
To continue enabling a rapid pace of consolidation on Falcon, it became clear that AWS had the blueprint for CrowdStrike with its widely used Enterprise Discount Program (EDP). With Falcon Flex, “certainly, there was a hat tip to AWS and their EDP as we put it together,” Kurtz said.
Traction with Flex has surged past expectations, he said. More than 1,000 customers have utilized the model with the average customer generating more than $1 million in ARR for CrowdStrike, as of the company’s second quarter of fiscal 2026, which closed July 31.
Even the July 2024 IT outage caused by a faulty configuration update from CrowdStrike ended up leading to wider implementation for Flex. CrowdStrike provided free product compensation to customers in the wake of the incident, and the natural move was to do this through a Flex license for easier procurement, according to executives.
As a result, “we accelerated the adoption of Falcon Flex because of the incident,” Kurtz said. “In one fell swoop, we got a lot of customers [onto Flex] very quickly.”
Meanwhile, for the channel, it’s also notable that one-third of CrowdStrike partners have taken part in a Flex deal so far, according to the company.
When it comes to offering a multitude of different products on a single platform, providing partners and customers with a more straightforward approach to procurement and deployment is a massive differentiator for CrowdStrike, according to Wipro’s Brian Rizman.
“CrowdStrike has really figured out how to make that quite easy for people to consume. So you are seeing really increased consumption by our clients across the platform,” said Rizman, senior partner and Americas head of advisory, cybersecurity and risk services at Wipro, which is No. 17 on CRN’s 2025 Solution Provider 500 and has headquarters in East Brunswick, N.J., and Bangalore, India.
On the whole, “I think what they're doing in the space is very disruptive,” he said.
Given that many Flex licenses are procured through the AWS Marketplace, the cloud giant is more than happy to see CrowdStrike tapping into the approach, said Hart Rossman, vice president for global services security at AWS. There has been “fantastic velocity and movement” through Flex for CrowdStrike, AWS and customers, Rossman said.
“I do feel like, when we’re working together, we inspire each other to do more at scale for our customers,” he said.
‘It Isn’t Just For Large Enterprises’
Flex is poised to only become more central to how CrowdStrike does business going forward, executives said.
For one thing, CrowdStrike is already beginning to expand its Flex approach to small and medium-size businesses after gaining an initial foothold among enterprise customers, said Chief Business Officer Bernard.
“You’re going to see Flex across the entire stack of our customer profile—it isn’t just for large enterprises,” he said. “It works really well for corporate accounts and even small-medium businesses.”
That’s proving to be the case for solution providers that serve SMBs such as SHI, which has seen strong demand from its small and midmarket customers for leveraging the Flex model, according to SHI’s McGrath.
With Flex enabling faster and easier adoption of new security capabilities, under-resourced SMBs are “the companies that probably need the most help with that,” McGrath said. “We’re definitely seeing a lot of [SMB] customer interest in that respect.”
Looking ahead, CrowdStrike is also signaling that all licensing will come under the Flex model in the “not-too-distant future,” Kurtz said, though an exact date has not been disclosed.
Ultimately, the expectation is that Flex will only bring CrowdStrike even closer to the channel over time, he said.
“Just about everything we do goes through a partner anyway. But the net-new business from partners, particularly because of Flex, I think will expand in the future,” Kurtz said.
Of course, beyond just the licensing model, the partner needs to be able to “line up all the products across the categories—Next-Gen SIEM, identity, exposure management,” he said. However, “if you do that work, you can take $5 million deals and can turn them into $50 million deals.”
With Flex routinely enabling deals to balloon more than 10-fold what they would’ve been otherwise—in some cases even reaching more than $200 million over a four-year period—the indicators that CrowdStrike is a different breed of security vendor are very clear, Bernard said.
“No one's done deals like this in software-based cybersecurity before,” he said. “It's really akin to the kind of deals that the hyperscalers do.”
It’s also increasingly evident that a single-platform approach, complemented by a subscription model that enables rapid deployment of new capabilities, will be the essential formula as adoption expands for GenAI and agentic applications, CrowdStrike and solution provider executives told CRN.
For instance, AI agents can provide a huge advantage for Security Operations Center (SOC) teams that are charged with protecting organizations against intensifying cyberthreats, executives said.
However, “agentic only works with shared context—you have to have context of all the various platforms and all the parts of the threat itself,” said Chris Schueler, CEO of Kansas City, Mo.-based Cyderes, No. 98 on CRN’s 2025 Solution Provider 500.
And so even for organizations that are grappling with massive “sprawl” for their tools and IT environments, the answer is to connect everything as much as possible so it can be viewed through a single lens, Schueler said. That’s the case whether an organization is looking to securely enable agentic usage or protect against sophisticated attacks, which are often now powered by AI itself.
Crucially, the approach taken by CrowdStrike with its Falcon platform—around stitching all the necessary context together—can allow organizations to use agentic to correlate security risk in real time, according to Schueler.
“That’s what agentic is so amazing at,” he said. “And that’s why we’re working with a powerhouse like CrowdStrike to redefine what AI looks like in a SOC.”
For CrowdStrike, the bottom line is that while a company aiming to operate in the vein of a cloud hyperscaler will need to do a lot of different things right, the biggest will always be around enabling partners and customers to scale quickly, according to Kurtz.
“With the platform and the technology, we spend a lot of time on how to make it easy, how to scale it, how to add new modules. And as much time as we spend on the technology piece, we spend as much time on the business model piece,” he said. “If you spend as much time in the business model—and the technology model actually supports the business model—that's when you have lightning in a bottle.”