CrowdStrike Execs: Massive Partner Opportunity On Identity Protection, Cloud Security, Next-Gen SIEM

The three fast-growing products are ideal for solution and service providers, executives said during Fal.Con 2023.


CrowdStrike CBO Daniel Bernard

CrowdStrike products in three fast-growing categories offer a huge opportunity to solution and service provider partners to expand with the cybersecurity vendor beyond endpoint detection and response (EDR), executives said.

The three categories—identity protection, cloud security and “next-gen” SIEM (security information and event management)—are all finding massive traction with customers and are seeing increased partner program focus from CrowdStrike with its new Accelerate program, according to executives who spoke at the company’s Fal.Con 2023 conference this week.

[Related: CrowdStrike Widens Its Strike Zone With ‘Something Better’ For SMB Security]

Sponsored post

“The growth in those three products is astronomical,” CrowdStrike President Michael Sentonas said during CrowdStrike’s 2023 Partner Summit, held Monday during Fal.Con.

Annual recurring revenue for the three product categories has now surpassed $500 million, the company disclosed in August in connection with its latest quarterly financial report.

CrowdStrike’s new Accelerate partner program, announced Monday, adds new incentives aimed at helping to continue driving growth with partners across identity protection, cloud security and LogScale next-gen SIEM.

“We have more products to sell—more solutions and more business outcomes to deliver to customers—than ever before,” CrowdStrike Chief Business Officer Daniel Bernard said during a briefing with media. “So everything we’re doing is geared on helping partners build practices around CrowdStrike, whether it’s a cloud security practice, an EDR practice, an identity protection practice [or] a next-gen SIEM practice.”

The program includes larger rebates and pricing advantages for higher-tier partners, according to the company, along with a unique new reward for individual partner sellers.

The incentive, CrowdCard, is a debit card that will be automatically loaded with funds when salespeople close a deal in identity, cloud or LogScale, Bernard said.

The speed of reward delivery is a key element, as funds will be loaded onto a salesperson’s CrowdCard “within days” of closing a deal, he said. By contrast, sales incentive rebates, also known as SPIFs, typically take longer to reach individual sellers, Bernard said.

Overall, at CrowdStrike, “we are committed to building cybersecurity’s most successful channel,” he said during the company’s Partner Summit.

Services Opportunities

CrowdStrike’s product expansion is also proving to be a massive services opportunity for partners, executives said during the Partner Summit.

In the past, it wasn’t always immediately clear where the service opportunities might be when CrowdStrike’s main offering was an easy-to-deploy endpoint security tool, Sentonas noted.

However, while CrowdStrike’s products remain comparatively easy to deploy, “today when people are buying the platform and they’re deploying [numerous] different modules, they’re big projects,” he said.

“And they’re big projects that need everybody in this room to not only take those technologies to market but [also] to help customers get value from those products, whether it’s the installation, the configuration, the tuning of those technologies,” Sentonas said. “[Or] whether it’s taking one of those platform packages with all the different architectures and building a managed service around that.”

To have partners that can deliver these services around CrowdStrike’s platform and its multiple product capabilities is “critically important,” he said.

Partner Perspective

For CrowdStrike’s identity protection segment, ARR has now surpassed $200 million, up 194 percent year over year, the company has said. The growth comes as identity-based threats are surging, with attackers increasingly looking for other ways to breach organizations that won’t be detected by EDR, CrowdStrike has said.

One partner that’s finding huge traction with CrowdStrike’s identity protection offering is Blackwood, an Annapolis, Md.-based solution and service provider.

Identity has “become a linchpin for a lot of zero-trust initiatives,” including in the public sector space that Blackwood heavily focuses on, Blackwood CTO Chris Ebley told CRN after attending the Partner Summit Monday. And “when you look at the platform vendors that exist, not everyone has a foot forward within the identity space,” he said.

CrowdStrike has stood out with its “dedicated investments” into identity security and expansion of capabilities in the area, Ebley said. As identity security threats have evolved, “they’ve done a good job of keeping in lockstep with the needs there on the cyber side,” he said.

Doubling Down On Cloud

Meanwhile, on cloud security, the cybersecurity giant announced a deal Tuesday to acquire Bionic, a startup with capabilities that CrowdStrike plans to integrate into its cloud-native application protection platform (CNAPP).

The move will make CrowdStrike’s CNAPP into “one of the most complete cloud security offerings on the planet,” CrowdStrike co-founder and CEO George Kurtz said during his keynote at Fal.Con 2023 on Tuesday.

Without a doubt, the planned acquisition creates expanded opportunities to work with CrowdStrike in cloud security, an area where solution providers such as Consortium Networks have been finding major growth, according to Larry Pfiefer, founder of the Medford, N.J.-based company.


In terms of LogScale, the adoption of the next-gen SIEM technology, which aims to offer an improved way to search and analyze log data, is another step on the industry’s transition toward extended detection and response (XDR), Kurtz said during a briefing with media at Fal.Con.

“XDR, in my opinion, will replace SIEM,” he said. “I see that happening over the next at least two years.”

What customers want—whether it’s through a tool that’s labeled as SIEM or as XDR—is the ability to ingest and store data at a large scale, and then easily search the data and take action on it, Kurtz said.

Currently, with many customers content to keep using SIEM but looking for a better option, CrowdStrike wants to be clear that it does have an alternative for them, he said. The message is, “‘If you have SIEM and you’re paying a lot of money for it, we’ve got something better, faster and cheaper,’” Kurtz said.

But “ultimately, I think the whole category becomes XDR,” he said.

Consolidation Opportunity

For partners, all three of the fast-growing product categories—as well as the expanding number of other capabilities on CrowdStrike’s Falcon platform—give more reasons to consolidate on the company’s unified offering, Kurtz said during the Partner Summit.

And with tool consolidation a top priority for many customers right now, Kurtz urged partners to embrace CrowdStrike’s ability to offer more than just EDR.

“If you’re thinking about CrowdStrike as just endpoint security, you’re thinking about it the wrong way,” he said. “In 2023, you’re really buying the platform story and all of the outcomes that you can get by harnessing the power of a single agent, a data store and multiple workflows on top of it.”