Dive Brief:
- Palo Alto Networks is fielding requests from organizations that are reevaluating their security vendors following last month’s global IT outage linked to a faulty CrowdStrike software upgrade.
- Businesses have engaged in discussions with Palo Alto Networks to potentially change security vendors, CEO Nikesh Arora told analysts Monday during a Q4 fiscal 2024 earnings call.
- “The recent outage has caused a number of customers to reevaluate their options,” Arora said. “They have initiated conversations with us around XDR and XSIAM.”
Dive Insight:
A mismatched software update in CrowdStrike’s Falcon sensor caused a global IT outage on July 19 impacting at least 8.5 million Microsoft Windows devices. The catastrophic update disrupted critical services across multiple industries.
Thousands of airline flights were canceled, major hospitals were forced to cancel surgeries and divert emergency room patients, and 911 emergency services were suspended in several locations across the U.S.
CrowdStrike CEO George Kurtz quickly and repeatedly apologized for the outage. The company issued a report pledging significant changes in its software testing and deployment practices to prevent such an outage from taking place in the future.
“That was a tough event. It simultaneously impacted tens of millions of users, which is unfortunate,” Arora said. “I appreciate the way CrowdStrike handled it.”
Customers have been asking Palo Alto Networks how it handles software upgrades. Arora said Palo Alto Networks deploys software using a 1% to 3% test sample before rolling out upgrades using a phased approach.
Palo Alto Networks was working to complete deals with some customers while they were busy trying to recover from the IT outage in July.
The outage caused some customers to step back and take a wider view of the XDR market, Arora said. Palo Alto Networks is not the leading provider in that particular space, but likely in the top four in terms of market share, so it’s “exciting because customers are willing to give us consideration in the XDR space.”
Arora’s comments confirm prior reports about customer backlash against CrowdStrike. In a July 22 report, Moody’s analysts warned CrowdStrike could take a hit on new software sales and renewals.
In response, CrowdStrike said customer support remains solid.
“There has been strong support from our customers, for which we are grateful,” a CrowdStrike spokesperson said via email. “At CrowdStrike, we are fully committed to upholding the highest standards of reliability and security, continuously improving our platform to meet our customers needs.”
Eric Grenier, director analyst at Gartner, said based on conversations he’s had with clients thus far, he doesn’t see CrowdStrike customers looking to jump ship to another security vendor.
“I do have clients asking how they can ‘sell’ sticking with (or renewing with) CrowdStrike to the business, or how they can make the business case for adding them as a net-new customer,” Grenier said via email. “This incident can be thought of as a one-off until proven otherwise.”
