BrandWikiReturn

CrowdStrike

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services.[3]

Crowdstrike investigated several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyberattacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC.[4][5] On July 19, 2024, it issued a faulty update to its security software that caused global computer outages that disrupted air travel, banking, broadcasting, and other services.[6][7][8]

History

CrowdStrike was co-founded in 2011 by George Kurtz (CEO), Dmitri Alperovitch (former CTO), and Gregg Marston (CFO, retired).[9][10][11][12] The following year, the company hired Shawn Henry, a former Federal Bureau of Investigation (FBI) official, to lead the subsidiary CrowdStrike Services, Inc., which offered security and response services.[13][14] The company launched CrowdStrike Falcon, an antivirus package, as its first product in June 2013.[15][16]

In May 2014, CrowdStrike's reports helped the United States Department of Justice charge five Chinese military hackers with economic cyber espionage against U.S. corporations.[17] CrowdStrike also uncovered the activities of Energetic Bear, a group connected to Russia's Federal Security Service which conducted intelligence operations against global targets, primarily in the energy sector.[18]

Following the 2014 cyberattack on Sony Pictures, CrowdStrike identified evidence suggesting North Korean government involvement and provided analysis on the methods used in the attack.[19] CrowdStrike also helped identify members of Putter Panda, the state-sponsored Chinese group of hackers also known as PLA Unit 61486.[20][21]

In May 2015, the company reported a serious security problem called VENOM. It was found in QEMU, a program used to run virtual computers, and could let hackers steal private information.[22][23] In October 2015, the company announced that it had identified Chinese hackers attacking technology and pharmaceutical companies around the time that U.S. President Barack Obama and China's leader Xi Jinping publicly agreed not to conduct economic espionage against each other. The alleged hacking would have been in violation of that agreement.[24]

In July 2015, Google invested in the company's Series C funding round.[25][26][27]

In 2017, Crowdstrike reached a valuation of more than $1 billion with an estimated annual revenue of $100 million.[28] In June 2018, the company said it was valued at more than $3 billion.[26] Investors at the time included Telstra, March Capital Partners, Rackspace, Accel Partners and Warburg Pincus.[29][30]

In June 2019, the company made an initial public offering on the Nasdaq.[31][32]

In 2020, CrowdStrike launched a tool called Falcon Identity Threat Protection to help protect user identities. In 2022, it became a managed service, meaning CrowdStrike started running it for customers. That same year, they added a cloud-based threat hunting feature to look for signs of attacks.[33][34]

In December 2021, the company moved its headquarters location from Sunnyvale, California, to Austin, Texas.[35]

In 2023, CrowdStrike introduced CrowdStream service in collaboration with Cribl.io.[36] Charlotte AI, CrowdStrike's generative AI security analyst, was launched in May 2023 as part of Falcon's AI-driven security updates, enhancing automated threat triaging and response.[37]

In September 2023, CrowdStrike launched Falcon Foundry, a no-code application development platform directed at a wider audience,[38] and in September 2024, the company launched CrowdStrike Financial Services, which offers payment solutions and financing to improve access to the Falcon platform.[39]

The company joined the S&P 500 index in June 2024.[40]

Acquisitions

Crowdstrike has a history of acquisitions, including:

  • November 2017: Payload Security (develops automated malware analysis sandbox technology)[41]
  • September 2020: Preempt Security (zero trust and conditional access technology provider): $96 million[42]
  • February 2021: Humio (Danish log management platform): $400 million.[43]
  • November 2021: SecureCircle (SaaS-based cybersecurity service)[44]
  • October 2022: Reposify (an external attack surface management vendor for risk management)[45]
  • September 2023: Bionic.ai (Israeli cybersecurity startup)[46]
  • November 2024: Flow Security ($200 million) and Adaptive Shield ($300 million) (Israeli cloud security startups)[47][48]
  • August 2025: Onum (Spanish company focused on managing real-time telemetry pipelines)[49]
  • January 2026: SGNL (California-based identity security firm): $750 million[50]
  • January 2026: Seraphic Security (Israel-based cybersecurity firm specializing in browser runtime security): $420 million.[51]

Earnings

In 2024, total revenue was $3.06 billion, a 36% increase.[58]

Russian hacking investigations

CrowdStrike helped investigate the Democratic National Committee cyberattacks and a connection to Russian intelligence services.[59] On 20 March 2017, then-FBI director James Comey testified before congress stating:[60]"'CrowdStrike, Mandiant, and ThreatConnect review[ed] the evidence of the hack and conclude[d] with high certainty that it was the work of APT 28 and APT 29 who are known to be Russian intelligence services.'"Comey previously testified in January 2017 that a request for FBI forensics investigators to access the DNC servers was denied, saying Crowdstrike agreed to share information.[61]

In December 2016, CrowdStrike released a report stating that Russian government-affiliated group Fancy Bear had hacked a Ukrainian artillery app.[62] The report concluded that Russia had used the hack to cause large losses to Ukrainian artillery units. The app (called ArtOS) was installed on tablet PCs and used for fire-control.[63] CrowdStrike also found a hacked variation of POPR-D30 being distributed on Ukrainian military forums that utilized an X-Agent implant.[64]

The U.K.-based think tank International Institute for Strategic Studies said CrowdStrike’s report wrongly used its data and denied that hacking caused Ukraine’s artillery losses. The Ukrainian Ministry of Defense also rejected the CrowdStrike report, stating that actual artillery losses were much smaller than what was reported by CrowdStrike and were not associated with Russian hacking.[65] Prior to this, CrowdStrike had published a report claiming that malware used in Ukraine and against the Democratic National Committee (DNC) appeared to be unique and identical, offering it as further evidence for a Russian origin of the DNC attack.[66]

Cybersecurity firm SecureWorks discovered a list of email addresses targeted by Fancy Bear in phishing attacks. The list included the email address of Yaroslav Sherstyuk, the developer of ArtOS.[67] Additional Associated Press research supports CrowdStrike's conclusions about Fancy Bear.[68] Radio Free Europe notes that the AP report "lends some credence to the original CrowdStrike report, showing that the app had, in fact, been targeted."[69]

2024 IT outages

On 19 July 2024, CrowdStrike released a faulty configuration update for its Falcon Sensor software on Microsoft Windows systems. The update caused around 8.5 million computers to crash and fail to restart properly. The disruption affected organizations in many sectors, including airlines, healthcare providers, financial institutions, media companies, and government services in multiple countries.[70][71]

CrowdStrike identified the faulty configuration update as the cause of the incident and stated that it was not the result of a cyberattack. The company released guidance and tools to help customers restore affected systems. Chief executive George Kurtz and other senior leaders issued public apologies, saying the company was “deeply sorry” for the disruption and announcing planned process changes to reduce the risk of similar incidents in the future.[72][73][74]

The outage led to industry and policy discussions about the risks associated with widely used, centralized security software and the importance of improving operational resilience in global information technology infrastructure.[75][76]

Following the outage, CrowdStrike launched the "Falcon Flex" customer retention program, offering customers additional products and flexible subscriptions. By late 2025, Falcon Flex had accumulated over $3.2 billion in total deal value.[77] CrowdStrike CEO George Kurtz stated that the company's customer renewal rate remained at 97%.[78]

Delta lawsuits

Delta Air Lines and CrowdStrike filed lawsuits against each other following the July 2024 Falcon software update.[79][80][81]

On October 25, 2024, Delta filed a lawsuit against CrowdStrike in Georgia state court, seeking approximately $500–550 million in damages. The airline said the claim covered flight cancellations, lost revenue, and costs related to restoring its operations after the Falcon software update.[82][83] A Georgia judge allowed Delta to proceed with key claims in its lawsuit, including allegations of gross negligence and computer trespass, while limiting certain fraud claims.[79][84]

On the same day that Delta filed its lawsuit, CrowdStrike filed a separate suit in the United States District Court for the Northern District of Georgia. The company sought a declaratory judgment stating that any liability arising from the July 2024 incident is limited by the terms of the parties’ service contract.[85]

CrowdStrike acknowledged that the flawed configuration update caused the global outage. The company stated that it identified the issue quickly and released a corrective update, with most major airline customers were operating at near-normal levels by the following day.[81][86] Delta experienced longer disruptions than other major airlines following the outage. CrowdStrike argued that the extended impact on Delta was due to the airline’s own information technology architecture and operational decisions, including its reliance on Microsoft Windows systems and its approach to system recovery, rather than the software update itself.[86][87][81]

See also

  • 2024 Delta Air Lines disruption
  • Operating systems
  • Chinese intelligence activity abroad
  • Chinese espionage in the United States
  • Timeline of Russian interference in the 2016 United States elections
  • Timeline of investigations into Donald Trump and Russia (January–June 2017)

External links

References

  1. Tom Richardson. CrowdStrike's Australian boss snares $225m cybersecurity fortune Australian Financial Review, 31 March 2024, retrieved 21 July 2024^
  2. US SEC: Form 10-K Crowdstrike Holdings, Inc., FY2026 U.S. Securities and Exchange Commission, March 5, 2026, retrieved March 19, 2026^
  3. CrowdStrike's security software targets bad guys, not their malware TechRepublic, 9 October 2015, retrieved 10 June 2016^
  4. Tony Bradley. CrowdStrike demonstrates how attackers wiped the data from the machines at Sony CSO Online, International Data Group, 2015, retrieved 9 June 2016^
  5. Tom Hamburger, Ellen Nakashima. Clinton campaign – and some cyber experts – say Russia is behind email release The Washington Post, 24 July 2016^
  6. Mabel Banfield-Nwachi. Windows global IT outage: what we know so far The Guardian, 19 July 2024, retrieved 19 July 2024^
  7. Robert Plummer. Crowdstrike and Microsoft: What we know about global IT outage BBC News, 19 July 2024, retrieved 19 July 2024^
  8. Paul Godfrey, Simon Druker, Ehren Wynder. 911 call centers back online after IT outage causes global chaos United Press International, 19 July 2024, retrieved 19 July 2024^
  9. In conversation with George Kurtz, CEO of CrowdStrike Fortune, retrieved 1 July 2019^
  10. Bloomberg – Dmitri Alperovitch www.bloomberg.com, retrieved 14 February 2020^
  11. Standing up at the gates of hell: CrowdStrike CEO George Kurtz Fortune, 29 July 2015, retrieved 10 June 2016^
  12. Cameron Albert-Deitch. CrowdStrike, the $3.4 Billion Startup That Fought Russian Spies in 2016, Just Filed for an IPO Inc.com, 15 May 2019, retrieved 1 July 2019^
  13. Steve Ragan. Former FBI Exec to Head CrowdStrike Services SecurityWeek, 23 April 2012, retrieved 13 December 2020^
  14. Ellen Messmer. Top FBI cyber cop joins startup CrowdStrike to fight enterprise intrusions Network World, 18 April 2012, retrieved 10 June 2016^
  15. Ellen Messmer. Start-up tackles advanced persistent threats on Microsoft, Apple computers Network World, 18 June 2013, retrieved 1 July 2019^
  16. U.S. firm CrowdStrike claims success in deterring Chinese hackers Reuters, 13 April 2015, retrieved 14 June 2016^
  17. Devlin Barrett and Siobhan Gorman. U.S. Charges Five in Chinese Army With Hacking Wall Street Journal, 20 May 2014, retrieved 14 February 2020^
  18. The old foe, new attack and unsolved mystery in the recent U.S. energy sector hacking campaign CyberScoop, 12 July 2017, retrieved 14 February 2020^
  19. What's in a typo? More evidence tying North Korea to the Sony hack PCWorld, retrieved 14 June 2016^
  20. Nicole Perlroth. 2nd China Army Unit Implicated in Online Spying The New York Times, 9 June 2014, retrieved 14 June 2016^
  21. Second China unit accused of cyber crime Financial Times, 10 June 2014, retrieved 10 June 2014^
  22. 'Venom' vulnerability: Serious computer bug shatters cloud security Fortune, 13 May 2015, retrieved 14 June 2016^
  23. Dan Goodin. Extremely serious virtual machine bug threatens cloud providers everywhere Ars Technica, 13 May 2015, retrieved 1 July 2019^
  24. Danny Yadron. Report Warns of Chinese Hacking Wall Street Journal, 19 October 2015, retrieved 1 July 2019^
  25. Sarah Kuranda. Crowdstrike Lands $100M Funding Round, Looks To Expand Globally And Invest In Partners CRN, 17 May 2017, retrieved 1 July 2019^
  26. Cybersecurity startup CrowdStrike raises $200 million at $3 billion valuation VentureBeat, 19 June 2018, retrieved 1 July 2019^
  27. CrowdStrike may top these 6 biggest-ever U.S. security IPOs next month www.bizjournals.com, retrieved 24 February 2020^
  28. Robert Hackett. Hack Investigator CrowdStrike Reaches $1 Billion Valuation FORTUNE, 17 May 2017, retrieved 9 June 2017^
  29. Security Company CrowdStrike Scores $100M Led By Google Capital TechCrunch, 13 July 2015, retrieved 1 July 2019^
  30. CrowdStrike raises $100 million for cybersecurity www.bizjournals.com, retrieved 24 February 2020^
  31. Hannah Murphy. Cyber security group CrowdStrike's shares jump more than 70% after IPO Financial Times, 13 June 2019, retrieved 13 June 2019^
  32. Lauren Feiner. CrowdStrike pops more than 70% in debut, now worth over $11 billion CNBC, 12 June 2019, retrieved 12 June 2019^
  33. "CrowdStrike launches Falcon Identity Threat Protection Complete," Techzine, March 2, 2022, retrieved March 3, 2025.^
  34. "CrowdStrike introduces a new cloud threat hunting service," VentureBeat, July 26, 2022, retrieved March 3, 2025.^
  35. CrowdStrike Changes Principal Office to Austin, Texas CrowdStrike, 28 December 2021, retrieved 2 February 2022^
  36. Kyle Alspach. RSAC 2023 Sees Big Moves From SentinelOne, CrowdStrike, Google Cloud, Accenture www.crn.com, retrieved 29 February 2024^
  37. "CrowdStrike adds generative AI assistant to security tools," Axios, May 30, 2023, retrieved March 6, 2025.^
  38. "CrowdStrike announces major build-out of its Falcon product suite," CSO, September 19, 2023, retrieved March 3, 2025.^
  39. "CrowdStrike Unveils Financial Services, AI Tools at Fal.Con 2024," Channel Insider, September 23, 2024, retrieved March 6, 2025.^
  40. Ed Carson. CrowdStrike, KKR, GoDaddy To Join S&P 500 In Quarterly Rebalance; Stocks Jump Investor's Business Daily, 9 June 2024^
  41. Eduard Kovacs. CrowdStrike Adds Malware Search Engine to 'Hybrid Analysis' Security Week, August 21, 2018^
  42. Natalie Gagliordi. CrowdStrike to acquire Preempt Security for $96 million ZDNet, retrieved 28 September 2020^
  43. Catalin Cimpanu. CrowdStrike acquires Humio for $400 million ZDNet, 18 February 2021, retrieved 10 July 2024^
  44. Michael Novinson. CrowdStrike To Buy Data Protection Startup SecureCircle CRN, 1 November 2021, retrieved 10 June 2024^
  45. Ofir Dor. CrowdStrike buying Israeli cybersecurity co Reposify Globes, September 20, 2022^
  46. CrowdStrike acquiring cyber startup Bionic for $350 million CTech, 19 September 2023^
  47. CrowdStrike acquiring cyber startup Flow Security in $200 million deal CTech, 6 March 2024, retrieved 19 July 2024^
  48. Eduard Kovacs. CrowdStrike to Acquire Adaptive Shield in Reported $300 Million Deal SecurityWeek, 2024-11-06, retrieved 2024-11-06^
  49. CrowdStrike Agrees to Acquire Onum to Supercharge Falcon NG SIEM CrowdStrike.com, retrieved 2025-08-30^
  50. B. V. Swagath. CrowdStrike to enhance AI-era identity security with SGNL acquisition Verdict, 2026-01-09, retrieved 2026-01-09^
  51. Mike Lennon. CrowdStrike to Acquire Browser Security Firm Seraphic for $420 Million SecurityWeek, 2026-01-13, retrieved 2026-01-14^
  52. US SEC: Form 10-K Crowdstrike Holdings, Inc., FY2020 U.S. Securities and Exchange Commission, March 23, 2020, retrieved March 19, 2025^
  53. US SEC: Form 10-K Crowdstrike Holdings, Inc., FY2021 U.S. Securities and Exchange Commission, March 18, 2025, retrieved March 19, 2025^
  54. US SEC: Form 10-K Crowdstrike Holdings, Inc., FY2022 U.S. Securities and Exchange Commission, March 16, 2025, retrieved March 19, 2025^
  55. US SEC: Form 10-K Crowdstrike Holdings, Inc., FY2023 U.S. Securities and Exchange Commission, March 8, 2025, retrieved March 19, 2025^
  56. US SEC: Form 10-K Crowdstrike Holdings, Inc., FY2024 U.S. Securities and Exchange Commission, 7 March 2024^
  57. US SEC: Form 10-K Crowdstrike Holdings, Inc., FY2025 U.S. Securities and Exchange Commission, March 10, 2025, retrieved March 19, 2025^
  58. Charlotte Ehrlich. Facing scrutiny over global outage, cybersecurity firm CrowdStrike on track for record year of federal lobbying spending 2024-10-09^
  59. Энжел-Ау Юнг (Angel-Au Jung). Охотник на хакеров и враг Трампа: как миллионер из США ловит киберпреступников из России, Китая и Ирана Forbes (forbes.ru), 20 March 2020, retrieved 20 September 2024^
  60. Full transcript: FBI Director James Comey testifies on Russian interference in 2016 election retrieved 22 May 2017^
  61. FBI Director Comey: Agency requested access to DNC server CBS News, 10 January 2017, retrieved 19 July 2024^
  62. Russian hackers linked to DNC attack also targeted Ukrainian military, says report theverge.com, 23 December 2016, retrieved 26 June 2019^
  63. Noosphere engineering school. New brainchild of engineering school was tested by the armed forces noosphereengineering.com, 31 October 2015, retrieved 28 December 2017^
  64. Boldi. Technical details on the Fancy Bear Android malware (poprd30.apk) Laboratory of Cryptography and System Security, Budapest University of Technology and Economics, 3 January 2017, retrieved 8 February 2018^
  65. Oleksiy Kuzmenko. Think Tank: Cyber Firm at Center of Russian Hacking Charges Misread Data Voice of America, 23 March 2017, retrieved 20 December 2017^
  66. Group allegedly behind DNC hack targeted Ukraine, report finds The Guardian, 22 December 2016, retrieved 19 July 2024^
  67. Christopher Miller. Fancy Bear Tried To Hack E-Mail Of Ukrainian Making Artillery-Guidance App RadioFreeEurope, 2 November 2017, retrieved 8 February 2018^
  68. Raphael Satter. Russia hackers pursued Putin foes, not just US Democrats Associated Press, 2 November 2017, retrieved 2 April 2019^
  69. Christopher Miller. 'Fancy Bear' Tried To Hack E-Mail Of Ukrainian Making Artillery-Guidance App Radio Free Europe/Radio Liberty, 2 November 2017, retrieved 2 April 2019^
  70. Joe Tidy. CrowdStrike IT outage affected 8.5 million Windows devices, Microsoft says BBC, 2024-07-20, retrieved 2026-02-25^
  71. CrowdStrike: What the 2024 outage reveals about security privacyinternational.org, retrieved 2026-02-25^
  72. Falcon Content Update Preliminary Post Incident Report CrowdStrike, 2024-07-24, retrieved 2026-02-25^
  73. CrowdStrike outage demonstrates need for resilience The Corporate Governance Institute, retrieved 2026-02-25^
  74. David Weston. Helping our customers through the CrowdStrike outage The Official Microsoft Blog, 2024-07-20, retrieved 2026-02-25^
  75. Kevin Poireault. CrowdStrike Apologizes for IT Outage, Defends Microsoft Kernel Access Infosecurity Magazine, 2024-09-25, retrieved 2026-02-25^
  76. Stewart Moncrieff. What Caused the Crowdstrike Outage: A Detailed Breakdown Messageware, 2024-08-13, retrieved 2026-02-25^
  77. Jesse Pound. We're raising our CrowdStrike price target following a beat and raise quarter CNBC, December 2, 2025, retrieved 2026-03-22^
  78. Our tech is sticky, there's a 95% chance customers will renew, says CrowdStrike CEO George Kurtz CNBC, August 28, 2025, retrieved 2026-03-22^
  79. Jonathan Stempel. Delta can sue CrowdStrike over computer outage that caused 7,000 canceled flights Reuters, 2025-05-19, retrieved 2026-02-25^
  80. Dan Raby. Delta must face class action lawsuit over CloudStrike outage, judge rules FOX 5 Atlanta, 2025-05-09, retrieved 2026-02-25^
  81. Max Zahn. Why did Delta take days to restore normal service after CrowdStrike outage? Experts weigh in. ABC News, 2024-07-27, retrieved 2026-02-25^
  82. Delta Air Lines Launches Lawsuit Against CrowdStrike Over July Outage www.asisonline.org, retrieved 2026-02-25^
  83. Delta sues CrowdStrike over software update that prompted mass flight disruptions CNN, 2024-10-26, retrieved 2026-02-25^
  84. Delta allowed to proceed with lawsuit against CrowdStrike over outage FOX 5 Atlanta, 2025-05-20, retrieved 2026-02-25^
  85. Delta Air Lines Launches Lawsuit Against CrowdStrike Over July Outage www.asisonline.org, retrieved 2026-02-25^
  86. Rohan Goswami. CrowdStrike moves to dismiss Delta Air Lines suit, citing contract terms CNBC, 2024-12-17, retrieved 2026-02-25^
  87. Tim Marcin. It’s 4 days later and Delta is still affected by the CrowdStrike outage. Here’s why. Mashable, 2024-07-23, retrieved 2026-02-25^