Twitter

Link your Twitter Account to Market Wire News


When you linking your Twitter Account Market Wire News Trending Stocks news and your Portfolio Stocks News will automatically tweet from your Twitter account.


Be alerted of any news about your stocks and see what other stocks are trending.

home / news releases / S - SentinelOne: Lack Of Expansion Is A Problem

S - SentinelOne: Lack Of Expansion Is A Problem

Sprint Corporation

2023-12-01 07:01:31 ET

Summary

  • Demand headwinds appear to be easing, but competition from CrowdStrike is a risk.
  • SentinelOne's NRR continues to decline, despite the introduction of products in areas like data, identity, and cloud. This raises questions about the company's ability to consolidate spending on its platform.
  • The Company valuation remains modest given its growth rate, but this likely won't matter until growth stabilizes and S stock starts to generate positive cash flows.

SentinelOne ( S ) has a history of large losses, and its growth has decelerated rapidly in recent quarters, causing investors to question whether it can survive as a standalone company. While the macro environment remains soft, there are signs that demand headwinds for endpoint security companies are beginning to ease. In addition, concerns about SentinelOne's efficiency are overblown, as demonstrated by the company's rapid improvement in profitability. The combination of these factors and SentinelOne's modest valuation could set the stock up to perform well going forward, but there is risk from competition. In particular, CrowdStrike's ( CRWD ) business is going from strength to strength, and its focus on SMB customers is increasing. SentinelOne's inability to sustain growth through solutions in new areas like data, identity, and cloud is also concerning.

Market

While the demand environment remains difficult for software companies, SentinelOne has suggested conditions have stabilized somewhat. Demand appears to be variable across cybersecurity sub-categories though. For example, firewall sales are under pressure at the moment and SASE growth appears to be decelerating still.

CrowdStrike's Q3 FY2024 results indicated that endpoint growth may be beginning to stabilize, and there are several fundamentals that support this. Endpoint security companies are in part dependent on device growth to drive sales, and this should be related to employment levels. Tertiary educated employment growth in the US has been moderating over the past 18 months but may now be beginning to bottom.

Figure 1: Tertiary Educated Employment Growth and SentinelOne Revenue Growth (source: Created by author using data from SentinelOne and The Federal Reserve)

The expansion of endpoint security companies into the cloud is also increasing their dependence on cloud workloads. Hyperscaler revenue growth decelerated sharply over the past 18 months, although now appears to have stabilized, albeit at a fairly low level.

Figure 2: Cloud Revenue Growth and SentinelOne Revenue Growth (source: Created by author using data from company reports)

While the near-term remains uncertain, SentinelOne still has an estimated 100 billion USD opportunity ahead of it. Cybersecurity also continues to benefit from a number of tailwinds, including the SEC's new rules requiring public companies to disclose cybersecurity incidents within 4 days. In addition, the volume and sophistication of attacks continue to increase, and both of these factors should drive demand for AI-powered and automated security.

Consolidation is also an important trend within cybersecurity, although this could be considered a headwind for SentinelOne, depending on how its competitive position is viewed. Consolidation is partly driven by customers, but the growing importance of data and the need to protect against more complex threats are also consolidating forces. In this regard, SentinelOne is reasonably well placed as endpoints generate the most telemetry. It doesn't have the scale of companies like Palo Alto Networks ( PANW ), Microsoft ( MSFT ), and CrowdStrike though.

Despite this, the company has differentiated technology and has stated that it continues to win a significant majority of competitive evaluations against both next-gen and legacy vendors. SentinelOne also believes that its competitive position is improving due to its technological differentiation. SentinelOne believes it is taking market share, but perhaps more importantly, CrowdStrike is gaining market share much faster.

SentinelOne has suggested that Microsoft often ends up costing customers more than they expect and that it is not best-of-breed in security. Microsoft has a large position in the market though, and for many customers, an ok solution may be considered good enough. With CrowdStrike increasing its focus on the SMB segment, SentinelOne must be able to convince customers of the value of its platform relative to both next-gen and legacy solutions.

SentinelOne

I have previously written about SentinelOne's core platform, which I think could have a technical advantage for a number of reasons. At this point though, I believe SentinelOne's success is dependent on its go-to-market team and its ability to drive adoption of expansion solutions like cloud security, data security, identity security, and vulnerability management.

So far, the evidence on this front is mixed, particularly compared to the success that CrowdStrike is having. Singularity Cloud is SentinelOne's fastest-growing solution , followed by strong contributions from Singularity Data Lake, Vigilance MDR, and Ranger. Over 30% of SentinelOne's revenue is now generated outside of the endpoint. Cloud revenue is growing by increase of 100% YoY and represents over 20% of quarterly ACV.

SentinelOne recently introduced Ranger Insights, a vulnerability management solution, which connects application vulnerability identification and endpoint mitigation. Ranger Insights provides a continuous profile of a customer's environment, highlighting vulnerabilities as they occur. This solution expands SentinelOne's TAM by 5-7 billion USD.

A vulnerability management platform allows organizations to:

  • Gain visibility across the attack surface
  • Anticipate threats and prioritize remediation efforts
  • Improve decision-making through a greater understanding of risk

Trends like cloud computing, IoT, and remote work are expanding the attack surface, complicating vulnerability management:

  • Identity and access management systems used to control user privileges are a potential weak point
  • Operational technology is increasingly becoming linked to existing IT systems and the internet
  • Remote work and mobile workforces have resulted in a proliferation of personal devices
  • Virtual machines, containers, etc. are common in the cloud

Last year, more than 26,000 vulnerabilities were discovered, and this year more than 16,000 have been discovered so far.

SentinelOne's expansion into vulnerability management is not surprising given the company's position on the endpoint. This is also supported by the expansion of endpoint companies into areas like operational technology security, data security and identity security. This is something I had previously highlighted when writing about Tenable ( TENB ).

Purple AI, SentinelOne's generative AI solution, is expected to launch next year . CrowdStrike and SentinelOne are positioning their generative AI solutions as tools to level up analysts. While users may find this type of technology beneficial, I don't think this will be a meaningful value driver for cybersecurity companies. SentinelOne has also suggested that Purple AI will reduce the learning curve of its technology, reducing the advantage that legacy tools have.

SentinelOne also recently introduced a Cloud Data Security solution that provides high-speed malware detection products. Cloud Data Security automatically scans every file added to NetApp and Amazon S3 storage and automatically remediates and quarantines any malicious files detected.

Financial Analysis

SentinelOne's revenue increased 46% YoY in the second quarter, with ARR growing 47%. Revenue from international markets grew 57% compared to growth of around 40% in North America. Growth was reportedly driven by a mix of new customers and expansion within existing customers. SentinelOne guided to 156 million USD in revenue in the third quarter, which would represent roughly 35% growth YoY. This seems reasonably conservative, and I would expect growth to come in closer to the 39-42% range. A stabilization of growth along with continued progress towards profitability would go a long way towards helping SentinelOne's stock move higher.

Figure 3: SentinelOne Revenue Growth (source: Created by author using data from company reports)

SentinelOne continues to attract customers at a reasonable pace, adding 700 new customers in the second quarter. SentinelOne's customer base now exceeds 11,000, although this does not include customers served by MSSP partners. Growth is reportedly strong amongst large enterprises, SMBs and MSSP partners.

Figure 4: SentinelOne Customers (source: Created by author using data from SentinelOne)

SentinelOne's NRR continues to contract, which is concerning given that the introduction of new products and customer consolidation should be driving solid expansion rates. Some of this is the result of SentinelOne's acquisition of Attivo, which is now included in the company's NRR calculation. Excluding this impact, SentinelOne's NRR would have been 120% .

Figure 5: SentinelOne Net Retention Rate (source: Created by author using data from company reports)

SentinelOne's gross profit margin continues to rise on the back of stable pricing , economies of scale and data processing efficiencies. Gross profit margins are likely to continue to rise in coming quarters as these factors continue to have a positive influence. Gross profit margins probably don't have that much further to rise though, increasing the importance of operating expense efficiency.

Figure 6: SentinelOne Gross Profit Margins (source: Created by author using data from company reports)

SentinelOne's operating profit margins are improving rapidly on the back of continued revenue growth and a focus on costs. Despite this, SentinelOne is still fairly inefficient given its growth and scale. The company expects to achieve positive free cash flow in the second half of FY2025. SentinelOne is probably still at least 2 years away from breakeven from a GAAP profitability perspective though.

Figure 7: SentinelOne Operating Profit Margins (source: Created by author using data from company reports)

Valuation

SentinelOne appears inexpensive based on its growth rate and potential profitability. Its history of large losses and rapid growth deceleration have kept investors away though. This has been compounded by uncertainty regarding whether SentinelOne has the scale and portfolio of solutions necessary to remain competitive long-term as the cybersecurity industry consolidates.

While macro headwinds appear to be easing, CrowdStrike's focus on SMBs threatens what has historically been SentinelOne's core market. SentinelOne's inability to maintain to drive growth with newer solutions like data, identity and cloud is also concerning. If growth begins to stabilize in the third quarter, SentinelOne's stock should continue to move higher. If growth continues to fall, it will add to the narrative that SentinelOne is not viable as a standalone company.

Figure 8: SentinelOne Relative Valuation (source: Created by author using data from Seeking Alpha)

For further details see:

SentinelOne: Lack Of Expansion Is A Problem
Stock Information
Company Name: Sprint Corporation
Stock Symbol: S
Market: NYSE
Website: sentinelone.com
Menu
S S Quote S Short S News S Articles S Message Board
Get S Alerts

News, Short Squeeze, Breakout and More Instantly...