Inside CrowdStrike’s AI-Fueled Push to Secure the Agentic Enterprise

CrowdStrike (NASDAQ:CRWD) opened fiscal 2027 with record Q1 net new ARR of $256 million, up 32% year over year, and ending ARR of $5.51 billion, growing more than 24%. Revenue reached $1.39 billion, up 26%, while free cash flow reached $468 million, or 34% of revenue.

Management also raised full-year net new ARR guidance by more than $50 million, citing stronger demand tied to AI security needs.

The company linked enterprise AI adoption to new security requirements across endpoints and identity systems.

CEO George Kurtz said cybersecurity is “foundational AI infrastructure” and described CrowdStrike’s work with Anthropic and OpenAI on frontier AI programs. That discussion tied into CrowdStrike’s Falcon AI security portfolio, which management presented as central to helping customers protect AI workloads and agentic systems.

Why It Matters: CrowdStrike’s message was that AI adoption now requires a security architecture built for agents and runtime control. The company described AI security as a requirement for safe deployment, with effects on endpoint controls and platform consolidation. Kurtz summarized the customer need directly by saying, “If you want to create AI, you need GPUs. If you want to use AI, you need security.”

• Falcon’s Growth and Enterprise AI Adoption: Kurtz said AI adoption is an “existential imperative” across geographies and industries, and he tied that demand to a greater need for cybersecurity. He said CrowdStrike is being viewed as “critical AI infrastructure” and noted that the company was selected by Anthropic and OpenAI at the start of new frontier model programs. The discussion framed Falcon as a security foundation for organizations trying to deploy AI with stronger controls.

• Project QuiltWorks Gave a Framework for AI-Related Vulnerability Response: The company launched QuiltWorks after Anthropic’s Project Glasswing and OpenAI’s Trusted Access for Cyber program to help organizations manage vulnerabilities that frontier models could help weaponize. Kurtz said customer and board conversations centered on the question “Is my organization protected?” That demand helped support the adoption of Falcon Exposure Management and Falcon for IT, which the company said nearly doubled year over year in the quarter.

• AI Detection and Response: CrowdStrike said AI DR ending ARR grew more than 250% sequentially, with Q2 pipeline already above $50 million. Kurtz said agents run on endpoints and interact with files, APIs, and data at the process level, which creates a need for runtime visibility and response. He said, “To detect and respond to AI threats in real-time, you need a runtime sensor where AI executes.”

• SOC Automation Tied to Next-Gen SIEM and Charlotte AI: The company said its Next-Gen SIEM business exceeded $600 million in ending ARR and described Charlotte AI as the “reasoning engine across Falcon.” Charlotte AI is used to triage alerts and automate investigations across the platform. CrowdStrike also introduced AgentWorks, an ecosystem of purpose-built AI agents built on Falcon data.

• Identity and Falcon Flex Were Linked to the Rise of Agentic Workloads: The said every AI agent needs an identity and a governance model, highlighting SGNL for policy-based authorization over agentic workloads. In cloud security, Kurtz said AI workloads require runtime protection and control because long-running agents operate inside containers and cloud environments. The company also said Falcon Flex accounts reached more than $1.9 billion in ending ARR, helped by customers expanding commitments through re-Flex activity.

Go Deeper -> Crowdstrike’s Earnings Report – MarketBeat

---

Our Latest CIO Field Notes

---