AUSTIN, Texas–(BUSINESS WIRE)–CrowdStrike Holdings, Inc. (Nasdaq: CRWD), today announced financial results for the first quarter fiscal year 2027, ended April 30, 2026.
“In Q1, the worlds of cybersecurity and frontier AI collided: this was the Mythos moment. CrowdStrike is AI security infrastructure, critical to successful AI adoption,” said George Kurtz, CrowdStrike’s Founder and Chief Executive Officer. “Our record Q1 net new ARR, QuiltWorks coalition, and AIDR innovation are indicators of our own AI inflection point. We’re seeing platform adoption from existing customers, new logo lands, and increased partner engagement, each giving me the conviction to significantly raise our FY27 net new ARR guidance. The technology is here. The team is here. And the market opportunity is ours.”
Commenting on the company’s financial results, Burt Podbere, CrowdStrike’s Chief Financial Officer, added, “CrowdStrike delivered strong Q1 results, exceeding expectations across all guided metrics while accelerating growth and expanding profitability and cash flow. We delivered record Q1 net new ARR of $256 million, record cash flow from operations of $591 million, and record free cash flow of $468 million. We are raising our full-year net new ARR growth expectations to 27.7%, at the midpoint, now an acceleration over the prior fiscal year. Our record Q2 pipeline, continued strong retention, Falcon Flex momentum, and the AI technology wave are each tailwinds giving us conviction in CrowdStrike’s growth trajectory.”
Stock Split Authorization
CrowdStrike is also announcing that its board of directors has approved and declared a four-for-one split of the company’s outstanding shares of Class A common stock in the form of a stock dividend. Each stockholder of record at the close of business on June 25, 2026 (the “record date”) will receive, after the close of business on July 1, 2026, three additional shares for every share held on the record date, and trading is expected to begin on a split-adjusted basis on July 2, 2026.
First Quarter Fiscal 2027 Financial Highlights
- Revenue: Total revenue was $1.39 billion, a 26% increase, compared to $1.10 billion in the first quarter of fiscal 2026. Subscription revenue was $1.32 billion, a 26% increase, compared to $1.05 billion in the first quarter of fiscal 2026.
- Annual Recurring Revenue (ARR) grew 24% year-over-year to $5.51 billion as of April 30, 2026, of which $255.8 million was net new ARR added in the quarter.
- Subscription Gross Margin: GAAP subscription gross margin was 78%, compared to 77% in the first quarter of fiscal 2026. Non-GAAP subscription gross margin was 81%, compared to 80% in the first quarter of fiscal 2026.
- Income/Loss from Operations: GAAP loss from operations was $30.6 million, compared to $118.7 million in the first quarter of fiscal 2026. Non-GAAP income from operations was $325.7 million, compared to $201.1 million in the first quarter of fiscal 2026.
- Net Income/Loss Attributable to CrowdStrike: GAAP net income attributable to CrowdStrike was $27.8 million, compared to a loss of $104.3 million in the first quarter of fiscal 2026. GAAP net income per share attributable to CrowdStrike, diluted, was $0.11, compared to a loss of $0.42 in the first quarter of fiscal 2026. Non-GAAP net income attributable to CrowdStrike was $283.4 million, compared to $184.7 million in the first quarter of fiscal 2026. Non-GAAP net income attributable to CrowdStrike per share, diluted, was $1.10, compared to $0.73 in the first quarter of fiscal 2026.
- Cash Flow: Net cash generated from operations was $590.9 million, compared to $384.1 million in the first quarter of fiscal 2026. Free cash flow was $468.5 million, compared to $279.4 million in the first quarter of fiscal 2026.
- Cash and Cash Equivalents was $4.55 billion as of April 30, 2026.
Recent Highlights
- CrowdStrike’s module adoption rates grew to 51%, 35%, and 25% for six or more, seven or more, and eight or more modules, respectively, as of April 30, 2026.
- Announced the launch and expansion of Project QuiltWorks, an industry-first cybersecurity coalition featuring OpenAI and Anthropic to remediate frontier AI risk via the Falcon platform.
- The only cybersecurity company selected as a launch partner in both Anthropic’s Project Glasswing and OpenAI’s Trusted Access for Cyber (TAC) programs.
- Launched the Charlotte AI AgentWorks Ecosystem, a no-code development platform created with AWS, NVIDIA, and OpenAI to build and scale custom security agents on the Falcon platform.
- Unveiled Agentic MDR, the next evolution of managed detection and response that leverages elite analysts and intelligent agents to automate high-friction workflows and stop AI-accelerated breaches at machine speed.
- Established the endpoint as the epicenter for AI security with new Falcon platform innovations that extend discovery, governance, and runtime protection across SaaS, browser, and cloud environments.
- Expanded GovCloud offerings to accelerate public sector AI adoption, introducing FedRAMP High-authorized capabilities including Charlotte AI for Gov and External Attack Surface Management.
- Introduced CrowdStrike Falcon Data Security, a unified solution that discovers, classifies, and protects sensitive data across endpoints, browsers, SaaS, cloud, and AI workflows to stop data theft in real time.
- Expanded Cloud Detection and Response (CDR) capabilities to Google Cloud, providing unified, real-time protection and regional infrastructure support to meet global data sovereignty requirements.
- Introduced adversary-informed cloud risk prioritization within Falcon Cloud Security, unifying application behavior with adversary intelligence to identify and remediate the high-impact exposures most likely to be exploited.
- Expanded support for Microsoft Defender environments by launching Falcon OverWatch for Defender for managed threat hunting and Falcon Next-Gen SIEM integration, enabling organizations to ingest third-party telemetry and stop sophisticated attacks without requiring an additional sensor.
- Launched Flex for Services and the Zero Dollar Flex Fund, extending the Falcon Flex consumption model to CrowdStrike’s full services portfolio.
- Achieved FedRAMP High Authorization for Falcon for XIoT, extending the Falcon platform to secure mission-critical federal operational technology and connected infrastructure.
- Named the 2026 Google Cloud Security Partner of the Year for Infrastructure Protection for the second consecutive year and selected as a launch partner for the Google Agent Cloud Ecosystem to secure AI-driven applications.
- Formed a strategic partnership with Schwarz Digits to deliver Falcon natively on STACKIT’s sovereign cloud infrastructure, enabling enterprises to secure AI workloads while maintaining full data residency and sovereignty.
- Announced an expanded strategic collaboration with IBM to accelerate agentic SOC transformation by integrating Charlotte AI with IBM’s Autonomous Threat Operations Machine (ATOM).
- Expanded a strategic collaboration with Intel to optimize the Falcon platform for AI PCs, combining silicon-level telemetry with AI-native protection to secure data as workloads move to the endpoint.
- Named a Leader in the 2026 Gartner Magic Quadrant™ for Endpoint Protection1 for the seventh consecutive time, positioned furthest right for Completeness of Vision and highest for Ability to Execute among all vendors evaluated for the fourth time in a row.
- Named a Leader in the inaugural 2026 Gartner® ‘Magic Quadrant™ for Cyberthreat Intelligence Technologies’, a Customers’ Choice in the 2026 Gartner Peer Insights™ ‘Voice of the Customer for Security Information and Event Management (SIEM)’, a Customers’ Choice in the 2026 Gartner Peer Insights™ ‘Voice of the Customer’ for Managed Detection and Response (MDR)’ reports2.
- Named an Innovation and Growth Leader in the 2026 Frost Radar™: Cloud-Native Application Protection Platforms (CNAPP)3 for the fourth consecutive time.
- Recognized as Frost & Sullivan’s 2026 Global Company of the Year for Identity Threat Detection and Response4.
- Named a Leader and Fast Mover in the GigaOm Radar for Identity Threat Detection and Response (ITDR) Radar, v35.
Financial Outlook
CrowdStrike is providing the following guidance for the second quarter of fiscal 2027 (ending July 31, 2026) and increasing its guidance for fiscal year 2027 (ending January 31, 2027).
Guidance for non-GAAP financial measures excludes stock-based compensation expense and related employer payroll taxes, amortization of acquired intangible assets (including purchased patents), acquisition-related expenses (credits), net, amortization of debt issuance costs and discount, mark-to-market adjustments on deferred compensation liabilities, legal reserve and settlement charges or benefits, costs (recoveries) associated with the July 19 Incident and related matters, net, strategic plan related charges (benefits), net, losses (gains) and other expense (income) from strategic investments, and losses (gains) on deferred compensation assets, and is adjusted for its long-term non-GAAP effective tax rate. The company has not provided the most directly comparable GAAP measures because certain items are out of the company’s control or cannot be reasonably predicted. Accordingly, a reconciliation for non-GAAP income from operations, non-GAAP net income attributable to CrowdStrike, and non-GAAP net income per share attributable to CrowdStrike common stockholders, diluted, is not available without unreasonable effort.
These statements are forward-looking and actual results may differ materially as a result of many factors. Refer to the Forward-Looking Statements safe harbor below for information on the factors that could cause the company’s actual results to differ materially from these forward-looking statements.
Conference Call Information
CrowdStrike will host a conference call for analysts and investors to discuss its earnings results for the first quarter of fiscal 2027 and outlook for its fiscal second quarter and fiscal year 2027 today at 2:00 p.m. Pacific time (5:00 p.m. Eastern time). A recorded webcast of the event will also be available for one year on the CrowdStrike Investor Relations website ir.crowdstrike.com.
Forward-Looking Statements
This press release contains forward-looking statements that involve risks and uncertainties, including statements regarding CrowdStrike’s future growth and future financial and operating performance, including CrowdStrike’s financial outlook for the second quarter fiscal 2027, fiscal year 2027, and beyond; product developments; and anticipated tax rate. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release, including: risks associated with the content configuration update CrowdStrike released on July 19, 2024 for its Falcon sensor that resulted in system crashes for certain Windows systems (the “July 19 Incident”); risks associated with managing CrowdStrike’s rapid growth; CrowdStrike’s ability to identify and effectively implement necessary changes to address execution challenges; risks associated with new or existing products and services, including the risk of defects, errors, or vulnerabilities; CrowdStrike’s ability to respond to an intensely competitive and rapidly evolving market; length and unpredictability of sales cycles; CrowdStrike’s ability to attract new and retain existing customers; CrowdStrike’s ability to complete and successfully integrate acquisitions; the failure to timely develop and achieve market acceptance of new or existing products and services; CrowdStrike’s ability to collaborate and integrate its products with offerings from other parties to deliver benefits to customers; industry trends; rapidly evolving technological developments in the market for security products and services; and general market, political, economic, and business conditions, including those related to a deterioration in macroeconomic conditions, inflation, geopolitical uncertainty and conflicts, public health crises and volatility in the banking and financial services sector.
Additional risks and uncertainties that could affect CrowdStrike’s financial results are included in the filings CrowdStrike makes with the Securities and Exchange Commission (“SEC”) from time to time, particularly under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” including CrowdStrike’s most recently filed Annual Report on Form 10-K, most recently filed Quarterly Report on Form 10-Q, and subsequent filings.
Actual outcomes and results may differ materially from those contemplated by these forward-looking statements as a result of such risks and uncertainties. All forward-looking statements in this press release are based on information available to CrowdStrike as of the date hereof, and CrowdStrike does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.
Use of Non-GAAP Financial Information
CrowdStrike believes that the presentation of non-GAAP financial information provides important supplemental information to management and investors regarding financial and business trends relating to CrowdStrike’s financial condition and results of operations. For further information regarding these non-GAAP measures, including the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures, please refer to the financial tables below, as well as the “Explanation of Non-GAAP Financial Measures” and “Change in Non-GAAP Measures Presentation” sections of this press release.
Channels for Disclosure of Information
CrowdStrike intends to announce material information to the public through the CrowdStrike Investor Relations website ir.crowdstrike.com, SEC filings, press releases, public conference calls, and public webcasts. CrowdStrike uses these channels, as well as social media and its blog, to communicate with its investors, customers, and the public about the company, its offerings, and other issues. It is possible that the information CrowdStrike posts on social media and its blog could be deemed to be material information. As such, CrowdStrike encourages investors, the media, and others to follow the channels listed above, including the social media channels listed on CrowdStrike’s investor relations website, and to review the information disclosed through such channels. Any updates to the list of disclosure channels through which CrowdStrike will announce information will be posted on the investor relations page on CrowdStrike’s website.
Reports Referenced and Disclaimers
- Gartner® Magic Quadrant™ for Endpoint Protection, Deepak Mishra, Evgeny Mirolyubov, Nikul Patel, May 26, 2026
-
Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies, Jonathan Nunez, Jaime Anderson, Carlos De Sola Caraballo, May 4, 2026
Gartner®, Peer Insights™, Voice of the Customer for Security Information and Event Management, Peer Community Contributor, April 10, 2026
Gartner®, Peer Insights™, Voice of the Customer for Managed Detection and Response, By Peer Community Contributor, March 31, 2026 - 2026 Frost Radar™: Cloud-Native Application Protection Platforms (CNAPP)
- Frost & Sullivan’s 2026 Global Company of the Year for Identity Threat Detection and Response
- GigaOm Radar: Identity Threat Detection and Response (ITDR) Radar, v3, 26 May 2026
Gartner, Magic Quadrant and Peer Insights are trademarks of Gartner, Inc. and/or its affiliates.
Gartner does not endorse any company, vendor, product or service depicted in its publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this publication, including any warranties of merchantability or fitness for a particular purpose.
Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
The Gartner content described herein (the “Gartner Content”) represents research opinion or viewpoints published, as part of a syndicated subscription service, by Gartner, Inc. (“Gartner”), and is not a representation of fact. Gartner Content speaks as of its original publication date (and not as of the date of this Earnings Press Release), and the opinions expressed in the Gartner Content are subject to change without notice.
About CrowdStrike Holdings
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity, and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft, and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting, and prioritized observability of vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity, and immediate time-to-value.
CrowdStrike: We stop breaches.
For more information, please visit: ir.crowdstrike.com
© 2026 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services.
____________________________
__________________________
1. Stock-based compensation expense has been revised to reflect immaterial prior period adjustments.
2. Effective second quarter fiscal year 2026, we adopted a 21.0% long-term projected non-GAAP tax rate, reduced from the previous rate of 22.5%, in connection with the enactment of the One Big Beautiful Bill Act. This rate reflects the anticipated tax benefit from earning income outside the U.S. while retaining intellectual property within the U.S. The change is applied prospectively, and the tax rate for prior periods remains unchanged.
3. Adjustments are related to the difference between the GAAP provision for income taxes and non-GAAP provision for income taxes.
4. For periods in which we had diluted non-GAAP net income per share attributable to CrowdStrike common stockholders, the sum of the impact of individual reconciling items may not total to diluted non-GAAP net income per share attributable to CrowdStrike common stockholders because of rounding differences.
Explanation of Non-GAAP Financial Measures
In addition to determining results in accordance with U.S. generally accepted accounting principles (“GAAP”), CrowdStrike believes the following non-GAAP measures are useful in evaluating its operating performance. CrowdStrike uses the following non-GAAP financial information to evaluate its ongoing operations and for internal planning and forecasting purposes. CrowdStrike believes that non-GAAP financial information, when taken collectively, may be helpful to investors because it provides consistency and comparability with past financial performance and facilitates period-to-period comparisons of operations, as these measures eliminate the effects of certain variables unrelated to CrowdStrike’s overall operating performance. However, non-GAAP financial information is presented for supplemental informational purposes only, has limitations as an analytical tool, and should not be considered in isolation or as a substitute for financial information presented in accordance with GAAP.
Other companies, including companies in CrowdStrike’s industry, may calculate similarly titled non-GAAP measures differently or may use other measures to evaluate their performance, all of which could reduce the usefulness of CrowdStrike’s non-GAAP financial measures as tools for comparison.
Investors are encouraged to review the related GAAP financial measures and the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures and not rely on any single financial measure to evaluate CrowdStrike’s business.
Change in Non-GAAP Measures Presentation
Effective second quarter fiscal year 2026, CrowdStrike adopted a 21.0% long-term projected non-GAAP tax rate, reduced from the previous rate of 22.5%, in connection with the enactment of the One Big Beautiful Bill Act. This rate reflects the anticipated tax benefit from earning income outside the United States (U.S.) while retaining intellectual property within the U.S. The change is applied prospectively, and the tax rate for prior periods remains unchanged.
Non-GAAP Subscription Gross Profit and Non-GAAP Subscription Gross Margin
CrowdStrike defines non-GAAP subscription gross profit and non-GAAP subscription gross margin as GAAP subscription gross profit and GAAP subscription gross margin, respectively, excluding stock-based compensation expense and related employer payroll taxes, amortization of acquired intangible assets, and strategic plan related charges (benefits), net.
Non-GAAP Income from Operations
CrowdStrike defines non-GAAP income from operations as GAAP income (loss) from operations excluding stock-based compensation expense and related employer payroll taxes, amortization of acquired intangible assets (including purchased patents), acquisition-related expenses (credits), net, mark-to-market adjustments on deferred compensation liabilities, legal reserve and settlement charges or benefits, costs (recoveries) associated with the July 19 Incident and related matters, net, and strategic plan related charges (benefits), net.
Non-GAAP Net Income Attributable to CrowdStrike
CrowdStrike defines non-GAAP net income attributable to CrowdStrike as GAAP net income (loss) attributable to CrowdStrike excluding stock-based compensation expense and related employer payroll taxes, amortization of acquired intangible assets (including purchased patents), acquisition-related expenses (credits), net, mark-to-market adjustments on deferred compensation liabilities, legal reserve and settlement charges or benefits, costs (recoveries) associated with the July 19 Incident and related matters, net, strategic plan related charges (benefits), net, amortization of debt issuance costs and discount, losses (gains) and other expense (income) from strategic investments, and losses (gains) on deferred compensation assets, and is adjusted for its long-term non-GAAP effective tax rate.
Non-GAAP Net Income per Share Attributable to CrowdStrike Common Stockholders, Diluted
CrowdStrike defines non-GAAP net income per share attributable to CrowdStrike common stockholders, as non-GAAP net income attributable to CrowdStrike divided by the weighted-average shares outstanding, which includes the dilutive effect of potentially dilutive common stock equivalents outstanding during the period.
Free Cash Flow
Free cash flow is a non-GAAP financial measure that CrowdStrike defines as net cash provided by operating activities less purchases of property and equipment, capitalized internal-use software and website development costs, and purchases of and proceeds from deferred compensation investments, net. CrowdStrike monitors free cash flow as one measure of its overall business performance, which enables CrowdStrike to analyze its future performance without the effects of non-cash items and allows CrowdStrike to better understand the cash needs of its business. While CrowdStrike believes that free cash flow is useful in evaluating its business, free cash flow is a non-GAAP financial measure that has limitations as an analytical tool, and free cash flow should not be considered as an alternative to, or substitute for, net cash provided by operating activities in accordance with GAAP. The utility of free cash flow as a measure of CrowdStrike’s liquidity is further limited as it does not represent the total increase or decrease in CrowdStrike’s cash balance for any given period. In addition, other companies, including companies in CrowdStrike’s industry, may calculate free cash flow differently or not at all, which reduces the usefulness of free cash flow as a tool for comparison.
Explanation of Operational Measures
Annual Recurring Revenue
ARR is calculated as the annualized value of CrowdStrike’s customer subscription contracts as of the measurement date, assuming any contract that expires during the next 12 months is renewed on its existing terms. To the extent that CrowdStrike is negotiating a renewal with a customer after the expiration of the subscription, CrowdStrike continues to include that revenue in ARR if CrowdStrike is actively in discussion with such an organization for a new subscription or renewal, or until such organization notifies CrowdStrike that it is not renewing its subscription.
Dollar-Based Net Retention Rate
CrowdStrike’s dollar-based net retention rate compares its ARR from a set of subscription customers against the same metric for those subscription customers from the prior year. CrowdStrike’s dollar-based net retention rate reflects customer renewals, expansion, contraction and churn, and excludes revenue from its incident response and proactive services. Dollar-based net retention rate as of period end is calculated by starting with the ARR from all subscription customers as of 12 months prior to such period end, or Prior Period ARR. CrowdStrike then calculates the ARR from these same subscription customers as of the current period end, or Current Period ARR. Current Period ARR includes any expansion and is net of contraction or churn over the trailing 12 months, but excludes revenue from new subscription customers in the current period. CrowdStrike then divides the Current Period ARR by the Prior Period ARR to arrive at its dollar-based net retention rate.
Dollar-Based Gross Retention Rate
Dollar-based gross retention rate as of the period end is calculated by starting with the ARR from all subscription customers as of 12 months prior to such period, or Prior Period ARR. CrowdStrike then deducts from the Prior Period ARR any ARR from subscription customers who are no longer customers as of the current period end, or Current Period Remaining ARR. CrowdStrike then divides the total Current Period Remaining ARR by the total Prior Period ARR to arrive at its dollar-based gross retention rate, which is the percentage of ARR from all subscription customers as of the year prior that is not lost to customer churn.
Definition of Module Adoption Rates
Module adoption rates are calculated by taking the total number of customers with six or more, seven or more, and eight or more modules, respectively, divided by the total number of subscription customers (excluding Falcon Go customers). Falcon Go customers are defined as customers who have subscribed with the Falcon Go bundle, a package designed for organizations with 100 endpoints or less.
