- Stock Market Nerd
- Posts
- Nvidia & SentinelOne Earnings Reviews
Nvidia & SentinelOne Earnings Reviews

In case you missed it from this earnings season:
Table of Contents
1. SentinelOne (S) — Earnings Review
a. SentinelOne 101
SentinelOne directly competes with CrowdStrike, Microsoft Defender and Palo Alto in endpoint security. It’s also quickly expanding into cloud security, which adds Zscaler and pretty much every large next-gen platform as competition.
It specializes in small-and-medium-sized business (SMB) clients and is expanding up-market. While CrowdStrike’s overarching platform is called Falcon, SentinelOne’s comparable suite is called the “Singularity Platform.” Core products include Endpoint Detection and Response (EDR). EDR offers constant monitoring and protection of endpoints (like a company iPhone). It unveils, prioritizes and responds to observed threats. Like CrowdStrike, it offers highly autonomous services and a slick, lightweight agent to drive efficient work and interoperability. This, in turn, means overarching coverage and superior breach protection vs. legacy incumbents.
Also similar to CrowdStrike, SentinelOne boasts a complementary data analytics platform (which it calls the Singularity Data Lake). This lake can ingest structured data from a multitude of diverse security products. It’s the perfect sidekick for everything it offers, as it can seamlessly collect data once, and recycle that data across as many relevant use cases as it needs to. This capability is especially important for the firm’s Extended Detection and Response (XDR). XDR is simply EDR with more diverse data usage to extend protection beyond solely the endpoint.
The Singularity Data Lake ingests data via “log scale,” which means logarithmically organizing and storing information. The company also says customers get lower cost and faster querying speeds with it. The service of aggregating data (or “logs”) to help organizations uncover and remediate threats is called Security Information and Event Management (SIEM). It recently launched an AI-augmented SIEM tool… fittingly named AI SIEM.
All in all, there are three compelling effects of this product architecture:
Open, inter-platform data sharing leads to more effective algorithm seasoning to drive better coverage and false positive minimization.
Cross-selling is especially margin accretive for this business model. SentinelOne incurs most of its customer costs as it deploys its first module; cross-sells are almost pure margin.
Seamless expansion into other relevant security niches…
Just like CrowdStrike (noticing a theme?), it’s also actively expanding into cloud security. Important cloud security acronyms:
CNAPP = Cloud Native Application Protection Platform. This is a buzz phrase used to describe a firm’s full set of cloud tools.
CWP = Cloud Workload Protection. It’s an agent-based, preventative cloud protection tool to observe any bad behavior by cloud environment entrants. It sounds the alarm bell for SentinelOne’s automated breach protection and, if needed, the Managed Detection and Response (MDR) threat hunting team (called Vigilance).
CSPM = Cloud Security and Posture Management. CSPM reports vulnerabilities and conducts configuration analysis in any cloud environment. It can flag improper permissions or hygiene. It doesn’t stop breaches in isolation, but does offer needed alerts, which frees other cloud tools like CWP to do so.
It acquired PingSafe to expedite delivery of this key cloud capability and bring its product suite closer to parity with CrowdStrike.
Launched AI Security Posture Management (AI-SPM) to extend its CSPM offering to AI apps and models. CSPM tools are repurposed here to offer the same misconfiguration and hygiene issue-flagging services in the world of GenAI.
Cloud Infrastructure Entitlement Management (CIEM). CIEM offers seamless oversight of access controls/entitlements for cloud assets. It can “detect over-privileged humans and machines, pinpoint toxic permission combinations and curtail risk with greater speed and efficiency.” This was one of the largest product gaps remaining between SentinelOne’s suite compared to Palo Alto and CrowdStrike.
It more recently added runtime security to stop breaches in cloud environments.
Agent vs. Agentless in Cloud:
CWP takes an agent-based approach, while CSPM is agentless. Agent-based requires a direct software installation, while agentless does not. One isn’t objectively better than the other. Agentless is considered cheaper, easier to deploy and easier to scale. It’s perfect for lower-stakes use cases like configuration analysis and is an ideal complement to CWP. Companies just starting out with finite budgets, massive potential scaling needs and a lack of hyper-sensitive data can adopt an agentless approach. Agent-based is considered more comprehensive and has more complete visibility. Industries with tighter regulation, more sensitive assets, a need for real-time EDR and more complex compliance are well served by agent-based. By offering both, SentinelOne can address both markets, thus eliminating the need for disparate point solutions.
GenAI:
PurpleAI is SentinelOne’s overarching GenAI platform layer to up-level its product offering. It’s quite similar to CrowdStrike’s Charlotte AI, in that it can actively detect anomalies, summarize cases, help orchestrate remediations and fix issues with a human analyst’s permission. All of this pushes beginner-level security analysts to much higher levels of capability. This matters a lot in our budget and talent-constrained world.
b. Key Points
Underwhelming quarter.
Decent cross-selling traction.
New $200M buyback program.
Strong remaining performance obligation (RPO) growth.
c. Demand
Beat revenue estimate & beat identical guidance by 0.4% each.
Missed ARR estimate by 0.4%. Missed net new ARR (NNARR) estimate & missed identical guidance by 12.5% each.
Missed $100,000+ ARR customer estimate by 1%.
The bright spot of this quarter’s demand was 33% Y/Y remaining performance obligation (RPO) growth; this was 5% ahead of expectations.


d. Profits & Margins
Slightly beat 79% GPM estimate & slightly beat identical guidance.
Slightly beat -$4.6M EBIT estimate by $700,000 & slightly beat identical guidance.
Met $0.02 EPS estimate.
Comfortably beat $25M FCF estimate by $20M.


e. Balance Sheet
$770M in cash & equivalents.
$439M in long-term investments.
5.9% Y/Y share dilution. This must slow down faster than it currently is. It did announce a new $200M buyback, but I’d love to see a little stock comp discipline to complement that help.
Reply