The Zhitong Finance App learned that during the US stock trading session on Tuesday, the stock price of cybersecurity leader CrowdStrike (CRWD.US) once fell by more than 12%, and finally US stocks fell more than 9% to 233.65 US dollars by the close of Tuesday. Needham, a well-known investment agency on Wall Street, said that the impact of the major incident that caused the Windows operating system to go down due to the sensor configuration update will eventually be over, but the reputational impact caused by the outage will still take some time to dissipate, and CrowdStrike will pay a certain amount of costs in terms of both stock price and fundamentals in the past year or so. Needham still maintained the agency's “buy” rating for CrowdStrike shares, but the target price was lowered from $425 to $375.

Cybersecurity leader CrowdStrike caused a brief software update to the global Microsoft Windows operating system, which seriously affected all industries around the world, causing major impacts such as flight grounding, cancellation/interruption of medical procedures, interruptions in financial services such as stock trading, and the suspension of important programs, causing its stock price to plummet for two consecutive days, the worst in history.

However, the Needham analysis team, led by Alex Henderson, emphasized that they believe CrowdStrike is the company with the best comprehensive capabilities among similar cybersecurity companies, and pointed out that CrowdStrike's handling of such major cyber incidents has always been praised as an open model.

They also said that CrowdStrike's reputation damage may gradually disappear next year, and the impact on its market share will also disappear at that time. Analysts expect it will take at least a year for CrowdStrike's total revenue scale, net addition of ARR, and the impact on sales plans for new cybersecurity products to return to the previous slightly slower growth trajectory due to major customers such as Delta Air Lines filing claims after the incident.

Analysts believe that reputational damage of this scale will be reflected in clients' willingness to rely heavily on a single platform being hampered because this choice poses centralized cybersecurity risks.

According to media reports, American aviation giant Delta Air Lines (DAL.US) quickly hired a law firm to pursue loss claims after CrowdStrike and Microsoft (MSFT.US) operating system malfunctions began on July 19. The airline is seeking compensation from these two tech giants since the Windows operating system outage paralyzed the airline's software system for several days.

Henderson and his team have drastically reduced expectations for CrowdStrike's revenue scale, ARR, and EPS future. They also believe that cash may impact the balance sheet in the form of a one-time charge.

Needham's analysis team was not surprised to hear that Delta is seeking compensation in court. Analysts also lowered their expectations for the company's price-earnings ratio.

Despite these adjustments, however, the NeedHam analysis team still believes CrowdStrike will become the primary platform in the security sector. They still believe that CrowdStrike shares will remain the core holdings of growth investors after the impact of the outage begins to subside.

Additionally, Needham's analysis team notes that while some CrowdStrike customers are annoyed, they are still loyal to the company's cybersecurity platform, especially after CrowdStrike launched an efficient “AI+ cybersecurity service.”

Statistics show that after soaring more than 140% in 2023, the stock price of CrowdStrike, one of the “big AI stocks” in the US stock market, rose as high as 40% so far this year before the outage, mainly because investors expect global companies' investment in cybersecurity to continue to soar, and CrowdStrike's valuation, which is expected to integrate AI technology into the cybersecurity field, continues to rise while taking advantage of the global AI investment frenzy.

CrowdStrike strives to fully integrate groundbreaking generative artificial intelligence technology into its cybersecurity platform services, in particular by introducing an artificial intelligence security analyst called “Charlotte.” This feature is designed to empower every user of the CrowdStrike Falcon platform to quickly create cybersecurity workflows based on generative artificial intelligence.

By asking questions and interacting with Charlotte, a virtual AI analyst, users can quickly and easily use low-threshold operation methods to understand real-time cybersecurity vulnerabilities, threat factors, and other security issues in real time, significantly enhancing the effectiveness and user experience of the platform. The multi-model architecture behind Charlotte AI continues to deep learn and optimize from high-fidelity security data, threat intelligence, and security events marked by experts to provide fast and accurate answers. Through functions such as promptbooks and command line analysis, Charlotte AI can greatly accelerate the operation of the Security Operation Center (SOC), and efficiently help the cybersecurity platform to respond faster and more accurately to cybersecurity protection.

After the outage, some analysts said that customers were generally very frustrated by the outage, calling it a “complete nightmare,” disrupting their business during the busiest travel and shopping period of the year.

However, the Needham analysis team pointed out that these customers remain committed to CrowdStrike's cybersecurity platform and indicated that they are still loyal EDR (Endpoint Detection and Response) customers, but analysts also said that some expansion projects were delayed due to this incident.

Henderson and the Needham analytical team he leads believe that the impact of these events will eventually be a thing of the past. As the new ARR, net expansion, and new logo may come under pressure in the short term, analysts have lowered their target share price for CrowdStrike over the next 12 months, but they don't think this will be a landmark mass loss of customers. The analysis team emphasized that over time, CrowdStrike should be able to correct errors, correct internal processes, completely dissipate the concerns of important customers, and ultimately return to a normalized business growth model.