Search company, investor...

Preempt Security

Founded Year



Acquired | Acquired

Total Raised




About Preempt Security

Preempt Security is developing solutions focused on User Behavior to help enterprises identify and respond to breaches of the enterprise network in real time. On September 23rd, 2020, Preempt Security was acquired by CrowdStrike.

Headquarters Location

600 California Street, Suite 14003

San Francisco, California, 94108,

United States


Missing: Preempt Security's Product Demo & Case Studies

Promote your product offering to tech buyers.

Reach 1000s of buyers who use CB Insights to identify vendors, demo products, and make purchasing decisions.

Missing: Preempt Security's Product & Differentiators

Don’t let your products get skipped. Buyers use our vendor rankings to shortlist companies and drive requests for proposals (RFPs).

Expert Collections containing Preempt Security

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

Preempt Security is included in 1 Expert Collection, including Cybersecurity.



4,937 items

Preempt Security Patents

Preempt Security has filed 5 patents.

The 3 most popular patent topics include:

  • Computer network security
  • Computer access control protocols
  • Computer networking
patents chart

Application Date

Grant Date


Related Topics




Computer network security, Computer security, Network management, Network analyzers, Graphical user interface elements


Application Date


Grant Date



Related Topics

Computer network security, Computer security, Network management, Network analyzers, Graphical user interface elements



Latest Preempt Security News

How to make the workplace a less anxious place

Oct 10, 2022

Michelle Ma (@himichellema) is a reporter at Protocol covering climate. Previously, she was a news editor of live journalism and special coverage for The Wall Street Journal. Prior to that, she worked as a staff writer at Wirecutter. She can be reached at October 10, 2022 Part of the Inflation Reduction Act's $7,500 electric vehicle tax credit is tied to manufacturing battery components in North America and sourcing critical minerals from there. That initially riled up some automakers, who claimed it would be an undue burden. Fast forward a few months, and companies are moving almost in lockstep to bring large-scale operations to the U.S. in anticipation of car buyers looking to take advantage of these EV incentives. So far in 2022, automakers have announced more than $13 billion in domestic EV manufacturing investments and $24 billion in batteries. That’s triple the amount invested in domestic EV manufacturing in 2020 and 28 times the investment in batteries, according to a White House analysis . The U.S. has played a negligible role in the making of EVs and the mining, processing, and production of their components, Sara Baldwin, the director of Energy Innovation’s electrification program, said. Meanwhile, countries like China have long been ramping up for the EV expansion, dominating manufacturing and securing not only the intellectual property to serve the market, but also the mining operations critical to their growth. “We weren’t prepared for this or planning for this,” Baldwin said of the U.S. The IRA is helping the country play catch-up. It’s undeniable we’re already starting to see the first wave of EV and battery manufacturing onshoring. “This is just the beginning of a long-term shift that’s going to take place,” said Rachel Patterson, a policy lead at climate advocacy group Evergreen Action. Some state-level policies like California banning the sale of gas-powered cars by 2035 could help spread EV adoption even further while still other states offer incentives for manufacturers to set up shop. That could convince more automakers to build plants and source minerals from the U.S. Here’s a running list of all the companies investing in the American EV market: Tesla: The EV maker is reportedly partnering with Panasonic on a $4 billion EV battery plant , set to be built in Oklahoma. The two companies already jointly operate a battery factory in Nevada and had previously announced in July a plan to build a separate $4 billion EV battery factory in Kansas. Both Kansas and Oklahoma have incentive packages in place that would attract the corporate investment. The Wall Street Journal, which broke the potential Oklahoma factory news, also reported that Tesla is pausing its German expansion plans to potentially shift its battery cell-making operations to the U.S. in order to qualify for IRA tax breaks. Sources also told Electrek that the company is finally planning on expanding its Nevada gigafactory to be used for battery cell manufacturing. Kia and Hyundai: Kia is planning on moving some of its EV assembly to the U.S. by 2024, according to South Korean news sources. (Its flagship EV is currently built in South Korea.) The South Korean automaker and its parent company Hyundai currently have the second-highest market share for EVs in the U.S., and it looks like they want to keep it that way. Hyundai had already made plans earlier in the year to invest $5.5 billion to build EV and battery manufacturing plants in Georgia , near existing Hyundai and Kia plants. At the time, the company didn’t expect to start production until 2025, but it looks like it’s now moving those plans forward by a year in light of the IRA. Honda: The Japanese automaker and South Korean battery maker LG Energy Solution announced that they’re building a $4.4 billion EV battery plant in the U.S . in late August. They’re targeting production for the end of 2025. Sources told the Wall Street Journal that the plant will be in Ohio , where Honda has an existing auto plant. These batteries will be used exclusively to power Honda and Acura EVs made in North America. Toyota: The Japanese automaker announced an additional $2.5 billion investment into its battery manufacturing plant in North Carolina, more than doubling its prior commitment of $1.29 billion, announced in December. Production is scheduled to begin in 2025, and batteries produced would be used in both hybrids and EVs. The plant is expected to employ 2,100 people, and the announcement came two days after Honda’s announcement. General Motors: The largest auto company in the U.S. is investing $760 million in its existing Toledo plant to make drive units for its EVs. The plant will be the company’s first powertrain or propulsion-related factory to be converted into an EV-component maker. GM also said it’s investing $491 million in an Indiana plant to make parts for future vehicles, including EVs. Ford: The American automaker announced plans to invest $11.4 billion in two EV hubs , one in Tennessee and another in Kentucky. The $5.6 billion complex in Tennessee will vertically integrate battery manufacturing with the assembly of the company’s electric F-Series trucks. Through a joint venture with South Korean battery business SK Innovation, $5.8 billion will go towards building two Kentucky battery plants, which will supply batteries to Ford and Lincoln’s North American EVs. The company plans on investing more than $30 billion in EVs through 2025. Gotion High Tech: Chinese battery maker Gotion is opening a new $2.36 billion plant in Michigan . Gov. Gretchen Whitmer called it the “biggest ever economic development project in Northern Michigan.” Like other states that successfully courted battery makers, Michigan granted the company plenty of tax incentives to build the plant ( $715 million to be specific). The facility is set to produce 150,000 tons of cathode material and 50,000 tons of anode material a year once operational. Our Next Energy: The Michigan-based startup announced a $1.6 billion investment in a new battery cell plant that will be operating at full capacity by the end of 2027. This will be the company's first cell factory, according to founder and CEO Mujeeb Ijaz. The company is also starting a workforce development program meant to retrain Michiganders for green jobs. Piedmont Lithium: The North Carolina-based lithium producer announced an approximately $600 million investment in a new lithium hydroxide production plant in Tennessee. The company said production is slated to start in 2025, and it claims the plant will be the largest lithium hydroxide processing facility in the U.S. Keep ReadingShow less September 29, 2022 James Daly has a deep knowledge of creating brand voice identity, including understanding various audiences and targeting messaging accordingly. He enjoys commissioning, editing, writing, and business development, particularly in launching new ventures and building passionate audiences. Daly has led teams large and small to multiple awards and quantifiable success through a strategy built on teamwork, passion, fact-checking, intelligence, analytics, and audience growth while meeting budget goals and production deadlines in fast-paced environments. Daly is the Editorial Director of 2030 Media and a contributor at Wired. September 23, 2022 Every great tech product that you rely on each day, from the smartphone in your pocket to your music streaming service and navigational system in the car, shares one important thing: part of its innovative design is protected by intellectual property (IP) laws. From 5G to artificial intelligence, IP protection offers a powerful incentive for researchers to create ground-breaking products, and governmental leaders say its protection is an essential part of maintaining US technology leadership. To quote Secretary of Commerce Gina Raimondo: "intellectual property protection is vital for American innovation and entrepreneurship.” Patents are the primary means of protecting IP — trademarks, copyrights, and trade secrets offer additional IP protection — and represent a rule-of-law guarantee akin to a deed’s role in protecting land ownership. The founders of the United States wrote patent protection into the Constitution to “promote the progress of science and the useful arts.” Abraham Lincoln revered patents for adding “the fuel of interest to the fire of genius.” A fireside chat with Qualcomm October 9, 2022 The continuance of large numbers of security vulnerabilities in Microsoft software and architectural weaknesses in some of its systems, such as the Active Directory identity service, should be troubling to any customer, CrowdStrike co-founder and CEO George Kurtz told Protocol. "Customers are asking the question, 'Do I really want to put all my eggs in one basket, with a company that has a long history of not creating secure software?'" Kurtz said in a recent interview. "Some will. Some are going to do it,” he said. “But there are a lot of companies that are saying, 'This can be a real risk to the company, using both Microsoft for security as well as applications, cloud, and everything else.'" Kurtz, of course, is far from unbiased, given the fierce competition between his company's Falcon endpoint detection and response product and Microsoft's EDR, Defender. IDC figures have shown CrowdStrike in the lead on endpoint security market share, with 12.6% of the market in 2021, compared to 11.2% for Microsoft. However, CrowdStrike's growth of 68% in the market last year was surpassed by Microsoft's growth of nearly 82%, according to the IDC figures. Speaking with Protocol, Kurtz discussed Microsoft's strategy of bundling Defender into its higher-tier Office 365 productivity suite, known as E5, as well as Microsoft's efforts to keep vulnerabilities out of its software. He also spoke about upcoming product categories that CrowdStrike plans to add as new modules on the company’s platform and the company's acquisition strategy. This interview has been lightly edited for clarity and brevity. Is it safe to assume that external attack surface management is going to be your next module? It is. We're really excited about that. [ Reposify is] a really cool company out of Israel, great technology. What they're focused on is really automating the understanding of internet-exposed infrastructure or cloud infrastructure, where things might be misconfigured or exposed — which is a huge problem. Can you give any sense on what modules you might look at adding after that? We can’t really can't comment on the future [modules]. But I think if you look at the areas that we've been focused on, I'll maybe start there. Obviously, people know us for endpoint and for cloud workload protection and visibility. We got into the identity space with Preempt — that's not an Okta competitor, it's more identity threat detection and prevention. And then we did an acquisition of SecureCircle in the data space because we do think that [data loss prevention] is a market that can be disrupted. It's kind of like the legacy [antivirus] market: [There are] not a lot of people happy with it, [it] doesn't work so great. So it's really about putting those together and filling out more capabilities in each one of those three buckets. Obviously, we've got great capabilities, but there's always more than we can do, there's always additional companies out there [that could fit as] a module. Do you think you would potentially do a larger acquisition at some point? I think we evaluate deals as they come in, on a case-by-case basis. But our focus really has been smaller deals, good teams, and good technology. In terms of the competitive landscape, I get the impression that Microsoft's E5 bundling of Defender can be pretty tempting for some customers. What are you doing to win EDR customers in light of that strategy by Microsoft? Well I think you’ve got to start at the top, which is: There's really a crisis in trust with Microsoft for a lot of [customers]. I mean, every Tuesday is another zero-day Tuesday. So do you want your security architecture to be built by the same people who have more CVEs to their name than anyone else in the industry? Many don't. The simple answer is, don't put all the eggs in one basket. And they want dedicated technology that is more advanced than signature-based AV. Defender, in part, is a signature-based AV product, with some other things bolted on top of it. So it starts there. We've had many enterprise customers that looked at Microsoft, and when they looked at it, they're like, "We need five or six different consoles." They've come back and said, "We need many, many more people to run the Microsoft suite that we can't hire, and it would cost us more money than having the E5 license already in use." [CrowdStrike offers] immediate time to value, a better outcome, and lower costs. And that's what wins deals. So the cost savings from E5 licensing is not the full story, then? Who's going to run it? Who's going to administer it? How many consoles are you going to have? How much people-power does it take to actually run? Just do the math. Our customers have done the math, and we help them as well. We are significantly cheaper to operationalize than Microsoft. And we're going to have a better outcome. What makes CrowdStrike so much less people-intensive? Because we've got one console. We've got a single-agent architecture. Because of the architecture and the modular format, all built in the cloud, it doesn't require [as many people]. If you have a whole mishmash of different technologies that you bought and put together with five consoles, it's going to take a lot more effort to manage and operationalize it. We're built in the cloud. Microsoft started [as an] AV product. [CrowdStrike] is just a different architecture that is easier to use and requires less users to use it. On at least one occasion in the past, a Microsoft executive suggested that security vendors shouldn't criticize each other because they should be working together on behalf of customers. What do you think about that idea? Everyone wants to make sure customers are protected. But I think they should start with creating secure software. And when you look at some of these vulnerabilities, and some of the patches that have to be re-patched, and you look at just architecturally some of the decisions they've made, like with Active Directory, it's terrible. How is it that Microsoft technology is one of the only technologies that you can actually steal a password and reuse it without ever cracking it? It's just that the architecture is bad, and they have a lot of legacy decisions that still haunt customers today. That's Microsoft's fault. Is there anything that you'd give Microsoft credit for in terms of security, or that you think was a good move on security by them? They've done some decent acquisitions, for sure. And they've hired some good people there. But you can't just market your way out of it. You can't blame other people. And you've got to look inside and start fixing some of your own issues. Keep ReadingShow less October 7, 2022 The U.S. unveiled a set of new regulations Friday that aim to choke off China’s access to advanced chips, the tools necessary to manufacture years-old designs, and the service and support mechanisms needed to keep chip fabrication systems running smoothly. On a briefing call with reporters Thursday, administration officials said the goal is to block the People’s Liberation Army and China’s domestic surveillance apparatus from gaining access to advanced computing capabilities that require the use of advanced semiconductors. The chips, tools, and software are helping China’s military, including aiding the development of weapons of mass destruction, according to the officials, who asked to remain anonymous to discuss the administration’s policies freely. The new rules are comprehensive, and cover a range of advanced semiconductor technology, from chips produced by the likes of AMD and Nvidia to the expensive, complex equipment needed to make those chips. Much of highest-quality chip manufacturing equipment is made by three U.S. companies: KLA, Applied Materials, and Lam Research, and cutting off China’s access to their tools has the potential to damage the country’s ambitions to become a chipmaking powerhouse. “I think the whole policy of the administration can be justified by the fact that if you sell an AI chip to any entity in China for cloud server activities and that’s the alleged end use, it can also be used elsewhere and there's no way around that problem,” said Mathieu Duchâtel, director of the Asia Program at the Institut Montaigne. Years ago, China adopted a civil-military fusion doctrine that effectively enables the transfer of just about any tech in China to military uses. The Biden administration’s new controls on chip exports represent a significant shift in U.S. policy related to China. For decades, the U.S. has attempted to keep China two generations of tech behind, typically by denying China access to the tools necessary to make advanced chips, or other technology, themselves. Now, the goal looks to be to cripple China’s ability to produce chips with technology that is nearly a decade old, several generations behind the state-of-the-art capabilities. I think the whole policy of the administration can be justified by the fact that if you sell an AI chip to any entity in China for cloud server activities and that’s the alleged end use, it can also be used elsewhere and there's no way around that problem. “Basically they're changing the policy we've been pursuing for the last 25 years and they are going to overtly try to degrade China's military capabilities,” William Reinsch, senior adviser and Scholl Chair in International Business at the Center for Strategic and International Studies, told Protocol earlier this week. “I think what you will hear is companies saying this is going to make it much more difficult for us to sell to China, and that’s going to affect our revenue, and it’s going to affect our future investments negatively, and make us less competitive. Maybe we’ll have a debate about that,” Reinsch said. The new restrictions on chip exports set to go into effect Oct. 21 are: Using a new foreign direct product rule, the U.S. will block any chips that are used in “advanced computing and artificial intelligence applications,” officials said. The foreign direct product rule can block chips made by non-U.S. companies — including Chinese chip designers — if they use American technology or software. The new rule could mean that TSMC would be forced to halt production on advanced AI or supercomputer chips designed by Chinese firms that are fabricated in Taiwan, for example. Commerce will issue another new foreign direct product rule that will apply to components and chips destined for supercomputers in China. Semiconductor manufacturing equipment rules that will go into effect Friday include: Tools that are capable of producing logic chips made using fin field-effect transistors, or FinFETs, will be blocked from sales to China. Commonly described in industry shorthand as 14-nanometer, FinFET-based designs are years old, but continue to power the most-advanced smartphones and data center chips. Protocol first reported on the administration’s plans to control the export of these tools in August . For memory tools, tools capable of fabricating flash storage chips with 128-layer tech or greater, and DRAM that is made with 18-nanometer half-pitch or less will both be blocked from sales to China. Officials said the standards for memory are based on current Chinese capabilities. The new rules also restrict the servicing and maintenance of the tools, which is vital to keeping advanced equipment in good enough shape to produce working chips at high volume. Any U.S. citizens currently servicing or supporting tools on the restricted list will have until Wednesday to halt their activity. The U.S. will also block exports of items China could use to make its own chip manufacturing tools, such as a photolithography light source and other specialized components. The Commerce Department is also enacting several additional measures: Officials said that 31 Chinese entities will be added to the unverified list — a group of companies that the U.S. government believes could send tech they buy to restricted entities. For the 28 Chinese organizations already on the U.S. Entity List , Commerce is expanding the scope of controls, including presumptively denying any licenses because of the risk that tech might be diverted to China’s military. Officials said that the Commerce Department had made a significant effort to minimize the damage to U.S. companies, and that the policy was carefully tailored. The chip industry has 60 days to submit written comments about the new regulations, and officials said they would adjust the measures if it was appropriate based on the feedback. The export restrictions are unilateral, and administration officials acknowledge that they will become less effective over time if other countries do not follow suit and enact similar controls. To most corners of the chip industry, Friday’s tightened export controls were largely anticipated. For months, chip company executives in Washington, D.C., have briefed and lobbied administration officials in order to protect their businesses but also — in some cases — to use the export controls to damage or gain an advantage over rivals. In recent months, semiconductor equipment makers such as Applied Materials, Lam Research, and KLA began to disclose that they had received notification letters from the Commerce Department over the summer. Those letters blocked the sale of tools capable of making chips with FinFETs, and prevented Nvidia and AMD from selling advanced AI chips to Chinese customers, among other measures. October 7, 2022 CrowdStrike is finding massive traction in areas outside its core endpoint security products, setting up the company to become a major player in other key security segments such as identity protection as well as in IT categories beyond cybersecurity. Already one of the biggest names in cybersecurity for the past decade, CrowdStrike now aspires to become a more important player in areas within the wider IT landscape such as data observability and IT operations, CrowdStrike co-founder and CEO George Kurtz told Protocol in a recent interview. "I would say down the road, we will be known for more than just security. And we're starting to see that today," Kurtz said. CrowdStrike brings plenty of credibility from its work in cybersecurity to its effort to penetrate the broader IT space, according to equity research analysts who spoke with Protocol. The company recently disclosed surpassing $2 billion in annual recurring revenue, just 18 months after reaching $1 billion . And even with CrowdStrike’s scale, it's continued to generate revenue growth in the vicinity of 60% year-over-year in recent quarters. In a highly fragmented market like cybersecurity, this type of traction for a vendor is unique, said Joshua Tilton, senior vice president for equity research at Wolfe Research. "They're sustaining [rapid] growth and profitability, which is very rare in this space." At the root of CrowdStrike's surge in adoption is its cloud-native software platform, which allows security teams to easily introduce new capabilities without needing to install another piece of software on user devices or operate an additional product with a separate interface. Instead, CrowdStrike provides a single interface for all of its services and requires just one software agent to be installed on end-user devices. As a result, CrowdStrike can tell existing customers who are considering a new capability, “‘You already have our agent — turn it on, try it out,’” Kurtz said. “‘And if you like it, keep it on.’ It's that easy.” For years, Kurtz has touted the potential for CrowdStrike to serve as the "Salesforce of security" thanks to this cloud-based platform strategy. But at a time when cybersecurity teams are looking to consolidate on fewer vendors and are short on the staff needed to operate tools, CrowdStrike's approach is increasingly resonating with customers, analysts told Protocol. The company has now expanded well beyond endpoint detection and response, a category it pioneered to improve detection of malicious activity and attacks (such as ransomware and other malware) on devices such as PCs. Along with endpoint protection, CrowdStrike now offers security across cloud workloads, identity credentials, and security and IT operations. The cloud-native platform concept is still early on for cybersecurity, but if CrowdStrike's momentum continues, it's poised to potentially become the first "fully integrated, software-based platform" in the security industry, Tilton said. That's in contrast to other platform security vendors that are hampered by architectures that predated the cloud, or that rely on hardware for some of their functionality. "CrowdStrike's DNA is that they've come as a cloud-native company with a focus on security from day one," said Shaul Eyal, managing director at Cowen. "It does provide them with an edge." Endpoint challenge Even with CrowdStrike’s advantages, there are no guarantees it will maintain a leading position in a market as large and competitive as endpoint security. There, the company faces a fierce challenge from Microsoft and its Defender product. It’s a topic that Kurtz is outspoken as ever about. In regards to Microsoft, "if you are coming out with zero-day vulnerabilities on a weekly basis, which are being exploited, that doesn't build trust with customers," Kurtz said. "I'm not saying they're not going to win deals. Because they're Microsoft, sure, they're going to win some deals," he said. "But we do see deals boomerang back our way when someone has an issue. Many of the breaches that we actually respond to [are for customers with] Microsoft endpoint technologies in use." Even so, Microsoft brings plenty of advantages of its own in terms of its security approach, analysts told Protocol. Much of the business world counts itself as part of the Microsoft customer base already, and the company has seen major success in bundling its Defender security product into its higher-tier Office 365 productivity suite, known as E5. As of Microsoft's quarter that ended June 30, seats in Office 365 E5 climbed 60% year-over-year, the company reported. And for every CISO who thinks it doesn't make sense to trust Microsoft on security due to vulnerabilities in its software products, there is another CISO who thinks Microsoft's ubiquity in IT is exactly why the tech giant is worth leveraging for security, Tilton said. Beyond the successful bundling strategy, Microsoft has overall done "an exceptional job of elevating security within their product portfolio," said Gregg Moskowitz, managing director and senior enterprise software analyst at Mizuho Securities USA. Still, "we do typically hear that Microsoft has limitations when it comes to what an enterprise's requirements are across some of these cybersecurity areas," including on endpoint, Moskowitz said. At the same time, "we do believe Microsoft's going to get a lot stronger over time," he said. IDC figures have shown CrowdStrike in the lead on endpoint security market share, with 12.6% of the market in 2021, compared to 11.2% for Microsoft. CrowdStrike's growth of 68% in the market last year, however, was surpassed by Microsoft's growth of nearly 82%, according to the IDC figures. Still, Kurtz argued that CrowdStrike has the leg up in endpoint for plenty of other reasons beyond the lack of the same security baggage via vulnerability issues at Microsoft. The chief advantage goes back to CrowdStrike's single-agent architecture, which he said requires fewer staff to operate and has a lower impact on user devices. That translates to better performance and less use of memory because the product does not rely on analyzing digital patterns, known as signatures, for signs of an attack. I would say down the road, we will be known for more than just security. And we're starting to see that today. All of these factors need to be considered when doing the math around how much it will cost to implement an endpoint security product into an operation, Kurtz said. Based on that math, "we are significantly cheaper to operationalize than Microsoft," he said. CrowdStrike has particularly stood out with customers when it comes to the lower performance impact from its Falcon product line, said John Aplin, an executive security adviser at IT services provider World Wide Technology. The company recently worked with one of the largest U.S. banks to select a new endpoint security product, and the choice came down to CrowdStrike or Microsoft Defender, he said. While the bank was initially tempted to utilize its E5 licensing and go with Defender, Aplin said, extensive testing revealed Falcon's comparatively lighter-weight impact on devices, prompting the customer to pick CrowdStrike. Performance impact is not a trivial thing when customers are often running 40 to 70 different security tools, he said. So while being able to provide reliable security is obviously important, the "operational effectiveness" in areas such as performance impact on devices is "where CrowdStrike always wins," he said. The reputation for trustworthy security that CrowdStrike has built since its founding in 2011 shouldn't be minimized as a factor either, according to Wolfe Research's Tilton. By and large, CISOs make purchasing decisions "based on the amount of minutes of sleep at night" they expect to get from a product, he said. CrowdStrike's "first-mover" advantage in endpoint detection and response is a huge one, and its brand awareness is virtually unmatched in security, probably on par only with that of Palo Alto Networks, Tilton said. While some smaller challengers, chiefly SentinelOne , have made headway in the endpoint security space, they have an uphill battle, he said. In endpoint security, "the CISO has to have a good reason to not buy CrowdStrike." Beyond the endpoint In categories outside of endpoint security, CrowdStrike doesn't yet enjoy the same stature. But in some areas, such as identity security, it's on track to get there quickly. Misuse of credentials has emerged as the biggest source of breaches by far as workers have moved outside of the protections of the office firewall, according to Verizon. While CrowdStrike isn't trying to compete with identity management vendors such as Okta or Ping Identity, the company does believe it's found a sweet spot in helping customers to counter identity-based threats, Kurtz said. Following its fall 2020 acquisition of identity security vendor Preempt Security, CrowdStrike has added identity protection and detection capabilities to its platform, and customer adoption has been "like a rocket ship," Kurtz said. During CrowdStrike’s fiscal second quarter, ended July 31, customer subscriptions to the company's identity protection module doubled from the previous quarter. That's a "stunning level of adoption from customers," Mizuho's Moskowitz said. Given that CrowdStrike paid $96 million for Preempt, "that's clearly one of the best small to midsize acquisitions that we’ve seen in software in recent years," he said. CrowdStrike refers to its various add-on security capabilities as modules, and currently has 22 in total, up from 11 in late 2019. A forthcoming module based on the company’s planned acquisition of startup Reposify will be aimed at spotting exposed internet assets for customers, bringing CrowdStrike into the very buzzy market for “ external attack surface management .” Besides identity protection, the company’s other fastest-growing module at the moment is data observability, based on its early 2021 acquisition of Humio, which was recently rebranded to Falcon LogScale. And while highly applicable to security, observability focuses on tracking and assessing many types of IT data. Observability enables customers to "do things that are not just security-related," Kurtz said, such as deploying software patches and taking other actions to improve IT hygiene. George Kurtz, CEO of CrowdStrike. Photo: Michael Short/Bloomberg via Getty Images In total, CrowdStrike reported that it was generating $2.14 billion in annual recurring revenue as of its latest quarter, with its "emerging products" category contributing $219 million. ARR for those emerging products — which include identity protection and observability, but not more-established areas for CrowdStrike, such as workload protection — surged 129% from the same period a year before. Looking ahead, "we'll continue to solve problems that are outside of core endpoint protection and workload protection, but are related, in the IT world," Kurtz said. Security expansion Even within cybersecurity itself, CrowdStrike's emphasis on observability "shows that the industry is starting to recognize that cybersecurity is a data problem ," said Deepak Jeevankumar, a managing director at Dell Technologies Capital, who had led an investment by the firm into Humio. CrowdStrike has no ambitions to get into areas such as network or email security, Kurtz noted. But if a certain business challenge involves collecting and evaluating data from endpoints or workloads, whether that's IT or security data, "we can do that," he said. Application security is another future area of interest, Kurtz said. Given the criticality of many business applications, "understanding their security, who's using them, how they're being used — that's important for organizations of many sizes to have that level of visibility and protection." Within security, CrowdStrike is also notably embracing an approach that's come to be known as extended detection and response , or XDR, for correlating data feeds from a variety of different security tools. CrowdStrike's XDR approach taps into data both from its own products and from third-party tools, including vendors in its CrowdXDR Alliance that have technical integrations with CrowdStrike. While XDR is no doubt an industry buzzword, it's the most effective way yet to put the pieces together and understand how a cyberattack occurred, Kurtz said. "Before XDR, we were sort of blind to how [an attacker] got to the endpoint," he said. "Now we’re able to tell the whole story." CrowdStrike offers a number of managed security services as well, which the vendor was quick to recognize as an important option amid the cybersecurity talent shortage, according to Peter Firstbrook, vice president and analyst at Gartner. “CrowdStrike actually perfected this,” Firstbrook said. “They ran into this roadblock early. Customers said, ‘Look, this [technology] is really cool. But we don't have anybody that can manage it.’” Ultimately, CrowdStrike is well positioned at a time when CISOs are fed up with going to dozens of different vendors to meet their security needs, Cowen's Eyal said. The current refrain from CISOs is, "'We want to deal with the Costco or the Walmart, the big supermarket, for all of our security needs,'" he said. In that respect, "the platform approach is absolutely going to be benefiting [vendors] like CrowdStrike." Over the years, Kurtz said he hasn't backed away from comparing CrowdStrike with Salesforce for a good reason: It's a meaningful comparison, which has only gotten more so as time has gone on. "I've said this since I started the company, that we wanted to be that 'Salesforce of security' — to have a true cloud platform that would allow customers to do more things with a single-agent architecture," he said. "We haven't really deviated from that." Keep ReadingShow less

Preempt Security Frequently Asked Questions (FAQ)

  • When was Preempt Security founded?

    Preempt Security was founded in 2014.

  • Where is Preempt Security's headquarters?

    Preempt Security's headquarters is located at 600 California Street, Suite 14003, San Francisco.

  • What is Preempt Security's latest funding round?

    Preempt Security's latest funding round is Acquired.

  • How much did Preempt Security raise?

    Preempt Security raised a total of $25.5M.

  • Who are the investors of Preempt Security?

    Investors of Preempt Security include CrowdStrike, General Catalyst, Intel Capital, Blackstone, ClearSky and 5 more.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.