CrowdStrike CEO George Kurtz has Microsoft squarely in his sights

In an interview with Protocol, Kurtz said that while "everyone wants to make sure customers are protected," Microsoft should place a higher priority on "creating secure software."

George Kurtz, chief executive officer of Crowdstrike Inc., stands for a photograph following a Bloomberg Technology television interview in San Francisco, California, U.S., on Wednesday, Sept. 25, 2019. Kurtz reacted to President Donald Trump's cryptic remark about the company in a call to Ukraine's president. Photographer: Michael Short/Bloomberg via Getty Images

George Kurtz, CEO of CrowdStrike, spoke with Protocol about secure software.

Photo: Michael Short/Bloomberg via Getty Images

The continuance of large numbers of security vulnerabilities in Microsoft software and architectural weaknesses in some of its systems, such as the Active Directory identity service, should be troubling to any customer, CrowdStrike co-founder and CEO George Kurtz told Protocol.

"Customers are asking the question, 'Do I really want to put all my eggs in one basket, with a company that has a long history of not creating secure software?'" Kurtz said in a recent interview.

"Some will. Some are going to do it,” he said. “But there are a lot of companies that are saying, 'This can be a real risk to the company, using both Microsoft for security as well as applications, cloud, and everything else.'"

Kurtz, of course, is far from unbiased, given the fierce competition between his company's Falcon endpoint detection and response product and Microsoft's EDR, Defender. IDC figures have shown CrowdStrike in the lead on endpoint security market share, with 12.6% of the market in 2021, compared to 11.2% for Microsoft. However, CrowdStrike's growth of 68% in the market last year was surpassed by Microsoft's growth of nearly 82%, according to the IDC figures.

Speaking with Protocol, Kurtz discussed Microsoft's strategy of bundling Defender into its higher-tier Office 365 productivity suite, known as E5, as well as Microsoft's efforts to keep vulnerabilities out of its software. He also spoke about upcoming product categories that CrowdStrike plans to add as new modules on the company’s platform and the company's acquisition strategy.

This interview has been lightly edited for clarity and brevity.

Is it safe to assume that external attack surface management is going to be your next module?

It is. We're really excited about that. [Reposify is] a really cool company out of Israel, great technology. What they're focused on is really automating the understanding of internet-exposed infrastructure or cloud infrastructure, where things might be misconfigured or exposed — which is a huge problem.

Can you give any sense on what modules you might look at adding after that?

We can’t really can't comment on the future [modules]. But I think if you look at the areas that we've been focused on, I'll maybe start there.

Obviously, people know us for endpoint and for cloud workload protection and visibility. We got into the identity space with Preempt — that's not an Okta competitor, it's more identity threat detection and prevention. And then we did an acquisition of SecureCircle in the data space because we do think that [data loss prevention] is a market that can be disrupted. It's kind of like the legacy [antivirus] market: [There are] not a lot of people happy with it, [it] doesn't work so great.

So it's really about putting those together and filling out more capabilities in each one of those three buckets. Obviously, we've got great capabilities, but there's always more than we can do, there's always additional companies out there [that could fit as] a module.

Do you think you would potentially do a larger acquisition at some point?

I think we evaluate deals as they come in, on a case-by-case basis. But our focus really has been smaller deals, good teams, and good technology.

In terms of the competitive landscape, I get the impression that Microsoft's E5 bundling of Defender can be pretty tempting for some customers. What are you doing to win EDR customers in light of that strategy by Microsoft?

Well I think you’ve got to start at the top, which is: There's really a crisis in trust with Microsoft for a lot of [customers]. I mean, every Tuesday is another zero-day Tuesday. So do you want your security architecture to be built by the same people who have more CVEs to their name than anyone else in the industry? Many don't.

The simple answer is, don't put all the eggs in one basket. And they want dedicated technology that is more advanced than signature-based AV. Defender, in part, is a signature-based AV product, with some other things bolted on top of it. So it starts there.

We've had many enterprise customers that looked at Microsoft, and when they looked at it, they're like, "We need five or six different consoles." They've come back and said, "We need many, many more people to run the Microsoft suite that we can't hire, and it would cost us more money than having the E5 license already in use." [CrowdStrike offers] immediate time to value, a better outcome, and lower costs. And that's what wins deals.

So the cost savings from E5 licensing is not the full story, then?

Who's going to run it? Who's going to administer it? How many consoles are you going to have? How much people-power does it take to actually run? Just do the math. Our customers have done the math, and we help them as well. We are significantly cheaper to operationalize than Microsoft. And we're going to have a better outcome.

What makes CrowdStrike so much less people-intensive?

Because we've got one console. We've got a single-agent architecture. Because of the architecture and the modular format, all built in the cloud, it doesn't require [as many people]. If you have a whole mishmash of different technologies that you bought and put together with five consoles, it's going to take a lot more effort to manage and operationalize it. We're built in the cloud. Microsoft started [as an] AV product. [CrowdStrike] is just a different architecture that is easier to use and requires less users to use it.

On at least one occasion in the past, a Microsoft executive suggested that security vendors shouldn't criticize each other because they should be working together on behalf of customers. What do you think about that idea?

Everyone wants to make sure customers are protected. But I think they should start with creating secure software. And when you look at some of these vulnerabilities, and some of the patches that have to be re-patched, and you look at just architecturally some of the decisions they've made, like with Active Directory, it's terrible. How is it that Microsoft technology is one of the only technologies that you can actually steal a password and reuse it without ever cracking it? It's just that the architecture is bad, and they have a lot of legacy decisions that still haunt customers today. That's Microsoft's fault.

Is there anything that you'd give Microsoft credit for in terms of security, or that you think was a good move on security by them?

They've done some decent acquisitions, for sure. And they've hired some good people there. But you can't just market your way out of it. You can't blame other people. And you've got to look inside and start fixing some of your own issues.


Judge Zia Faruqui is trying to teach you crypto, one ‘SNL’ reference at a time

His decisions on major cryptocurrency cases have quoted "The Big Lebowski," "SNL," and "Dr. Strangelove." That’s because he wants you — yes, you — to read them.

The ways Zia Faruqui (right) has weighed on cases that have come before him can give lawyers clues as to what legal frameworks will pass muster.

Photo: Carolyn Van Houten/The Washington Post via Getty Images

“Cryptocurrency and related software analytics tools are ‘The wave of the future, Dude. One hundred percent electronic.’”

That’s not a quote from "The Big Lebowski" — at least, not directly. It’s a quote from a Washington, D.C., district court memorandum opinion on the role cryptocurrency analytics tools can play in government investigations. The author is Magistrate Judge Zia Faruqui.

Keep ReadingShow less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more.

Keep ReadingShow less
The Financial Technology Association (FTA) represents industry leaders shaping the future of finance. We champion the power of technology-centered financial services and advocate for the modernization of financial regulation to support inclusion and responsible innovation.

AWS CEO: The cloud isn’t just about technology

As AWS preps for its annual re:Invent conference, Adam Selipsky talks product strategy, support for hybrid environments, and the value of the cloud in uncertain economic times.

Photo: Noah Berger/Getty Images for Amazon Web Services

AWS is gearing up for re:Invent, its annual cloud computing conference where announcements this year are expected to focus on its end-to-end data strategy and delivering new industry-specific services.

It will be the second re:Invent with CEO Adam Selipsky as leader of the industry’s largest cloud provider after his return last year to AWS from data visualization company Tableau Software.

Keep ReadingShow less
Donna Goodison

Donna Goodison (@dgoodison) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

Image: Protocol

We launched Protocol in February 2020 to cover the evolving power center of tech. It is with deep sadness that just under three years later, we are winding down the publication.

As of today, we will not publish any more stories. All of our newsletters, apart from our flagship, Source Code, will no longer be sent. Source Code will be published and sent for the next few weeks, but it will also close down in December.

Keep ReadingShow less
Bennett Richardson

Bennett Richardson ( @bennettrich) is the president of Protocol. Prior to joining Protocol in 2019, Bennett was executive director of global strategic partnerships at POLITICO, where he led strategic growth efforts including POLITICO's European expansion in Brussels and POLITICO's creative agency POLITICO Focus during his six years with the company. Prior to POLITICO, Bennett was co-founder and CMO of Hinge, the mobile dating company recently acquired by Match Group. Bennett began his career in digital and social brand marketing working with major brands across tech, energy, and health care at leading marketing and communications agencies including Edelman and GMMB. Bennett is originally from Portland, Maine, and received his bachelor's degree from Colgate University.


Why large enterprises struggle to find suitable platforms for MLops

As companies expand their use of AI beyond running just a few machine learning models, and as larger enterprises go from deploying hundreds of models to thousands and even millions of models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

As companies expand their use of AI beyond running just a few machine learning models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

Photo: artpartner-images via Getty Images

On any given day, Lily AI runs hundreds of machine learning models using computer vision and natural language processing that are customized for its retail and ecommerce clients to make website product recommendations, forecast demand, and plan merchandising. But this spring when the company was in the market for a machine learning operations platform to manage its expanding model roster, it wasn’t easy to find a suitable off-the-shelf system that could handle such a large number of models in deployment while also meeting other criteria.

Some MLops platforms are not well-suited for maintaining even more than 10 machine learning models when it comes to keeping track of data, navigating their user interfaces, or reporting capabilities, Matthew Nokleby, machine learning manager for Lily AI’s product intelligence team, told Protocol earlier this year. “The duct tape starts to show,” he said.

Keep ReadingShow less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

Latest Stories