Grade: F — Major Red Flags
Framework: Schilit *Financial Shenanigans* + Beneish M-Score + forensic accounting principles
Data: SEC EDGAR 10-K (Filed 2026-03-05) + Yahoo Finance
Auditor: PricewaterhouseCoopers LLP (PCAOB ID 238) — Clean opinion
One-line verdict: CrowdStrike is a cybersecurity leader with $5.3B in ARR growing 24%, yet it remains unprofitable — posting a $162.5M net loss in fiscal 2026 while carrying $820M in debt at 4.5x EBITDA with negative interest coverage. The D2 leverage check fails critically. The July 19 Incident — the catastrophic Falcon sensor update that crashed Windows systems worldwide — continues to weigh on results through customer commitment packages, legal costs, and reputational damage. The 10-K states the incident "has had, and is expected to continue to have, an adverse effect on our business, sales, customer and partner relations, reputation, results of operations and financial condition." Meanwhile, $1.1B in stock-based compensation expense consumes 68% of gross profit, raising questions about the true cost of running this business.
| Metric | Result |
|---|---|
| Red Flags | **1** |
| Watch Items | **4** |
| Checks Completed | **17/18** (1 N/A) |
| Beneish M-Score | **-2.95** (below -2.22 — unlikely manipulator) |
| F-Score (Fraud Probability) | **0.27** (0.10% probability) |
| Altman Z-Score | **2.18** (grey zone — moderate solvency concern) |
| Auditor | PricewaterhouseCoopers LLP — Unqualified opinion |
| Fiscal Year | 2026 (ended January 31, 2026) |
| Report Date | 2026-04-05 |
The Cybersecurity Platform Company
CrowdStrike operates a cloud-native cybersecurity platform centered on the Falcon sensor. From the 10-K: "ARR increased 24% year-over-year and grew to $5.3 billion as of January 31, 2026, of which $1.0 billion was net new ARR added during fiscal 2026."
Revenue breakdown from the filing:
| Line Item | FY2026 | FY2025 | FY2024 | YoY Growth |
|---|---|---|---|---|
| Subscription Revenue | $4,564.7M | $3,761.5M | $2,868.0M | +21% |
| Professional Services | $247.3M | $192.1M | $187.6M | +29% |
| **Total Revenue** | **$4,812.0M** | **$3,953.6M** | **$3,055.6M** | **+22%** |
The filing states: "Total revenue increased by $858.4 million, or 22%, in fiscal 2026, as compared to fiscal 2025." Subscription revenue growth "was primarily driven by a combination of the addition of new customers and the sale of additional sensors and modules to existing customers."
67% of revenue comes from the United States, 16% from EMEA.
Profitability: Still Losing Money
| Metric | FY2024 | FY2025 | FY2026 | Trend |
|---|---|---|---|---|
| Revenue | $3,055.6M | $3,953.6M | $4,812.0M | +22% YoY |
| Gross Profit | $2,296.6M | $2,963.5M | $3,593.1M | +21% |
| Gross Margin | 75.2% | 75.0% | 74.7% | Stable |
| Operating Loss | -$19.1M | -$116.4M | -$293.3M | **Worsening** |
| Net Income (Loss) | $72.2M | -$15.2M | **-$162.5M** | **Worsening** |
| Net Margin | 2.4% | -0.4% | **-3.4%** | Deteriorating |
The 10-K shows operating expenses at 81% of revenue in FY2026 vs. 78% in FY2025 and 76% in FY2024. The operating loss widened to $293.3M. Per the filing: "Loss from operations (293,292) (116,400) (19,141)."
The critical issue: $1.1 billion in stock-based compensation expense in FY2026, up from $861M in FY2025 and $649M in FY2024. SBC alone consumes 23% of total revenue and 30% of gross profit. Without SBC, CrowdStrike would be solidly profitable; with it, the company cannot post a GAAP profit.
Cash Flow: Strong OCF Masking Structural Issues
| Metric | FY2024 | FY2025 | FY2026 |
|---|---|---|---|
| Operating Cash Flow | $1,166.2M | $1,381.7M | $1,612.3M |
| Net Income (Loss) | $72.2M | -$15.2M | -$162.5M |
| **CFFO / Net Income** | **16.2x** | **-90.7x** | **-9.9x** |
| CapEx | -$237.1M | -$313.8M | -$370.9M |
| Free Cash Flow | $929.1M | $1,067.9M | $1,241.5M |
The CFFO/NI ratio is distorted by the net loss — but that itself is the concern. Operating cash flow of $1.6B looks impressive until you trace its components. The cash flow statement reconciliation reveals the add-back of $1.1B in stock-based compensation, $250M in depreciation and amortization, $449M in amortization of deferred contract acquisition costs, and the favorable working capital dynamics of deferred revenue growth. Deferred revenue grew from $3,728.7M to $4,753.4M — CrowdStrike collects cash upfront on multi-year subscriptions and recognizes revenue over time.
If SBC were treated as a cash expense (as it economically should be, since it dilutes shareholders), adjusted cash flow from operations would be approximately $514M — still positive, but dramatically less impressive.
The July 19 Incident: Ongoing Damage
The 10-K devotes extensive disclosure to the incident: "On July 19, 2024, we released a content configuration update for our Falcon sensor that resulted in system crashes for certain Windows systems (the July 19 Incident). We have incurred, and expect to continue to incur, costs related to the incident."
Key disclosures about ongoing impact:
Leverage: The Critical Red Flag
CrowdStrike's leverage metrics triggered our only FAIL:
| Metric | Value | Threshold |
|---|---|---|
| Debt/EBITDA | **4.5x** | >4x = fail |
| Interest Coverage | **-10.5x** | <2x = fail |
The company carries $820M in total debt. Per the filing: "debt obligations related to $750.0 million" in long-term notes. With a negative operating income of -$293M, the interest coverage ratio is deeply negative. This is a critical fail under our framework — the combination of >4x leverage and negative interest coverage constitutes financial stress.
The mitigating factor: $5.2B in cash and short-term investments covers the $820M debt more than 6x. CrowdStrike's liquidity is not the concern — it is the operating structure that cannot yet cover its debt burden from earnings.
Goodwill: $1.4B from Acquisitions
Per the filing: "Goodwill as of January 31, 2025 $912,805... Goodwill acquired $443,040... Goodwill as of January 31, 2026 $1,363,294." The goodwill increase "resulted from the acquisitions of Pangea Cyber Corporation and Onum Technology Inc."
Goodwill + intangibles total $1.5B, representing 34% of stockholders' equity — a watch item. Other non-current assets surged 183% year-over-year vs. 22% revenue growth, another watch item driven by the acquisitions.
Deferred Revenue and Remaining Performance Obligations
From the filing:
| Period | Beginning Balance | Additions | Recognition | Ending Balance |
|---|---|---|---|---|
| FY2026 | $3,728.7M | $5,836.8M | -$4,812.0M | $4,753.4M |
| FY2025 | $3,054.1M | $4,628.2M | -$3,953.6M | $3,728.7M |
"As of January 31, 2026, the aggregate amount of the transaction price allocated to remaining performance obligations was $9.0 billion." The company expects to recognize approximately 51% within 12 months and 43% over the following 13-36 months.
$9.0B in RPO provides significant revenue visibility — nearly 2x trailing annual revenue.
The 18-Point Screening
| # | Check | Result | Detail |
|---|---|---|---|
| A1 | DSO Change | PASS | DSO 103 days, change -1 day YoY. Stable |
| A2 | AR vs Revenue Growth | PASS | AR growth 20.7% vs revenue growth 21.7% |
| A3 | Revenue vs CFFO | PASS | Revenue +21.7%, CFFO +16.7%. Cash follows revenue |
| B1 | Inventory vs COGS | PASS | No material inventory (software company) |
| B2 | CapEx vs Revenue | PASS | CapEx growth 18.2% vs revenue 21.7%. Normal |
| B3 | SG&A Ratio | PASS | SG&A/Gross Profit = 69.6%. Near threshold but passing |
| B4 | Gross Margin | PASS | Gross margin 74.7%, change -0.3pp. Stable |
| C1 | CFFO vs Net Income | WATCH | CFFO/NI = -9.9x. Ratio distorted by net loss |
| C2 | Free Cash Flow | PASS | FCF $1.2B. Positive despite net loss |
| C3 | Accruals Ratio | PASS | Accruals ratio = -16.0%. Negative — no accrual concern |
| C4 | Cash vs Debt | PASS | Cash $5.2B covers debt $0.8B. 6.4x coverage |
| D1 | Goodwill + Intangibles | WATCH | $1.5B = 34% of equity |
| D2 | Leverage | **FAIL** | **Debt/EBITDA = 4.5x (>4x). Interest coverage = -10.5x (<2x). Financial stress** |
| D3 | Soft Asset Growth | WATCH | Other assets grew 182.9% vs revenue 21.7% |
| D4 | Asset Impairment | N/A | No separate write-off data |
| E1 | Serial Acquirer FCF | PASS | FCF positive after acquisitions |
| E2 | Goodwill Surge | WATCH | Goodwill + intangibles surged 43% YoY |
| F1 | Beneish M-Score | PASS | M-Score = -2.95 (< -2.22). Unlikely manipulator |
Beneish M-Score Component Breakdown:
| Component | Value | What It Measures | Concern? |
|---|---|---|---|
| DSRI | 0.991 | Days Sales in Receivables | Normal |
| GMI | 1.004 | Gross Margin Index | Normal |
| AQI | 1.171 | Asset Quality Index | Moderate — soft assets growing |
| SGI | 1.217 | Sales Growth Index | Normal for growth company |
| DEPI | 0.965 | Depreciation Index | Normal |
| SGAI | 1.025 | SG&A Index | Normal |
| TATA | -0.160 | Total Accruals to Assets — negative accruals | Good |
| LVGI | 0.920 | Leverage Index — deleveraging | Good |
The M-Score of -2.95 is well below the -2.22 safe threshold. The negative TATA reflects that cash flow exceeds net income — driven by deferred revenue dynamics and non-cash add-backs.
Key Risks from the 10-K
1. July 19 Incident — Lingering Liability
The filing warns: "The July 19 Incident has had, and is expected to continue to have, an adverse effect on our business, sales, customer and partner relations, reputation, results of operations and financial condition." Customer commitment packages are diluting revenue recognition, legal proceedings remain pending, and the reputational damage may take years to fully assess.
2. Persistent GAAP Losses and SBC Dependency
CrowdStrike has "a history of losses" per the filing. Stock-based compensation of $1.1B represents the majority of the gap between $1.6B OCF and the $162.5M net loss. The company is paying employees heavily in equity, diluting shareholders.
3. Competition
The 10-K warns of "increased competition in our markets" with the risk that "customer retention rates" may decline. The cybersecurity market includes Microsoft, Palo Alto Networks, SentinelOne, and others.
4. Altman Z-Score in Grey Zone
The Z-Score of 2.18 falls in the grey zone (1.10-2.60), reflecting negative retained earnings (-11.6% of total assets), negative operating income, and moderate debt levels. This is not distress, but it is not the safe zone either.
Key Financial Trends (4-Year)
| Metric | FY2023 | FY2024 | FY2025 | FY2026 |
|---|---|---|---|---|
| Revenue | $2,241M | $3,056M | $3,954M | $4,812M |
| Net Income (Loss) | -$183M | $72M | -$15M | -$163M |
| Gross Margin | 73.2% | 75.2% | 75.0% | 74.7% |
| Net Margin | -8.2% | 2.4% | -0.4% | -3.4% |
| CFFO | $941M | $1,166M | $1,382M | $1,612M |
| FCF | $675M | $929M | $1,068M | $1,242M |
| Cash | $2,705M | $3,475M | $4,323M | $5,230M |
| Total Debt | $784M | $793M | $789M | $820M |
| SBC | — | $649M | $861M | $1,098M |
| ARR | — | — | $4,242M | $5,253M |
Summary
Grade: F. One critical red flag — leverage — requires investigation.
CrowdStrike generates strong subscription revenue ($4.8B, +22%), maintains 75% gross margins, and produces $1.2B in free cash flow. ARR of $5.3B and RPO of $9.0B provide solid revenue visibility. The Beneish M-Score of -2.95 clears the company of manipulation concerns.
But the financial structure has a fundamental problem: CrowdStrike is a $4.8B revenue company that lost $162.5M on a GAAP basis while paying employees $1.1B in stock-based compensation. The leverage check fails critically — Debt/EBITDA of 4.5x and negative interest coverage signal a company whose earnings cannot service its debt obligations. The July 19 Incident continues to create headwinds through customer commitment packages, legal costs, and reputational damage.
The cash position is the saving grace: $5.2B covers the $820M debt more than 6x. CrowdStrike is not at risk of insolvency. But for earnings quality purposes, a company that has operated for over a decade in public markets, generates nearly $5B in revenue, and still cannot post a GAAP profit deserves deeper scrutiny.
The question is whether SBC will ever moderate enough for CrowdStrike to earn a real profit — or whether this is a company that generates cash through accounting mechanics (deferred revenue float) while perpetually diluting shareholders through equity compensation.
**Disclaimer**: This report is based on CrowdStrike's fiscal year 2026 10-K filed with the SEC on March 5, 2026. This is NOT investment advice.
**About EarningsGrade**: We screen earnings reports for financial red flags using an 18-point forensic framework. Grade F means major red flags were detected that warrant thorough investigation.