CrowdStrike Q3 Analysis: $101M Incident Costs & 23% ARR Growth

CrowdStrike Holdings, Inc., a dominant force in the cybersecurity space known for its cloud-native "Falcon" platform, recently released its quarterly report for the period ended October 31, 2025. For those unfamiliar, CrowdStrike specializes in endpoint protection—securing devices like laptops, servers, and mobile devices from cyber threats using artificial intelligence.

Following a highly publicized global IT outage in July linked to a CrowdStrike update, investors and analysts have been keenly waiting to see if the reputational hit would materialize in the financials. We have dug into the latest 10-Q filing to analyze the company's health, revenue composition, and the lingering financial impacts of that incident.

Below is a visualization of how revenue flows through the company’s income statement for the quarter:

Resilient Top-Line Growth

Despite the significant operational headwinds faced earlier in the year, CrowdStrike demonstrated robust growth. Total revenue for the quarter reached $1.23 billion, a 22% increase compared to the same period last year.

The vast majority of this revenue comes from subscriptions rather than one-time sales. Subscription revenue stood at $1.17 billion, accounting for roughly 95% of total revenue. This is a crucial metric for Software-as-a-Service (SaaS) companies, as it indicates predictable, recurring cash flow.

A key performance indicator for CrowdStrike is Annual Recurring Revenue (ARR), which measures the annualized value of active subscription contracts. As of October 31, 2025, ARR grew to $4.92 billion, up 23% year-over-year. This suggests that despite the service disruption in July, the platform remains "sticky," with customers continuing to renew and expand their usage of CrowdStrike’s modules due to high switching costs and the platform's efficacy.

The Financial Reality of the "July 19 Incident"

The filing provides specific details regarding the "July 19 Incident," where a content configuration update caused widespread system crashes for customers using Microsoft Windows.

While the company has weathered the revenue impact, the costs are tangible. In Note 10 of the filing, CrowdStrike discloses that for the nine months ended October 31, 2025, it recognized $101.6 million in expenses related to the incident. Crucially, the filing notes that this figure is net of insurance receivable recorded. This indicates that the gross expenses incurred were higher, and while insurance has absorbed some of the blow, the company is still absorbing a significant financial hit on its bottom line.

Furthermore, the 10-Q highlights ongoing legal risks. CrowdStrike is currently facing multiple putative class action lawsuits and government inquiries. The ultimate price tag of these legal challenges remains uncertain.

Profitability and Compensation Structure

Looking at the bottom line, CrowdStrike reported a GAAP Net Loss of $34.0 million for the quarter, widening from a loss of $16.8 million in the prior year period.

To understand why a company with $1.23 billion in revenue and a healthy 75% gross margin is reporting a loss, one must look at operating expenses, specifically Stock-Based Compensation (SBC). SBC is a non-cash expense used to reward employees with equity rather than cash.

• Sales and Marketing: $481 million (includes significant SBC).
• Research and Development: $347.6 million.

In this quarter alone, total stock-based compensation expense was approximately $283 million. If we were to exclude this non-cash charge, the company would show substantial operating profitability. This structure allows CrowdStrike to preserve cash for operations and acquisitions while reporting GAAP losses.

Expansion Strategies

CrowdStrike is not retreating into a defensive shell following the summer's events. The filing details an aggressive M&A strategy to broaden its platform. During the nine months ended October 31, 2025, the company used approximately $381 million (net of cash acquired) for business acquisitions.

Notable recent additions mentioned include Adaptive Shield, a leader in SaaS security posture management, and Pangea Cyber, which focuses on AI detection and response. This signals a strategy to move beyond just endpoint security and into broader cloud and AI security layers.

Conclusion

CrowdStrike’s Q3 filing paints a picture of a company that has managed to ringfence the damage from the July outage. The 23% growth in ARR suggests that the incident has not caused a mass exodus of customers, likely due to the platform's deep integration into enterprise stacks. However, with over $100 million in incident-related net costs already booked and legal proceedings ongoing, the company faces continued pressure to execute flawlessly against competitors like Microsoft and Palo Alto Networks.